The digital world is full of wonder and worry. The cryptocurrency world is full of stories of people who are either getting hacked for their digital currencies, or they are falling into scams and traps. A cryptocurrency is a digital or virtual currency that uses cryptography for security. Because of the current surge in digital money costs, hackers are now progressively focusing on each and every platform including IoT, Android, and Windows, with malwares that use the CPU influence of casualties’ gadgets to mine cryptocurrency. Simply a month ago, the security researchers at Kaspersky found fake antivirus and porn android applications tainted with malware that mines Monero cryptocurrency, dispatches DDoS attacks and carry out a few different malignant scripts, making phone’s battery swell out of its cover.
Now, security researchers at Chinese IT security firm Qihoo 360 Netlab found another bit of wormable Android malware, named ADB.Miner, that scans extensive variety of IP addresses to discover vulnerable devices and taint them to mine cryptocurrency.
What is ADB.Miner?
It is a malware which is targeting and compromising thousands of android devices to mine cryptocurrency. Wang Hui, a cybersecurity researcher at 360Netlab said in a blog post that a ADB.Miner malware is mining cryptocurrency and it is spreading rapidly.
What exactly it does?
This malware uses Android Debug Bridge (adb), a command-line tool that lets you communicate with an android device. This adb command-line tool allows different actions, such as installing and debugging apps, and it provides access to a Unix shell that you can use to run different commands on a device. This malware is using port 5555 to spread. Normally, this port 5555 is kept closed but sometimes this ADB tool may open this port 5555 accidentally. Due to this vulnerability, hackers scan for android devices like smartphones, smart TVs, and TV set-top boxes using ADB tool running over port 5555 and then infects them with a ADB.Miner malware that mines Monero cryptocurrency.
The 360Netlab security researchers have also said that this miner has Mirai code within its scanning module. Mirai is a botnet which caused millions of vulnerable Internet of Things (IoT) devices to conduct distributed denial-of-service (DDoS) attacks. The malware contains mining program which particularly centers around Monero (XMR). ADB.Miner communicates with two diverse mining pools which both share a same wallet address.
As indicated by security researchers, the infection began on January 21, and the quantity of attacks has expanded as of late. As of Wednesday, the researchers have identified more than 7,400 IP addresses utilizing the Monero mining code—that is more than 5,000 affected android devices. In order to prevent this malware, android users should not install untrusted applications from Google Play Store.