Millions of Android smartphone devices have been hijacked in an aggressive cryptocurrency mining campaign.
According to Malwarebytes, millions of Android mobile users have been mining the Monero (XMR) cryptocurrency for cybercriminals unknowingly through their droid device. The security site explained that infected droid devices are been redirected to a page that would then ask the user to solve a CAPTCHA to solve to prove that they are not a bot but a human.
This warning message appears on the droid users smartphone: "You device is showing suspicious surfing behaviour. Please prove that you are a human by solving the captcha, Until you verify yourself as human, your browser will mine the Crytocurrency Monero for us in order for us to recover the server costs incurred by bot traffic." Until a user enters the code, the smartphone or tablet continues mining Monero, damaging the device's processor.
This campaign was first observed in January 2018 and is thought to have started around November 2017.
Malwarebytes describes the mining process of this campaign as automated and doesn't need user consent as everything happens silently.
The security blog also identified five domain using the same captcha code and Coinhive key sites used for the campaign. Data shown on Malwarebytes blog shows at least two websites had more than 30 million visits per months, with the two websites combined yielding about 800,000 visits in a day.
Cybercriminals have devised different ways to perform their illicit crypto mining on all types of browser platforms. Some have employed even more sophisticated methods that might remain undetected by smartphone users. The best way to keep your device safe from this menace is to always download trusted apps from the official store of your OS so as to prevent getting unnecessary malware infection, and even with that ensure to install the No Coin extension which is available for Google Chrome, Firefox and Opera mini.
0 comments:
Post a Comment