Science

60 million Android users hit by cryptocurrency miner malware

14 Feb 2018 | By Shiladitya Ray
Malicious cryptocurrency miner hits 60 million+ Android users

A malvertising campaign is targeting Android users and forcing their smartphones to mine Monero or XMR cryptocurrencies for as long as it can keep them active on shady websites.

60 million Android users have already been hit.

The good news is that it can be avoided easily.

The bad news, however, is that if you're affected, it might damage your phone permanently.

Here's more.

In context: Malicious cryptocurrency miner hits 60 million+ Android users

14 Feb 201860 million Android users hit by cryptocurrency miner malware

DetailsExact names of malicious websites not known yet

California-based security firm Malwarebytes Labs discovered the campaign and said that the attack is an example of "drive-by mining" where a device is exploited to mine cryptocurrency only for a short period of time.

Malwarebytes, however, couldn't pinpoint the exact sites through which attacks are being carried out but, judging by the number of affected users, some of them must be popular.

Love Tech news?
Stay updated with the latest happenings.

Infected free apps could also be contributing to spreading infection

Malwarebytes' blog post about the scheme revealed that by targeting mobile users, the attackers have a great advantage since most mobile users don't use anti-virus suites. Apart from shady websites, the post said infected free apps in the Android ecosystem could also be contributors.
What risk your phone faces from the cryptocurrency-miner

RiskWhat risk your phone faces from the cryptocurrency-miner

The attack might seem relatively harmless since it exploits your phone for a short while and leaves no traces.

However, cryptocurrency mining is a very heavy-duty operation even for gaming computers. For an Android phone, it might be a death sentence.

Monero mining uses a 100% of CPU capacity indefinitely, which might cause the phone's chips to melt due to overheating in extreme cases.

PreventionNot possible to avoid the attack without an anti-virus suite

The malvertising is likely to be on shady pop-up websites or adverts, and the best way to protect yourself from it is to install an anti-virus suite on your phone.

Malwarebytes recommends its own app, but others like Norton, Avast etc. also work.

An anti-virus suite apart, however, it's not quite possible to "avoid" the attack, owing to the insidious nature of malvertising.

I have Samsung J5. And it has its own security manager which cleans unnecessary data and detects malware. Will it protect my phone from this malware?

Asked on 15-02-2018 by Anonymous
Answered by NewsBytes
The best way to protect yourself from this malvertising is to have any anti-virus suite on your phone. Since your Samsung J5 already has in-built security manager, in all likelihood, it would protect you from this cryptocurrency malvertising.
loading information

Which antivirus app is better: 360 security, Clean Master, Hi Security, Norton or Avast? I already have 360, Clean Master and Hi on my phone for a long time.

Asked on 15-02-2018 by Anonymous
Answered by NewsBytes
There are several anti-virus apps available on Play Store, and since they work on the same principle of identifying threats, it is difficult to judge which app works best. However, AV-Test, an independent security institute, compiles a list of best anti-virus apps every few months. According to the latest list, Avast tops in terms of protection. You can view the complete list here.
loading information
More questions