Android and the Bitcoin Miners

unnamedNo its not the name of a band, and yes it does sound pretty James Bond meets Thor / Iron Man i.e. like daft fantastic …but the title above seems, nevertheless to have some basis in truth. Android, famously open source is now  perhaps infamously Open Sauce. By the time you have read this your favourite Android phone, sitting seemingly innocently in your trouser pocket may have been engaged in a sort of co-operative mining subterfuge in pursuit of untold riches of the virtual yet transferable coinage of the Gods of Ether…Bitcoin.. Oh yes, isn’t technology wonderful?

So what’s happening exactly? Well according to Stuart Dredge, technology expert at The Guardian newspaper there are millions of Android devices engaged in actively mining Bitcoin…….without their owner having the foggiest idea that it is happening. The words “stealth” may be applied by a more generous soul than I, to my mind its fraud and deception on a grand scale. It happens when an app you have downloaded contains some code which is activated once it detects a data link is possible and then gets to work hooning your data allowance and sucking the life blood from your battery. Researchers have already identified a couple of apps which are sitting on about 10 million Android phones right now doing their dirty deeds. This may be the tip of a very unappealing iceberg.

images

The serious point here is that this is exploiting faithful and loyal Android users in a way that can only be described as dishonest and fraudulent. The devices are using the phones data connectivity to mine for Bitcoins, i.e. stealing bandwidth. The user gets to pay for the bandwidth but doesn’t get to enjoy the fruits of the ill begotten gains made via this stolen bandwidth.  A double whammy too because this mining activity drains power like kryptonite drains Superman. The continual re charging of the device costs money (real money on someone’s electricity bill) and reduced the life expectancy of the device.

The mining activity happened as soon as the app containing the code is downloaded. The code is launched and the CPU mining gets under way, whilst connecting to a dynamic domain for an anonymous mining pool. All the mining data is sent to a central database where the analysis takes place. Presumably this is the place where coinage bought up from the data is extracted.

If Android is to avoid a splurge of bad PR, they’d better sort out this weakness sooner rather than later as it’s hard to see the general public welcoming the exploitation of their bandwidth without reward. beware the” no armed” bandit!