Millions of Android devices hijacked to mine Monero coin

Smartphones have much power to mine cryptocurrency- but their lack of security makes them easy targets for attackers.               Image iStock

As the world has gone mad on cryptocurrencies and mining them, the latest casualty became millions of Android users, whose phones were hijacked and redirected to a website that mines Monero.

Cryptojacking may not appear to be the most malicious of attacks but it can lead to device slowdown and having a processor running at full whack all the time is a good way to knacker it out.

While desktop users are redirected to websites hosting tech support scams, mobile users are redirected to domains where they're asked to solve a CAPTCHA to continue.

The group's activities were observed in late January, but may have started as early as November 2017, with millions of mobile users (presumably Android devices are targeted, they said) getting redirected to a browser page created to perform in-browser cryptomining.

The cryptomining scheme uses malvertising tactics-malicious advertisements that are served up on websites just like standard ads but contain code that can mine for cryptocurrency-to hijack a user's device without their knowledge.

The website directly prompted that it was using the infected device to mine the cryptocurrency, and would only stop if the user enters a valid CAPTCHA code.

Millions of Android devices hijacked to mine Monero coin

Stopping drive-by mining campaigns that rely on malvertising or malicious apps is becoming increasingly hard, although end users can usually protect themselves by running AV programs from Malwarebytes and many other providers.

Upon entering a successful code, the user is directed to the standard Google homepage.

Researchers say that while some of the forced redirection attacks may occur during regular browsing, it's likely infected apps also play a role, with ad modules within them directing users towards the cryptomining pages with various Coinhive site keys. The first one was registered in late November 2017, and new domains have been created since then, always with the same template.

The Malewarebytes team recommend that Android users run web filtering and other security software on their devices to avoid such attacks. "This is unfortunately common in the Android ecosystem, especially with so-called "free" apps", the researchers said. At least two of the sites had over 30 million visits per month, and the combined domains had about 800,000 visits per day.

Researchers have identified five domains used in this malvertising campaign, all hosting the same page and all with the same CAPTCHA code. It takes a ton of processing power to mine a cryptocurrency or make a transaction.

How much Monero could this operation yield, you wonder? The researchers concluded, "The threat landscape has changed dramatically over the past few months, with many actors jumping on the cryptocurrency bandwagon".

England scrum against Georgia during Six Nations rest week
You leave it at that, and then you get on with it. 'I just think once the game's done and dusted, that's the game. Subscribe to PaperTalk on or Soundcloud :.

Related:

Comments

Latest news

Pereira: "Philly Special" Super Bowl TD should've been called penalty
I know what the league has said, but they would have been a lot more comfortable if they would have called an illegal formation. And since Foles was lined up in the backfield, the Patriots would have known he was an eligible receiver.

Falklands under the cone of a partial solar eclipse on Thursday
The moon is expected to cover up to 40 percent of the sun in locations like Ushuaia, Argentina, according to National Geographic . The eclipse occurred when the Earth passed between the spacecraft and the sun, completely hiding the sun's view from the SDO.

Omarosa offered sex to Piers Morgan to win 'Celebrity Apprentice,' he says
The claim - "he thinks Jesus tells him to say things ..." Morgan said he told her she was "completely deluded". Unless you have been living under a rock, you will have heard the name Omarosa at some point.

Anime feature Batman Ninja gets a trailer and English voice cast
Home Entertainment has now released an English-language trailer offering another look at the gorgeous-and crazy-animated feature. Batman Ninja is the brainchild of writer Kazu Nakashima ( Futagashira ) and designer Takashi Okazaki ( Samurai Jack ).

Tom Daley and husband Dustin Lance Black are expecting their first child
Olympic diver Tom Daley is having a baby with his husband, United States film producer and activist Dustin Lance Black .

Engine covering breaks off United Airlines flight 1175 mid-flight
Passenger Haley Ebert posted a video on Twitter that showed the plane shaking as it descended to land. The FAA said it would investigate the incident.

Instagram To Test Screenshots Alerts For Stories
The new design first rolled out in November for a limited number of users, aiming to make it easier to use. The company is also going to share stats with other Snapchatters who have large followings on the service.

Soil search unearths new class of antibiotics
Experts have hailed this new antibiotic from soil the next big thing because, a new antibiotic has not been discovered since 1987. They hypothesized that the genes responsible for this "calcium-dependent motif" might be found in other compounds.

Risk of Fatal Traffic Crashes Up After April 20 Cannabis Event
However, a new study shows that it's not only people that get high on that day, traffic fatality rates get high (er) as well. One thing is for sure - legalization allows safe alternatives to be promoted to those who need them most.

Bank transfers in less than a minute as real-time payments rolled out
"Customers will also be able to include more information with their payments, such as additional text, invoices and receipts". The service allowing consumers to make faster payments using their "PayID" has the brand name "Osko".

Germany proposes free public transport to curb pollution, avoid big fines
If Vella is not satisfied with Germany's proposals, he has threatened to file a case with the European Court of Justice. When it comes to making ticketless rides a reality, there are some pretty big questions that need to be answered first.

Suspect wounded, vehicle stopped after shooting at US NSA gate in Maryland
In 2015, two men dressed as women tried to ram a stolen vehicle through the gate of the NSA headquarters at Fort Meade. Local fire and police departments had said earlier on Twitter they were responding to a possible shooting incident.

United States of America men's hockey team loses to Slovenia in Olympics debut
Slovenia, the Americans' first opponent in the round-robin preliminary round, enters with much lower expectations. Brian Gionta , from Rochester, serves as team captain and is the only returning Olympian.

Did Rutgers just win the 2013 Pinstripe Bowl?
The investigation stemmed from academic misconduct involving a former student athletic trainer. The committee's decision was announced in a statement issued Tuesday by the NCAA.

South Africa captures three Gupta family members in raid
Reuters was unable to confirm the email's authenticity and Baloyi did not answer her phone or respond to text messages. Mashatile said Zuma had been given until Wednesday to submit his resignation letter.

Other news