Millions of Android devices hijacked to mine Monero coin

Smartphones have much power to mine cryptocurrency- but their lack of security makes them easy targets for attackers.               Image iStock

As the world has gone mad on cryptocurrencies and mining them, the latest casualty became millions of Android users, whose phones were hijacked and redirected to a website that mines Monero.

Cryptojacking may not appear to be the most malicious of attacks but it can lead to device slowdown and having a processor running at full whack all the time is a good way to knacker it out.

While desktop users are redirected to websites hosting tech support scams, mobile users are redirected to domains where they're asked to solve a CAPTCHA to continue.

The group's activities were observed in late January, but may have started as early as November 2017, with millions of mobile users (presumably Android devices are targeted, they said) getting redirected to a browser page created to perform in-browser cryptomining.

The cryptomining scheme uses malvertising tactics-malicious advertisements that are served up on websites just like standard ads but contain code that can mine for cryptocurrency-to hijack a user's device without their knowledge.

The website directly prompted that it was using the infected device to mine the cryptocurrency, and would only stop if the user enters a valid CAPTCHA code.

Android Devices Put to Crypto Mining Work via Malware Campaign

Stopping drive-by mining campaigns that rely on malvertising or malicious apps is becoming increasingly hard, although end users can usually protect themselves by running AV programs from Malwarebytes and many other providers.

Upon entering a successful code, the user is directed to the standard Google homepage.

Researchers say that while some of the forced redirection attacks may occur during regular browsing, it's likely infected apps also play a role, with ad modules within them directing users towards the cryptomining pages with various Coinhive site keys. The first one was registered in late November 2017, and new domains have been created since then, always with the same template.

The Malewarebytes team recommend that Android users run web filtering and other security software on their devices to avoid such attacks. "This is unfortunately common in the Android ecosystem, especially with so-called "free" apps", the researchers said. At least two of the sites had over 30 million visits per month, and the combined domains had about 800,000 visits per day.

Researchers have identified five domains used in this malvertising campaign, all hosting the same page and all with the same CAPTCHA code. It takes a ton of processing power to mine a cryptocurrency or make a transaction.

How much Monero could this operation yield, you wonder? The researchers concluded, "The threat landscape has changed dramatically over the past few months, with many actors jumping on the cryptocurrency bandwagon".

Suspect wounded, vehicle stopped after shooting at US NSA gate in Maryland
In 2015, two men dressed as women tried to ram a stolen vehicle through the gate of the NSA headquarters at Fort Meade. Local fire and police departments had said earlier on Twitter they were responding to a possible shooting incident.



Latest news

Pereira: "Philly Special" Super Bowl TD should've been called penalty
I know what the league has said, but they would have been a lot more comfortable if they would have called an illegal formation. And since Foles was lined up in the backfield, the Patriots would have known he was an eligible receiver.

Jailbreak drama: Prisoner who fled after drugging twin, swapping places, recaptured
It is not clear if the police was tipped off by someone about Alexander's whereabouts or they tracked him on their own. A former justice minister, Marisol PĂ©rez Tello, said the wickedness of Alexander's escape plan had left many shocked.

England scrum against Georgia during Six Nations rest week
You leave it at that, and then you get on with it. 'I just think once the game's done and dusted, that's the game. Subscribe to PaperTalk on or Soundcloud :.

Paul Ryan: 'Clearly we should all be condemning domestic violence'
The White House did not immediately respond to a request for comment on whether the committee had requested information about how Porter's employment and clearance were handled.

Omarosa offered sex to Piers Morgan to win 'Celebrity Apprentice,' he says
The claim - "he thinks Jesus tells him to say things ..." Morgan said he told her she was "completely deluded". Unless you have been living under a rock, you will have heard the name Omarosa at some point.

'Missing' Whiteface Mountain Skier Found In California
Constantinos "Danny" Filippidis, 49, was last seen February 7 skiing with friends and family at Whiteface Mountain in upstate NY . He reportedly told police he had not been the victim of any crime.

Tom Daley and husband Dustin Lance Black are expecting their first child
Olympic diver Tom Daley is having a baby with his husband, United States film producer and activist Dustin Lance Black .

Instagram To Test Screenshots Alerts For Stories
The new design first rolled out in November for a limited number of users, aiming to make it easier to use. The company is also going to share stats with other Snapchatters who have large followings on the service.

US Intelligence Agencies Warns Against Buying Huawei, ZTE Phones
USA lawmakers are now considering a bill that would ban government employees from using Huawei and ZTE phones altogether. Wray warned that such level of power will allow Chinese agencies to exert control over the US communications networks.

Soil search unearths new class of antibiotics
Experts have hailed this new antibiotic from soil the next big thing because, a new antibiotic has not been discovered since 1987. They hypothesized that the genes responsible for this "calcium-dependent motif" might be found in other compounds.

Risk of Fatal Traffic Crashes Up After April 20 Cannabis Event
However, a new study shows that it's not only people that get high on that day, traffic fatality rates get high (er) as well. One thing is for sure - legalization allows safe alternatives to be promoted to those who need them most.

Flynn the bichon frise named Westminster best in show
The groups are terriers, toy dogs, working dogs, herding dogs, sporting dogs, non-sporting dogs, and hounds . A total of about 3,200 dogs competed during Westminster events this week. "There was no wasted time".

Olympic snowboarder taken to hospital after scary halfpipe crash
Rukajarvi also slammed the organisers for allowing the competition to continue despite the unsafe conditions. Totsuka smacked into the ground, falling face-first into the middle of the halfpipe, lying still.

Arizona woman wakes up with British accent
FAS is easier to understand when you think about the minute changes that characterize what we perceive to be an accent. Rare as it can be, a woman from Texas suffering debilitating headaches woke up with a British accent .

South Africa captures three Gupta family members in raid
Reuters was unable to confirm the email's authenticity and Baloyi did not answer her phone or respond to text messages. Mashatile said Zuma had been given until Wednesday to submit his resignation letter.

Other news