Skip to main content

Millions of Android Phones Hijacked to Mine Monero Cryptocurrency


HIGHLIGHTS

  • Hackers have been mining Monero coins via smartphones for months
  • Users presented with CAPTCHA to solve while browser mines Monero
  • Android phone users should use web filters, security software
Millions of Android Phones Hijacked to Mine Monero Cryptocurrency: MalwarebytesMillions of Android smartphones have reportedly been hijacked in a drive-by cryptocurrency mining campaign. As per security researchers, over the past few months, hackers have secretly been mining Monero coins via smartphones. According to Malwarebytes researchers, the campaign was first observed in January though it had started around November last year.
According to the report, millions of Android mobile users have been redirected to a specifically designed page "performing in-browser cryptomining." Though the method, the report says, is "automated, without user consent, and mostly silent," visitors are presented with a CAPTCHA to solve to prove that they are human and not a bot.
The warning message reads as "Your device is showing suspicious surfing behaviour. Please prove that you are human by solving the captcha. Until you verify yourself as human, your browser will mine the Cryptocurrency Monero for us in order to recover the server costs incurred by bot traffic." Until a user enters the code, the smartphone or tablet continues mining Monero, damaging the device's processor.
Interestingly, upon clicking entering the code, users are redirected to the Google home page, the report says. Also, the code is static and hardcoded in the page's source, making the process appear malicious. The researchers at Malwarebytes say that victims may face the forced redirection during regular browsing sessions or via infected apps with malicious ads.
"It's possible that this particular campaign is going after low-quality traffic-but not necessarily bots -and rather than serving typical ads that might be wasted, they chose to make a profit using a browser-based Monero miner," Jerome Segura, lead malware intelligence analyst at Malwarebytes, wrote in the blog post.
Malwarebytes identified five domains using the same captcha code and Coinhive site keys used for the campaign. According to the data posted on the blog, at least two websites had more than 30 million visits per month, and the domains combined yielded around 800,000 visits per day.
Unsurprisingly, Web filtering or security applications on smartphones have been highly recommended by the researchers, to prevent such hijacks. They say that forced cryptomining is now affecting mobile phones and tablets not only via Trojanised apps but also via redirects and pop-unders. Meanwhile, here is a guide on how to stop websites from using your phone or computer to mine cryptocurrencies.

Comments

Post a Comment

Popular posts from this blog

Is Coffee Raising Your Cholesterol Level?

RESEARCHERS at the Wageningen Agricultural University, in the Netherlands, say that drinking unfiltered coffee will raise your cholesterol level. The crucial word is “unfiltered.” Why? Research Reports, a newsletter from the Netherlands Organization for Scientific Research, says that coffee beans contain a cholesterol-raising substance called cafestol. When hot water is poured directly on the ground coffee, the cafestol is extracted. The same is true when finely ground coffee is boiled in water several times, as it is in Turkish coffee, or when a metal filter is used instead of a paper filter, such as in a French press. Without a paper filter, the cafestol ends up in the brew. One unfiltered cup of coffee, which may contain up to four milligrams of cafestol, can cause the cholesterol level to rise by about 1 percent. Espresso also contains cafestol, since it is made without a paper filter. However, its cholesterol-raising effect is less if you use a demitasse. Less espresso, less c...
Post a Comment
Read more