Resultados 1 a 3 de 3
  1. #1
    WHT-BR Top Member
    Data de Ingresso
    Dec 2010

    Exclamation [EN] Aplicativos da Google Play (Android) comprometidos por malware

    Android apps that have been downloaded millions of times have been subverted to mine virtual coins for cyberthieves

    27 March 2014 Last updated at 11:33 GMT
    Android apps booby-trapped to mine virtual cash

    Android apps that have been downloaded millions of times have been subverted to mine virtual coins for cyberthieves, say security firms.

    Two firms have found apps inside and outside the Google Play store seeded with the hidden mining code.

    The programs have been mining coins for the Dogecoin, Litecoin and Casinocoin virtual currencies.

    If installed, the booby-trapped apps will run down a phone's battery very quickly, said researchers.
    Hot phones

    Some of the apps harbouring the mining code were found on non-official Android stores but two of the programs, called Songs and Prized, are still available on the Google Play store. Songs has been downloaded at least one million times.

    Lookout said it had seen the apps in stores popular in Spain and France.

    Thieves are keen to steal computer power because virtual currencies such as Bitcoin, Dogecoin and others rely on large networks of connected machines. All those computers verify who is spending what and fresh coins are handed out for being involved - a process known as mining.

    The more computer power someone can amass, the more mining they can do and, potentially, the more coins they can acquire.

    However, using phones to do the mining was "odd", said Trend Micro researcher Veo Zhang in a blogpost detailing the apps seeded with the crypto coin code.

    "Phones do not have sufficient performance to serve as effective miners," he said.

    Lookout security researcher Marc Rogers said the simplistic nature of the code made it potentially dangerous as it made no attempt to manage how much processing power it used. Instead, he said, it just grabbed as much as it can.

    "It will drive the hardware to mine until it runs out of battery," he said. "Overheating associated with this kind of harsh use can also damage hardware."

    Those behind the coin code might have made efforts to hide the fact that phones were mining but users were still likely to notice, said Mr Zhang.

    "Slow charging and excessively hot phones will all be seen, making the miner's presence not particularly stealthy," he wrote. "Yes, they can gain money this way, but at a glacial pace."

    Despite this, he said, one of the groups producing the malicious apps had managed to amass thousands of Dogecoins which they then swapped for Bitcoins. One Bitcoin is currently worth £337.

    Mr Rogers from Lookout said users might notice as mining involves swapping lots of data back and forth - which could quickly eat up a monthly data allowance.

    Mr Zhang said Trend Micro had told Google's Android security team about its findings. Google has yet to comment on the discovery of the mining apps.
    BBC News - Android apps booby-trapped to mine virtual cash

  2. #2
    WHT-BR Top Member
    Data de Ingresso
    Dec 2010
    Apps with millions of Google Play downloads covertly mine cryptocurrency

    Comentário de leitor:

    It's interesting how the discussion of this article more or less centers around whether this scheme is workable or is efficient, or how much it would mine, but no outrage, alarm, criticism, or even a whimper of a complaint about the fact that there are apps that hijack people's phone that you can get not only from questionable sites, but even from the Google Play Store, and they have not done anything about it yet. If fact, this is essentially a trojan, and Ars thinks this is an issue of the store's "position" on whether it should allow apps to covertly do things that uses up the user's resources to benefit only the app owner with no benefit to the app user. There are even few posts that suggests better ways to do this. Is this now the expected and accepted condition?
    Ainda há vida inteligente na Internet.

    Obviamente que imediatamente apareceu um discipulo para defender o evil na base do FHC fez também FHC fez pior:

    Almost every app in the market is a trojan now. If they're not monetizing your computational power they're monetizing your data, or your eyeballs view of ads. None of them are good about telling you how much they're selling your personal data for, and while the ads are very visible and in your face many of them are designed to make you accidentally click through instead of dismiss.

    There's just not a lot to get mad about anymore.
    Relaxa e Goza. O Google é meu amigo, brigou com ele, brigou comigo.

    Detalhe: A matéria é "decorada" com uma foto enorme de um smartphone ... Samsung. Da Motorola ou Google Nexus nem pensar né? Só faltou falar mal da Microsoft ...
    Última edição por 5ms; 27-03-2014 às 13:39.

  3. #3
    Data de Ingresso
    Oct 2010
    Rio de Janeiro
    E daí minha preferência pelo iOS...

Permissões de Postagem

  • Você não pode iniciar novos tópicos
  • Você não pode enviar respostas
  • Você não pode enviar anexos
  • Você não pode editar suas mensagens