Malware Monero Miner Targets Android Phones

February 8, 2018 11:23 PM

It was discovered that, thanks to a new piece of malware, some Android devices and televisions in Asia have been mining Monero unbeknownst to users.

On February 6, 2018, Chinese cybersecurity lab Netlab 360 detailed a newly discovered piece of malicious mining software.

The latest worm in what has been a series of mining software attacks, ADB.miner duplicates itself across devices by accessing a command line called the Android Debug Bridge (ADB). Estimates say the number of affected devices doubled every 12 hours but seemed to stabilize around 7,000 by the time of the report.

Android phones and TV boxes have thus far been the only devices to exhibit infection, although it has yet to be determined if other gear might also be susceptible to the worm.

The researchers assessed nine samples and found out how the worm function propagates: If devices in the vicinity of an infected device have an open 5555 port, the virus copies itself onto them by attempting to execute an ADB command. Once present, the worm also runs a Monero miner, which sends all mined cryptocurrency to a single wallet address.

So far, the detection of infected devices has been isolated to Asia, and “most of the victims come from China (39%, including Hong Kong and Taiwan) and Korea (39%).”

Jeremy Nation is a writer living in Los Angeles with interests in technology, human rights, and cuisine. He is a full time staff writer for ETHNews and holds value in Ether.

ETHNews is committed to its Editorial Policy

Like what you read? Follow us on Twitter @ETHNews_ to receive the latest Monero, mining or other Ethereum technology news.

Be the first to comment

Leave a Reply

Your email address will not be published.