Millions Of Android Devices Compromised, Mining For Monero

30 million visits is certainly a lot of Monero mined

The latest to malware to hit Android users is a "drive-by" mining attack that directs users to a malicious website which then hijacks their smartphone hardware to mine the Monero cryptocurrency. Please prove that you are human by solving the captcha.

The group's activities were observed in late January, but may have started as early as November 2017, with millions of mobile users (presumably Android devices are targeted, they said) getting redirected to a browser page created to perform in-browser cryptomining. Meanwhile, here is a on how to stop websites from using your phone or computer to mine cryptocurrencies. This means that until the user enters the code, the smartphone or tablet will be mining Monero and exerting a load on the device processor.

To get the user to submit to the mining effort, it uses a clever technique to trick them.

The team advises Android device users "to run the same security tools they have on their PC on their mobile devices", saying that unauthorized crypto mining could "cause permanent damage". While some people may be redirected through regular browsing via malvertising, it's thought that infected apps with malicious ad modules are the main culprit.

Interestingly, upon clicking entering the code, users are redirected to the home page, the report says.

Anime Fans Get Ready for 'Batman Ninja' in May!
However, fans might be disappointed to know that Batman and Joker will not be voiced by familiar actors Kevin Conroy and Mark Hamill.

Six top United States intelligence chiefs caution against buying Huawei phones
According to an observation by 9to5Google, Huawei recruited people to write "fake" Mate 10 Pro reviews on Best Buy . He added that this would provide "the capacity to maliciously modify or steal information".

Domino's Pizza Group (LON:DOM) Given Sell Rating at Liberum Capital
Domino's Pizza , Inc. (NYSE:DPZ) stock shows inches down of -0.89% and traded at a price of $209.98 in preceding trading session. While the company reduced its sales growth guidance for Australia and New Zealand , it was not all bad news for the pizza giant.

Aside from the one in November, five more domains were registered in less than 30 days. "This is unfortunately common in the Android ecosystem, especially with so-called "free" apps", the researchers said. However, that takes a lot of equipment and electrical power, and that's not easily affordable. Several other identical domains were discovered using the same CAPTCHA code.

Malwarebytes estimates that the five domains it identified attain around 800,000 visits per day, with visitors spending an average of four minutes on the site.

"It is hard to determine how much Monero currency this operation is now yielding without knowing how many other domains (and therefore total traffic) are out there", said Jérôme Segura, Malwarebytes researchers. Researchers estimate that given the power of the processors and the small amount of time spent mining, the whole operation is only bringing in a few thousand dollars a month. "Malware-based miners, as well as their web-based counterparts, are booming and offering online criminals new revenue sources".

"No platform is immune to cryptomining, and although mobile devices may indeed be less powerful than full fledged desktops, there is a greater number of them out there", Jérôme Segura, lead malware intelligence analyst at Malwarebytes told ZDNet.

Related:

Comments

Latest news

TMO Made Mistake In Not Awarding Wales Try
They trail Ireland on scoring difference. "Why wouldn't we want to scrummage against them?" Now, he is using his contacts with Georgia coaches Milton Haig and Richard Graham, who are from New Zealand and Australia respectively.

Taylor Swift Shakes Off Copyright Lawsuit
Hall and Butler were given until February 26 to modify their complaints. We can't wait to hear what you have to say. They added, "The law is simple and clear".

Congress is investigating White House's handling of Rob Porter
Earlier reports from the news outlet suggested several high-level White House officials knew for "months" about the allegations against Porter despite "serious talks" taking place about promoting the staff secretary.

United Nations refugee chief: Myanmar still not safe for Rohingya to return
Survivors reported that more than 200 soldiers descended on the village, shooting and burning homes, she said. The recent spasm of violence began when Rohingya insurgents staged a series of attacks August 25.

Late Comeback Not Enough, Raptors Hold Off Heat 115-112
They came in having not only having won five straight but having won by at least 15 points in all five games - a franchise record. Toronto exploded for a 19-4 run in the last eight minutes of the third quarter that was the difference in the game.

Skype Security Is Borked And Hard To Fix
The bug works because the malicious DLL is found first when the app searches for the DLL it needs. Once installed, Skype uses its own built-in updater to keep the software up to date.

Winter Games 2018: Shaun White, Mikaela Shiffrin look for gold
He busted his face in New Zealand a year ago while attempting one of those 1440s, leaving an injury that required 62 stitches. White's gold came just months after he overcame two heavy crashes in training.

Japanese snowboarder Yuto Totsuka suffers brutal crash in Olympic halfpipe final
Totsuka had just begun his second of three runs and appeared to be attempting a complex trick when disaster struck. Medics tending to Japan's Yuto Totsuka, who bounded off the lip and fell all the way down the pipe face-first.

Britain's GKN seeks to return 2.5 bln pounds over next three years
That will include the sale of its Powder Metallurgy business which reports say could be valued at more than £2 billion. We have strong market positions and have delivered good growth, with management revenues a year ago of over £10bn.

Notre Dame president blasts NCAA for not restoring vacated wins
In a letter posted to the school's website after the NCAA's decision , Notre Dame expressed its displeasure with the decision. The teams meet at Compton Family Ice Arena on Friday, Feb. 16, at 7:35 p.m.in Notre Dame's annual White Out/Wear White game.

Microsoft gives sysadmins Meltdown and Spectre detection in Windows Analytics
Right now, it just detects if Intel microcode updates were applied, but Microsoft plans to add checks for other chips, as well. Microsoft by that stage had already analyzed the performance impact of the mitigations against Meltdown and Spectre.

Solar Eclipse: Date, Time and Effects on Humans
However, with the help of various sorts of pinhole cameras, filtering device or indirect viewing, one can safely view the eclipse. A solar eclipse never comes alone instead it usually comes with lunar eclipse either one or two-week before the eclipse.

YouTube TV adds Turner networks, boosts price to $40
The price increase applies to new members only - if you join before March 13, you'll continue paying the old price. The skinny bundle will add channels owned by Turner as well as sports-specific hubs like NBA TV and MLB Network .

Russia Threatens to Block YouTube and Instagram, After Complaints From an Oligarch
He tweeted that both sites were up and running in Russian Federation , but could be shut down Wednesday night . Assistant Secretary of State for European and Eurasian Affairs and a frequent critic of Russian Federation .

Nanorobots successfully kill cancerous tumours
After attacking tumours, most of the nanorobots were cleared and degraded from the body after 24 hours. First and foremost, the team showed that the nanorobots were safe and effective in shrinking tumors.

Other news