As often as we hear stories of regulation and clampdowns, we’re now hearing more of hacks and malware. A new incursion is discovered on an almost weekly basis now as cybercriminals edge away from ransomware and into cryptocurrency mining malware. The latest detection was made by Chinese security researchers who uncovered an Android-based mining worm.
According to reports, cybersecurity researchers at China’s 360Netlab revealed a strain of mining malware called ADB.Miner over the weekend. As in previous exploits, the malware harnesses the hardware of the device in order to mine Monero, the encrypted and anonymous cryptocurrency.
Open Ports Exploited
The researchers revealed that over 7,000 devices have already been exploited by the vulnerability that spreads via open port 5555. A diagnostic debug tool can inadvertently leave this port open, which then enables ADB.Miner to spread to other Android-powered devices. Currently, the attack has been confined to smartphones, tablets, and TV set top boxes. The team said:
The 5555 ADB interfaces of those devices have already been opened before [they’re] infected. We have no idea about how and when this port was opened yet.
It was also revealed that the malware contained code from the Mirai botnet. Last year, Mirai brought the internet to its knees when it infected millions of compromised IoT devices to launch waves of DDoS attacks. A modified version of Mirai called Satori uses Satori.Coin.Robber to scan for devices operating as Ethereum mining rigs through port 3333.
For those forever defending Apple, the news was also gloomy. In a separate story, it was revealed by security firm SentinelOne that new Mac malware is being distributed via MacUpdate. The Mac Trojan, named OSX.CreativeUpdate, also harnesses CPU power to surreptitiously mine for Monero. According to security researchers at MalwarebytesLab:
The malware was spread via hack of the MacUpdate site, which was distributing maliciously-modified copies of the Firefox, OnyX, and Deeper applications … This is the third piece of Mac malware so far this year, following OSX.MaMi and OSX.CrossRAT.
Mac mining malware is particularly alarming since most Apple aficionados live under the false pretense that their machines are immune. This has been proven false on many occasions.
These incidents will increase over time as cryptocurrencies become more lucrative for cybercriminals. Just last month, mining malware was found in Google’s YouTube advertising and the month before hidden in Facebook’s Messenger. Maybe it is time for the monopolies of the internet and technology to focus a bit harder on their security rather than the billions of dollars they are raking in.
Are you vigilant with your computer security? Share your thoughts in the comments below.
Images courtesy of Shutterstock and Bitcoinist archives.