Cybercriminals are now targeting your devices so they can use their computational power to run their mining operations
Google has banned developers from publishing their cryptocurrency mining applications on its Google Play Store.
The new policy was included in Googles Developer Policy Centre where they state: “We don’t allow apps that mine cryptocurrency on devices. We permit apps that remotely manage the mining of cryptocurrency.”
Barry Shteiman, vice president of research and innovation at Exabeam, told Computer Business Review: “I think it’s a reasonable move by the giant to protect the layman. The subset of users that actually want to use their devices for crypto mining vs the ones that are lured into it without their knowledge is probably not very meaningful.”
“In that case, Google much like Apple need to take the responsible approach of preventing unwanted or unhealthy usage of their end user’s devices. I do see room however to take a less deterministic approach by providing a disclaimer on these apps such as stating upon install that “This app performs cryptocurrency mining on your device that may have a negative effect on the device resources and battery life” which then makes the user very aware of the app’s capabilities and therefor maintains freedom of use.”
At the time of writing the Google Play Store was still displaying applications that mine cryptocurrency on your device and not though cloud based applications, which are allowed.
What is Cryptocurrency Mining in A Nut Shell
A distributed journal is a record of transactions or interactions. Using Bitcoin as an example, two types of people interact with it, users and miners. Users want to move their coins around and have the ledger updated with the new transactions.
A computer is chosen to upload a new block of information by being the first to solve a computational heavy task like a mathematical equation. This consumes a massive amount of computational power and the miner is who does this work, they are then rewarded with cryptocurrency for their effort.
Slow down Others Reap the Rewards
Mining for cryptocurrency can be a very profitable endeavour and some analysts have reported that organised cyber-criminal gangs have moved from ransomware and cyberattack ventures to spending their computational power – or yours – on mining.
David Emm, Principal Security Researcher at Kaspersky Lab told Computer Business Review he had “actually seen a slight decline in ransomware attacks over the last two years.”
“Ransomware is rapidly declining, and crypto-currency mining is starting to take its place. This general trend has been noticed across the industry as cybercriminals continue to use cryptocurrency mining to target victims, and it’s something we predict will continue to rise.”
A Kaspersky Labs report notes: “Although there are groups of people who hoodwink unwitting users into installing mining software on their computers, or who exploit software vulnerabilities to do so, mining is legal.”
“It simply results in threat actors receiving cryptocurrency, while their victims’ computer systems experience a dramatic slowdown.”
“In 2017 we started seeing botnets designed to profit from concealed cryptomining, and attempts to install miners on servers owned by organizations.”
Cryptomining is very heavy on computational power and if your organisation ends up with a hidden program running it, you take the strain of the work and reap none of the coins.