How to Tell If Your Android Phone’s Been Infected by Mining Malware

Although mobile malware is less of a problem than it used to be back in the days of yore when Google was getting the hang of entering the smartphone market, the cryptocurrency market started to make hacking more profitable due to the ability to commandeer the resources of other people’s systems to mine digital coins.

As the desktop and corporate system ecosystems get crowded with all sorts of malware, new hackers turn their gaze towards mobile phones, which boast a decent amount of performance for their chips. Now your phone has a target on its back, and it’s time to arm yourself to combat the issue.

The Process

phonemining-mobile

Usually, when a hacker wants to infect an Android phone, they will make a fake app that merely mines cryptocurrency while running in the background. Another method would be to inject code into an otherwise legitimate app, making it harder for the victim to suspect that this app is the culprit.

Since the vast majority of mobile phones don’t have dedicated GPUs that process things in the same way that desktop chips do, the app will often use the phone’s CPU.

What’s the Harm?

lg-p710-optimus-l7-ii-qualcomm-pm8029-on-main-printed-circuit-board

There’s a reason people don’t use their phones to mine cryptocurrencies. Although they can squeeze a lot of computing power without consuming a lot of electricity, you don’t see mining centers stocking up on smartphones. Instead, they are either using GPUs or stocking up on specialized chips called ASICs. The only reason someone would mine cryptocurrency on a smartphone would be to ruin it.

Your smartphone’s battery is designed to take the rigors of daily use with flair and, as a result, benefit from a longevity of a few years. However, if you begin stressing the battery, it will generate heat, and its internal resistance will go up. Even for short periods of time with some interruption, your battery will suffer permanently if you apply enough stress for it to climb above 30°C (86°F). As you do this more, the anode on the battery will crystallize further.

For now, the only conclusion you should reach is that any excessive abuse of your battery is terrible for its health.

So, let’s say you start mining Monero on your phone. This will push the CPU to its limits, sucking as much juice out of your battery as it can deliver. Over an extended period (even for a week or so) the effects will be undoubtedly visible. After the mining stops, the phone’s battery just won’t last as long as it used to.

If you do this too much, you could end up making the battery virtually useless, especially since you’d have to put it through several charge cycles, all of which will take place while the phone’s mining. Imagine a 2-amp charge coming into the battery while it’s being drained with as much wattage as the CPU can muster. In some instances, its health diminishes quite noticeably in less than a month!

In some phones that may not have the best heat dissipation capability, the situation only gets worse. You could end up with a hardware failure or, to put the icing on the cake, your battery could just start bulging out of your phone because of the immense heat.

What Are the Signs?

phonemining-heat

Since crypto mining malware has far more devastating consequences for smartphones than PCs, it’s that much more important to spot the signs of a leech on your device before it has a chance to wreak havoc. Luckily for you, the symptoms of mining malware are much easier to spot on a phone. Here are a few you can detect immediately without using any specialized software:

  • Your phone feels unusually hot on your hand even after you’ve stopped using it for a while.
  • The interface often stutters even when you’re just looking at your settings.
  • Apps take much longer to open than they used to just a while ago.
  • Your keyboard takes much longer to pop up when you want to type something.
  • The battery life of your phone abruptly starts to drop. You find yourself having to charge your device much more often now.

Of course, you have to find the culprit if you want to save your phone from its impending doom.

Stopping the Malware in Its Tracks

phonemining-drunkandroid

Barring an advanced task manager, probably the easiest way to find out which app is using your phone to mine is to look at your battery statistics. On the latest version of Android, this can be done via “Settings -> Battery -> Consumption level.”

Almost all versions of Android will show you battery consumption statistics ordered by what share each app has expressed as a percentage. The app with the highest rate is most likely the culprit. Once you’ve uninstalled the app, your phone should be fine.

Fortunately, malware for mobile phones generally isn’t sophisticated enough to “hook” to the system or fiddle with permissions that make it hard to remove, as is usually the case with Windows viruses. Uninstall it and it’s gone!

Prevention Is Key

Three things are generally true about apps that mine cryptocurrencies on your phone maliciously:

  • If you look for an official website, you won’t find one unless it’s a fake version of another app with a site. Hackers generally see no purpose in going through that much effort just so that their malware looks legitimate. They either make an APK and market it through other means or piggyback on the success of another app with their fake version.
  • The APKs these hackers make don’t generally reside on Google Play. You usually get these by downloading them from other sites or through other app repositories. A few of them have made it through Google Play’s system, but they were always removed as swiftly as they came in.
  • You might come across these APKs as a link from an infected friend that sent it to you. Rarely will you ever see these APKs in official channels.

See a pattern here? There are only two things you need to do to prevent getting hit by mining malware: look for signs of fishiness and avoid downloading apps outside of Google Play.

Sure, some apps can only be installed via third-party sites (such as Gab, a social network focused on the freedom of expression), but these are rare exceptions. In those cases you could enable the setting to allow apps from unknown sources temporarily but then disable it once you’ve installed your app. This should only be done in the case you’re absolutely sure that the app you’re downloading is trustworthy enough not to wreck your phone.

Now that we got this all out of the way, have you ever been hit by malware on Android? Tell us about your experience!

Subscribe to our newsletter!

Our latest tutorials delivered straight to your inbox

Miguel Leiva-Gomez
Miguel Leiva-Gomez - Staff Writer

Miguel has been a business growth and technology expert for more than a decade and has written software for even longer. From his little castle in Romania, he presents cold and analytical perspectives to things that affect the tech world.