Russian Developer Snuck Cryptocurrency Mining into Android Apps

Apps found in Google Play turned mobile devices into cryptocurrency miners unbeknownst to their users, according to researchers from security firm Ixia.

A Russian developer installed cryptocurrency mining code in his popular crossword game app
Puzzle
as well as his in-game awards and bonuses app Reward Digger, without notifying users they would be mining cryptocurrency coins on his behalf, according to researchers.
Although its not illegal for developers to put cryptocurrency-mining capabilities into their own apps, the issue becomes an ethical one if users are not aware their mobile devices are being used to mine cryptocurrency, says Steve McGregory, who leads the Application & Threat Intelligence (ATI) team at Ixia that recently studied the rigged apps.
Oxothuk, the user name of the independent developer who created the two apps, included crypto-mining features in the apps without adequately informing users, McGregory told Dark Reading. Cryptocurrency mining consumes CPU power, electricity, and data usage as information is passed during the mining process, he notes, which can degrade device performance.
ATI discovered
Oxothuks apps on Nov. 2 when it noticed their cryptocurrency mining capabilities. We found he was not disclosing what the apps were doing and that is deceptive to users, MGregory says. Puzzle alone has had 5 million to 10 million downloads.
One of the unique aspects of the apps is the creator shared his user name Oxothuk for the mining pools, rather than only list his wallet address to authenticate the miners, McGregory notes. He felt he was doing nothing wrong at all, whereas others who know they are being deceptive will not want to be found and will try to obfuscate their identity, says McGregory.
Indeed. Oxothuk, in an interview with Dark Reading, contends that he informed his users of his mining intent in the apps terms and conditions. He says some hackers instead hide their cryptocurrency mining intent from users and chew up their CPU power without their permission.
Regardless, Reward Digger was taken offline by Google after ATI reported the app, and Puzzle was updated on Nov. 8. But McGregory notes that the Puzzle app continues to trick users into letting them earn in-game coins while Oxothuk earns real crypto-currency coins.
Join Dark Reading LIVE for two days of practical cyber defense discussions. Learn from the industry’s most knowledgeable IT security experts. Check out the INsecurity
agenda here
.
Related Content
:
Cybercriminals Employ Driveby Cryptocurrency Mining
How to Make a Ransomware Payment - Fast
5 Reasons Why the CISO is a Cryptocurrency Skeptic

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Russian Developer Snuck Cryptocurrency Mining into Android Apps