Experts of company Trend Micro has revealed a hidden miner HiddenMiner, which masquerades as an app for Google Play updates, and after the activation as an administrator on an Android device produced on it in the background Monero.
HiddenMiner the creators have provided several ways in which the miner stays on the device invisible. For example, the application icon after installation becomes invisible. The virus may also damage the phone due to overheating or lock it when a user tries to change the settings.
The researchers also found that the individuals behind miner, derived from one of associated cryptococal 26 XMR, and the victims of the attackers were mostly people of India and China.
To deactivate the virus on a phone, users are advised to restart the device in safe mode and remove the application and the administrator account.
We will remind, in February, researchers from a Chinese company 360Netlab specializing in security, discovered a virus that is hidden is mining Monero on Android devices, including smartphones, tablets and TVs. His victims were mostly Chinese people (39%) and South Korea (39%). Two weeks ago, Microsoft managed to prevent a massive cyber attack on the computers of nearly 400 thousand users of the Windows operating system, the purpose of which was to run on infected devices for mining.