Due to the recent surge in cryptocurrency prices, threat actors are increasingly targeting every platform, including IoT, Android, in addition to Windows, with malware of which leverages the CPU power of victims’ devices to mine cryptocurrency.
Just last month, Kaspersky researchers spotted fake antivirus in addition to porn Android apps infected with malware of which mines Monero cryptocurrency, launches DDoS attacks, in addition to performs several various other malicious tasks, causing the phone’s battery to bulge out of its cover.
at This particular point, security researchers at Chinese the idea security firm Qihoo 360 Netlab discovered a brand new piece of wormable Android malware, dubbed ADB.Miner, of which scans wide-range of IP addresses to find vulnerable devices in addition to infect them to mine digital cryptocurrency.
According to the researchers, ADB.Miner will be the first Android worm to reuse the scanning code programmed in Mirai—the infamous IoT botnet malware of which knocked major Internet companies offline last year by launching massive DDoS attacks against Dyndns.
ADB.Miner scans for Android devices—including smartphones, smart TVs, in addition to TV set-top boxes—with publicly accessible ADB debug interface running over port 5555 in addition to then infects them using a malware of which mines Monero cryptocurrency for its operators.
Android Debug Bridge (ADB) will be a command-line tool of which helps developers debug Android code on the emulator in addition to grants access to some of the operating system’s most sensitive features.
the idea should be noted of which almost all Android devices by default come with the ADB port disabled, so botnet would certainly target only those devices of which have manually been configured to enable port 5555.
Besides mining Monero cryptocurrency, ADB.Miner installed on an infected device also attempts to propagate itself by scanning for more targets on the Internet.
Researchers did not reveal exactly how or by exploiting which ADB flaw hackers are installing malware onto Android devices.
However, the researchers believed hackers are not exploiting any vulnerability of which targets any specific device vendor since they found devices by a wide range of manufacturers impacted.
According to the researchers, the infection began on January 21, in addition to the number of attacks has increased recently. As of Sunday, the researchers detected 7,400 unique IP addresses using the Monero mining code—of which’s more than 5,000 impacted devices in just 24 hours.
Based on the scanning IP addresses, the highest number of infection has been noticed in China (40%) in addition to South Korea (31%), the researchers estimated.
In order to fight against such malware Android users are advised not to install unnecessary in addition to untrusted applications by the app store, even by Google Play Store, in addition to keep your devices behind a firewall or a VPN.