Android phones hit by ‘drive-by’ Moreno cryptocurrency miners

15 Feb 2018

1

Recently, a trend has emerged with websites using the power of their users' computers to mine cryptocurrency with their ''unused computing power'' (See: Readers told to mine cryptocurrency to read ads-free Salon magazine content). Now it emerges that the trend is not limited to personal computers, but affects smartphones using Android as well.

According to a recent post by MalwareBytes, quite a lot of Android users have been affected by a site that does this exact same thing. The ''drive-by'' campaign works by redirecting Android users to a website that hijacks their device for the purpose of mining the cryptocurrency Moreno, similar to an attack on YouTube recently.

MalwareBytes has detailed a "drive-by" mining campaign that redirected millions of Android users to a website that hijacked their phone processors for mining Monero. While the exact trigger wasn't clear, researchers believed that infected apps with malicious ads would steer people toward the pages. And it wasn't subtle - the site would claim that you were showing "suspicious" web activity and tell you that it was mining until you entered a captcha code to make it stop.

Smartphone users are just as vulnerable to cryptocurrency mining hijacks as their PC counterparts, and sometimes on a dramatic scale. Malwarebytes has detailed a "drive-by" mining campaign that redirected millions of Android users to a website that hijacked their phone processors for mining Monero.

While the exact trigger wasn't clear, researchers believed that infected apps with malicious ads would steer people toward the pages. And it wasn't subtle - the site will claim that you were showing "suspicious" web activity and tell you that it was mining until you enter a captcha code to make it stop. It says that it was doing this to ''recover server costs from bot traffic''.

The exact number of victims isn't known, but it's large. MalWareBytes identified five internet domains using the same captcha code and Coinhive site keys used for the campaign. At least two of the sites had over 30 million visits per month, and the combined domains had about 800,000 visits per day.

Even though most people only ever spent a short amount of time on the pages (an average of 4 minutes), that amounted to a lot of mining time.

Attacks like these probably won't be stopping anytime soon, so MalwareBytes recommends that you run tools on your phone, like the company's own Android app to fend against this sort of behaviour.

Engadget adds that you can reduce the odds of encountering these campaigns by sticking to Google Play for app downloads, since you're less likely to run into rogue apps.

Business History Videos

History of hovercraft Part 3 | Industry study | Business History

History of hovercraft Part 3...

Today I shall talk a bit more about the military plans for ...

By Kiron Kasbekar | Presenter: Kiron Kasbekar

History of hovercraft Part 2 | Industry study | Business History

History of hovercraft Part 2...

In this episode of our history of hovercraft, we shall exam...

By Kiron Kasbekar | Presenter: Kiron Kasbekar

History of Hovercraft Part 1 | Industry study | Business History

History of Hovercraft Part 1...

If you’ve been a James Bond movie fan, you may recall seein...

By Kiron Kasbekar | Presenter: Kiron Kasbekar

History of Trams in India | Industry study | Business History

History of Trams in India | ...

The video I am presenting to you is based on a script writt...

By Aniket Gupta | Presenter: Sheetal Gaikwad

view more
View details about the software product Informachine News Trackers