Over the past few years, there has been a significant rise in cryptocurrency related crimes. While in the past, these ‘crimes’ were all about hacks, ransomware and thefts, malware too is on the rise now. Security researchers from China have now found an Android-based cryptocurrency mining malware, which mines for Monero (XRM) using the processing power of unsuspecting users’ smartphones.
Researchers from China’s 360Netlab have reported that they have found a malware called ‘ADB.Miner’, which makes use of the phone’s hardware power to mine for Monero. The malware makes use of a vulnerability by exploiting the open port 5555. This report from Chinese researchers finds out that over 7,000 devices have been infected. The malware affects not only Android smartphones but also tablets and set-top boxes.
The 5555 ADB interfaces of those devices have already been opened before [they’re] infected. We have no idea about how and when this port was opened yet, the report states.
As per the Chinese researchers who discovered the ADB.miner malware, it contains code from the Mirai Botnet.The Mirai Botnet is infamous for their attack on IoT devices last year. Millions of IoT devices were attacked using the DDoS attack last year. Moreover, there’s also a modified version of Mirai called Satori.Satori uses Satori.Coin.Robber to scan for devices operating as Ethereum mining rigs through port 3333.
Reports from 360NetLab indicate that this malware has largely been affecting devices from China and South Korea. An alarming statistic from the report reveals that the malware is spreading at a rapid speed. The number of scanned devices that are infected with this malware is doubling with every passing day.
With cryptocurrencies providing more anonymity and privacy (especially Monero - which is a privacy-focused currency), they become a lucrative commodity for cybercriminals. Monero mining malware is on the rise and users as well as security researchers need to be vigilant. If your CPU usage suddenly spikes up without any apparent reason you probably need to check out if there’s a secret cryptocurrency miner affecting your device.