Millions of Android devices affected by crypto-mining malware, report

Millions of Android devices affected by crypto-mining malware, report

A new malware on Android is allowing users to use their devices to drive-by cryptocurrency mining campaign, according to a report. "Before being redirected, however, the users were "notified" that there is |suspicious surfing behavior" and that in order to avoid or stop it, they need to solve a Captcha request.

According to Malwarebytes, the campaign could have started in November past year but was first observed in January.

Malicious apps and sites with malvertising are redirecting millions of users to websites set up for the purposes of mining the Monero cryptocurrency. Until a user enters the code, the smartphone or tablet continues mining Monero, damaging the device's processor.

Mining a bitcoin or any other cryptocurrency is not as easy as investing in it. It's an effective campaign in part because many mobile users do not bother installing security applications that might prevent this from happening, and in many cases these devices do not have any sort of web filtering configured, either.

Once they enter the code, users are simply redirected to the Google home page.

Researchers say that while some of the forced redirection attacks may occur during regular browsing, it's likely infected apps also play a role, with ad modules within them directing users towards the cryptomining pages with various Coinhive site keys. "This is unfortunately common in the Android ecosystem, especially with so-called "free" apps". The researchers also suggest that this malicious cryptocurrency mining informs that visitors that they are being redirected to the websites which are used to mine cryptocurrency which is then used to pay for server traffic.

GKN to return £2.5bn to shareholders up to 2020
The FTSE 100-listed firm's dividend policy until 2020 will aim to deliver an average payout of 50% of free cash flow. In mid-market trading, GKN's shares were up 0.6% at 404.9p, while Melrose shares were ahead 0.6% at 213.4p.

A quick analysis of two of the five sites known so far to display the code-mining CAPTCHAs indicates the campaign is snaring tens of millions of devices.

"It is hard to determine how much Monero currency this operation is now yielding without knowing how many other domains (and therefore total traffic) are out there".

The average time spent on the sites was around four minutes, so when combined with the number of visits, it's estimated that a few thousand dollars of Monero were generate on a monthly basis; not a stellar number but still a decent earner when it's someone else doing the work.

There has been a rapid increase in cryptojacking attacks in the last few months as most cryptocurrencies, including monero, experience a price increase.

"We strongly advise users to run the same security tools they have on their PC on their mobile devices", the team warns, "because unwanted cryptomining is not only a nuisance but can also cause permanent damage". "Malware-based miners, as well as their web-based counterparts, are booming and offering online criminals new revenue sources".

Related News:



Most liked

House Republicans Open Investigation Into White House Handling Of Porter Scandal
Gowdy said. "The chronology is not favorable for the White House". "They clearly have work to do to fix their vetting system", he said.

Saakashvili Arrives In Netherlands After Expulsion From Ukraine
He is also wanted by authorities in Georgia on charges of abuse in office - which he also strenuously denies. In July 2017, Saakashvili lost his Ukrainian citizenship under a decree of the Ukrainian president.

'13 Reasons Why' Author Jay Asher Responds To Sexual Harassment Allegations
The author also claimed to feel "thrown under the bus" because the SCBWI told him at the time that "the emails showed nothing". Oliver declined to comment on whether or not Asher was still with the organization when New Times reached out previous year .

Microsoft not interested in patching critical Skype security flaw, claims researcher
The attack reads on the clunky side, but Kanthak told ZDNet in an email that the attack could be easily weaponized. Kanthak reported the flaw to Microsoft last September, who were able to reproduce the vulnerability.

Snapchat introduces audience insights for creators
One of the main complaints, by the way, is that users have seen their Story views drastically plummet since the redesign went live.

Winter Olympics 2018: Snowboarder Yuto Totsuka taken to hospital after ugly crash
But the competition had to be paused after Totsuka hit the lip of the halfpipe and landed awkwardly before sliding to the bottom. On his second run of the final, Totsuka dropped in and went for his first jump, twisting several times in the air.

Germany proposes free public transport to curb pollution, avoid big fines
The Federal Administrative Court in the eastern city of Leipzig is considering the legality of driving bans on February 22. Its content is created separately from USA TODAY.

BBB Bureau Briefs: Valentine's Day Scams
Cut off contact if someone starts asking you for information like credit card, bank, or government ID numbers. You can perform a reverse image search to see if the profile photo has been used on other websites .

Tom Daley And Dustin Lance Black Are Having Their First Baby
Black, 43, and Daley, 23, Wednesday in a fairytale ceremony last May in Devon, England, with a castle as a backdrop. Tom Daley and Dustin Lance Black are celebrating the fabulous news they are expecting their first child.

Australia's Domino's Pizza says it 'completely misread' Japanese promotion
To measure price-variation, we found DPZ's volatility during a week at 4.58% and during a month it has been found around 2.59%. The stock decreased 1.02% or $0.25 during the last trading session, reaching $24.35. (NYSE:DPZ) is performing 9.07%.

Russian Meddling This Election
They told members of the Senate intelligence committee Tuesday that they would provide more details in closed session. The earliest primaries, in states such as IL and Texas, will come next month, though many occur in July and August.

Chris Rock's first stand-up special in 10 years comes out this week
In 2016, the Emmy and Grammy victor signed a massive $ 40 million deal with the streaming giant for two stand-up specials . Chris Rock , Jerry Seinfeld and Dave Chappelle were the most notable headliners to ink deals for Netflix specials.

Kuwait pledges $2bn for Iraq reconstruction
That money would include loans, loan guarantees and insurance devices to encourage American investment in Iraq. Meanwhile, Saudi Arabia and other Gulf nations remain suspicious of Iran's influence in Iraq.

White House denies Wray contradicted their Porter timeline
He said he went into the house to treat the cut on his knuckle, but Willoughby ordered him to leave and she called the police. Trump also said he had been "surprised" and "very sad" to learn about the allegations against Porter.

Sharma ton helps India secure ODI series victory
India rode on Rohit's 17th hundred to post a competitive 274/7 after the South Africa had asked the visitors to bat first. Chris Morris broke the partnership with Kohli's wicket and Morne Morkel followed up to dismiss Dhawan four overs later.