A month after Google banned all apps that mined cryptocurrency on Android devices, many of those apps remained live on the Play Store.
Google issued a blanket ban on all software with crypto-mining capabilities on 28 July, and gave software developers 30-day grace period to comply with the new rules. However, according to a report by the Next Web, there were numerous mobile apps that remained on the store even after the deadline had passed.
The Next Web followed eight cryptocurrency mining applications since Google’s new policy was announced, and found that only three of them were removed after the ban. NeoNeonMiner, Crypto Miner PRO, Pickaxe Miner, and Pocket Miner were still available for download on Google Play Store a month after the introduction of the policy. Of those, only Bitcoin Miner claims to have updated their code to comply with Google’s new rules.
Another mining app called MinerGate has also disappeared from Google Play Store, but confirmed they have removed on-device mining capabilities from their software. Google still allows applications that manage mining operations on other devices to be published on the Play Store.
“Mining on your phone directly was among the core features of the MinerGate app before the last changes in Google Play Development policies,” a MinerGate representative said for Hard Fork. “With the last update, we are removing this functionality to meet the updated requirements.”
On-Device Mining Goes Rogue
As of the writing of this article, with the exception of Bitcoin Miner, all four crypto mining applications have been removed from Google Play Store. However, the ban applies only to software released through the Play Store, and cannot prevent developers from releasing on-device mining apps on third-party platforms. MinerGate has already bypassed the policy and has released an older version of their application with on-device mining capabilities on their website.
The Next Web also predicts developers will find other loopholes to Google’s ban and distribute apps with on-device mining features. According to the website, third-party apps will become the preferred target of rogue cryptojacking code, as Google has no power over such software.
“Most users are unaware of the repercussions involved with mining cryptocurrency on a mobile device,” said crypto expert Troy Mursch. “Mobile devices are not designed, nor optimized to mine cryptocurrency.”
Another potential point-of-breach is through cryptojacking code on web pages. Trend Micro Incorporated discovered in a study that cryptojacking attempts have increased tenfold compared to the same period of 2017. In April 2018, after a report on malicious cryptojacking in web extensions, Google removed crypto mining apps from its Chrome Web Store after 90% of the applications “failed to comply” with the web giant’s rules.