| Recurring |
one_organization, multiple_organization |
(a) The software failure incident related to unauthorized cryptomining on Android smartphones has happened again at the same organization, Google Play. Trend Micro expanded on an initial report by security firm G Data International, detailing the malware ANDROIDOS_KAGECOIN.HBTB, which uses the processing power of individual mobiles to mine cryptocurrencies without the owners' knowledge [25040].
(b) The software failure incident of unauthorized cryptomining on Android smartphones has also occurred at multiple organizations. Trend Micro discovered bitcoin-mining code hidden in repackaged versions of Football Manager Handheld and TuneIn Radio outside Google Play, indicating that this type of malware has affected apps from various developers [25040]. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident related to the design phase can be seen in the article where it mentions that the malicious apps on Google Play, such as Songs and "Prized", contained code to mine cryptocoins without the users' knowledge. The apps included a request to run the mining software within their terms and conditions, which users unknowingly agreed to by clicking "OK" [Article 25040].
(b) The software failure incident related to the operation phase is evident in the article where it describes how the mining software, once activated on the affected devices, would run in the background when the device was connected to the internet. This operation of mining for cryptocoins in the background without the users' consent led to issues such as slow charging, overheating, and quick battery drain on the devices [Article 25040]. |
| Boundary (Internal/External) |
within_system |
(a) within_system: The software failure incident reported in the articles is primarily within the system. The failure occurred due to the presence of malicious code within apps downloaded from the Google Play store. These apps contained code that would secretly mine cryptocoins using the processing power of the devices without the knowledge or consent of the owners. The failure was facilitated by the inclusion of mining software within the terms and conditions of the apps, which users unknowingly agreed to when clicking "OK" [25040].
(b) outside_system: There is no explicit mention in the articles of the software failure incident being caused by contributing factors originating from outside the system. The incident primarily revolves around the malicious code embedded within the apps and the deceptive practices employed to mine cryptocoins without user consent. |
| Nature (Human/Non-human) |
non-human_actions |
(a) The software failure incident occurring due to non-human actions:
The software failure incident in the articles was caused by non-human actions, specifically by malware known as ANDROIDOS_KAGECOIN.HBTB. This malware injected legitimate cryptocurrency mining code from existing apps into repackaged versions of Android apps, leading to the unauthorized mining of bitcoin, dogecoin, and litecoin on affected devices [25040].
(b) The software failure incident occurring due to human actions:
The software failure incident in the articles was not directly caused by human actions. However, the apps containing the mining code were stealthily incorporating 'hashing' software without the knowledge of the owners, indicating a lack of transparency and potentially misleading terms and conditions set by the developers [25040]. |
| Dimension (Hardware/Software) |
software |
(a) The software failure incident in the articles is primarily related to software rather than hardware. The incident involves Android smartphones being used to mine cryptocoins without the owners' knowledge through apps downloaded from Google Play. The apps contain code to join phones to a cryptocoin-mining "pool" without user consent, leading to battery drain and potential device performance issues [25040]. The failure is attributed to the malicious software injected into legitimate apps, causing the devices to engage in cryptocurrency mining activities without the users' awareness.
(b) The software failure incident is directly linked to software issues. The incident involves the presence of malware, specifically the ANDROIDOS_KAGECOIN.HBTB, which injects legitimate cryptocurrency mining code into repackaged versions of Android apps. This software failure is a result of the malicious code hidden within the apps, exploiting the processing power of individual mobile devices to mine cryptocurrencies without the users' permission or knowledge [25040]. The failure is rooted in the software's ability to run in the background, connect to mining pools, and consume device resources without user consent. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident described in the articles is malicious in nature. The incident involves apps on the Google Play store that stealthily incorporate 'hashing' software to mine cryptocoins without the owners' knowledge. The apps contain code that joins phones to a cryptocoin-mining "pool" without user consent, effectively stealing processing time. This behavior is intentional and harmful, as it negatively impacts the affected devices by draining battery life and potentially causing performance issues [25040]. |
| Intent (Poor/Accidental Decisions) |
poor_decisions |
(a) The intent of the software failure incident was related to poor_decisions. The incident involved apps on the Google Play store, such as Songs and "Prized", which stealthily incorporated 'hashing' software to mine cryptocoins without the owners' knowledge. These apps included vague terms and conditions that, once accepted by the users, allowed the software to steal their processing time. Additionally, legitimate cryptocurrency mining code was injected into repackaged versions of Android apps, further exploiting users' devices for mining purposes [25040]. |
| Capability (Incompetence/Accidental) |
development_incompetence, accidental |
(a) The software failure incident related to development incompetence is evident in the article as it describes how more than a million Android smartphones were mining cryptocoins without the owners' knowledge through apps downloaded from Google Play. The apps, Songs and "Prized," contained code to join phones to a cryptocoin-mining "pool" without the users' consent. This was achieved by including a request to run the mining software within the terms and conditions of the apps, which users might not have fully understood. The article criticizes the "murky language and vague terminology" used in the terms and conditions, indicating a lack of transparency and potentially exploiting users' lack of understanding [25040].
(b) The software failure incident related to accidental factors is also present in the article. The incident involved the injection of legitimate cryptocurrency mining code from existing apps into "repacked" versions of Android apps. This injection of mining code was done without the knowledge of the app users, indicating an accidental introduction of malicious code into the apps. Additionally, the article mentions that the mining for cryptocoins in the background when a device is connected to the internet can lead to issues such as sapping battery life and causing devices to charge slowly or run hot, which could be accidental side effects of the mining activity [25040]. |
| Duration |
temporary |
The software failure incident described in the articles can be categorized as a temporary failure. The incident involved Android smartphones being unknowingly used to mine cryptocoins through apps downloaded from Google Play, which incorporated 'hashing' software [25040]. This temporary failure was caused by specific circumstances, such as the inclusion of mining code in certain apps, rather than being a permanent failure affecting all circumstances. |
| Behaviour |
value, other |
(a) crash: The software failure incident in the articles does not involve a crash where the system loses state and does not perform any of its intended functions. The incident involves the unauthorized mining of cryptocoins on Android smartphones without the owners' knowledge, indicating that the system is still functioning but for a different purpose [Article 25040].
(b) omission: The software failure incident does not involve omission where the system omits to perform its intended functions at an instance(s). Instead, the incident involves the inclusion of unauthorized code in apps that leads to the mining of cryptocoins without user consent [Article 25040].
(c) timing: The software failure incident does not involve timing issues where the system performs its intended functions correctly but too late or too early. The incident is more about the unauthorized use of processing power for cryptomining without the users' knowledge [Article 25040].
(d) value: The software failure incident does involve a failure related to the system performing its intended functions incorrectly. In this case, the apps on Google Play were found to contain code that uses the processing power of smartphones to mine cryptocoins without the users' consent, leading to incorrect behavior of the system [Article 25040].
(e) byzantine: The software failure incident does not exhibit a byzantine behavior where the system behaves erroneously with inconsistent responses and interactions. The incident is more about unauthorized cryptomining activities on smartphones through stealthily incorporated software [Article 25040].
(f) other: The other behavior exhibited in this software failure incident is unauthorized usage of processing power for cryptomining purposes without the explicit consent of the device owners. This behavior can be classified as a form of malware or unauthorized activity that deviates from the intended use of the affected devices [Article 25040]. |