Due to the recent surge in cryptocurrency prices, threat actors are increasingly targeting every platform, including IoT, Android, along with also also Windows, with malware that will leverages the CPU power of victims’ devices to mine cryptocurrency.
Just last month, Kaspersky researchers spotted fake antivirus along with also also porn Android apps infected with malware that will mines Monero cryptocurrency, launches DDoS attacks, along with also also performs several different malicious tasks, causing the phone’s battery to bulge out of its cover.
right now, security researchers at Chinese the idea security firm Qihoo 360 Netlab discovered a completely new piece of wormable Android malware, dubbed ADB.Miner, that will scans wide-range of IP addresses to find vulnerable devices along with also also infect them to mine digital cryptocurrency.
According to the researchers, ADB.Miner is usually the first Android worm to reuse the scanning code programmed in Mirai—the infamous IoT botnet malware that will knocked major Internet companies offline last year by launching massive DDoS attacks against Dyndns.
ADB.Miner scans for Android devices—including smartphones, smart TVs, along with also also TV set-top boxes—with publicly accessible ADB debug interface running over port 5555 along with also also then infects them using a malware that will mines Monero cryptocurrency for its operators.
Android Debug Bridge (ADB) is usually a command-line tool that will helps developers debug Android code on the emulator along with also also grants access to some of the operating system’s most sensitive features.
the idea should be noted that will almost all Android devices by default come with the ADB port disabled, so botnet would certainly target only those devices that will have manually been configured to enable port 5555.
Besides mining Monero cryptocurrency, ADB.Miner installed on an infected device also attempts to propagate itself by scanning for more targets on the Internet.
Researchers did not reveal exactly how or by exploiting which ADB flaw hackers are installing malware onto Android devices.
However, the researchers believed hackers are not exploiting any vulnerability that will targets any specific device vendor since they found devices via a wide range of manufacturers impacted.
According to the researchers, the infection commenced on January 21, along with also also the number of attacks has increased recently. As of Sunday, the researchers detected 7,400 unique IP addresses using the Monero mining code—that will’s more than 5,000 impacted devices in just 24 hours.
Based on the scanning IP addresses, the highest number of infection has been noticed in China (40%) along with also also South Korea (31%), the researchers estimated.
In order to fight against such malware Android users are advised not to install unnecessary along with also also untrusted applications via the app store, even via Google Play Store, along with also also keep your devices behind a firewall or a VPN.