Cryptojacking Apps Discovered on Google Play

Despite the bold move by Google earlier this March, to ban all advertising related to cryptocurrency and ICOs, there are mobile apps on Google Play which mine cryptocurrency in the background.


Sophos Labs recently discovered 25 apps which ran the java scripts to mine Monero (XMR) cryptocurrency. These apps that ran these java scripts were mostly educational apps, games, and other utility apps and had been downloaded up to 120,000 times as reported by Sophos Labs. List of a few such apps: 


These apps mined had an embedded code from coinhive, which would work under the hood and use CPU to solve the cryptographic code required to mine.  However, this code from Coinhive is specifically tailored to crunch numbers using CPU and not GPUs. Hence these apps target the phone’s CPU.

Another reason to mine Monero via crypto jacking is that it offers enough privacy to keep the source, destination, and the amount mined hidden. Unlike Laopi, a mobile mining malware, this code uses CPU throttling to avoid the mistakes like overheating, device slows down, rapid battery drain etc.

Google Play Store Apps-min

11 of these apps were educational apps for standardization tests given in the US, like GRE or SATs. However, the remaining accused apps include:

  • Trance Droid by Happy Appys
  • HDS Vendors – published by Taste of Life Group
  • Dominoes Games from Fun Board Games
  • Mobeleader from Abser Technologies S.L.
  • Palkar by
  • Dizi Fragmanları İzle from Oguzhan Kivrak
  • Helper for Knight Game from Evgeny Solovyov
  • Game Viet 2048 from Thanhtu Media
  • A Paintbox For Kids by Uwe Post
  • Afterlife: RPG Clicker CCG by Levius LLC
  • Info Guru Pendidikan by Cakrawala Pengetahuan
  • Lighton by Buyguard
  • Tapbugs and Dreamspell – both published by Riccotz

Only some of the apps have been taken down, However, most of these apps still remain available on the Google Play Store. And this has been happening long before Google’s Ad ban on cryptocurrencies and is happening even after the recent announcement of the partial uplifting of the same ban.

To prevent yourself, Sophos Lab posts the app package details as shown below. Moreover, steps to check package name a specific app:

  1. Go to Google Play on a PC.
  2. Search for the App you want to verify, and click on the app.
  3. Now check the URL, and you will notice something like this
  4. The text after ’id=’ is the package name.

Packaging name

Some relevant articles you can refer:

  1. Google Bans Cryptocurrency Mining Apps from Play Store
  2. Google Plays Store Still has Apps with Crypto Mining Options

Have you come across any of these types of apps? Stay alert!

Follow us on Social Media – TwitterTelegramLinkedinInstagramFacebook!

Show More

Disclaimer : The opinion expressed here is not investment advice – it is provided for informational purposes only. It does not necessarily reflect the opinion of Coinpedia. Every investment and trading involves risk, so you should always perform your own research prior to making decisions. We do not recommend investing money you cannot afford to lose.

Qadir AK

Qadir Ak is the founder of Coinpedia. He has over a decade of experience writing about technology and has been covering the blockchain and cryptocurrency space since 2010. He has also interviewed a few prominent experts within the cryptocurrency space.

Related Articles

Back to top button