The malware, identified by Lookout as “BadLepricon,” appeared in six wallpaper apps with between 100 and 500 installs each. Google has since removed them from the store.
As Lookout’s Meghan Kelly notes, the average mobile device isn’t exactly an ideal tool for Bitcoin mining. “A phone’s computing power doesn’t actually result in that many coins,” she writes. “Every coin has a difficulty rate, which is determined by the amount of computing power needed to mine that coin and other factors. The difficulty for Bitcoin is so tough right now that a recent mining experiment using 600 quadcore servers was only able to generate 0.4 Bitcoins over one year.”
Still, according to Kelly, the malware designer does seem to have been concerned about destroying victims’ devices (or, at least, avoiding detection) — BadLepricon checks the battery level, connectivity and display every five seconds, and only operates when the battery is at over 50 percent capacity, the display is turned off, and the phone has network connectivity.