Security researchers have discovered more malicious mining software that exploits Google’s Android operating system. Attackers are constantly seeking out vulnerabilities in popular platforms and none gets bigger than Android which powers millions of machines. This new thread has managed to infect thousands of systems within days according to researchers.
It has been reported that cyber-security researcher Wang Hui from 360Netlab said in a blog post at the weekend that a strain of cryptocurrency mining malware called ADB.Miner has begun spreading rapidly.
More Monero Malware
The incursion has already infiltrated over 7,000 devices in China. There were hacked into a network that harnessed the processing power of the connected devices to mine Monero. XMR is usually the currency of choice as it has anonymous and encrypted blockchain which cannot be traced back to the cyber criminals. The malware connects to two different mining pools which both share the same wallet address.
Previous botnets have been more destructive but it is expected that this one will continue to spread and others like it will be launched. According to 360Netlab the malware spreads over port 5555 which can be opened by an ADB debug tool used to conduct diagnostic tests.
Once infected the malware will scan for open ports on similar Android powered devices such as smartphones, tablets, and smart TV boxes. If the port is already open the worm can spread. The security researchers said;
“Overall, we believe malicious code based on the Android system ADB debug interface is now actively spreading in worms and infected over 5,000 devices in 24 hours. Affected devices are actively trying to deliver malicious code.”
Mirai onboard
Without releasing too many technical details the research team said that the scanning module included the Mirai botnet code which took control of millions of IoT devices last year to launch DDoS attacks. It seems that cyber-crime is moving away from ransomware and into malicious mining is it can be more lucrative.
This latest incursion will not be the last. Last year mining malware exploited Facebook Messenger and just last month malware was discovered in Google’s YouTube advertising. The technology monopolies of today need to focus a little more on their security and a little less on their bottom line if they want to retain customer confidence in their systems.