Want to share with your friends too?

Science
14 Feb 2018

60 million Android users hit by cryptocurrency miner malware

Malicious cryptocurrency miner hits 60 million+ Android users

A malvertising campaign is targeting Android users and forcing their smartphones to mine Monero or XMR cryptocurrencies for as long as it can keep them active on shady websites.

60 million Android users have already been hit.

The good news is that it can be avoided easily.

The bad news, however, is that if you're affected, it might damage your phone permanently.

Here's more.

In context

Malicious cryptocurrency miner hits 60 million+ Android users
Exact names of malicious websites not known yet

Details

Exact names of malicious websites not known yet

California-based security firm Malwarebytes Labs discovered the campaign and said that the attack is an example of "drive-by mining" where a device is exploited to mine cryptocurrency only for a short period of time.

Malwarebytes, however, couldn't pinpoint the exact sites through which attacks are being carried out but, judging by the number of affected users, some of them must be popular.

Infected free apps could also be contributing to spreading infection

Malwarebytes' blog post about the scheme revealed that by targeting mobile users, the attackers have a great advantage since most mobile users don't use anti-virus suites. Apart from shady websites, the post said infected free apps in the Android ecosystem could also be contributors.

Love Tech news?

Stay updated with the latest happenings.

Notify Me

Risk

What risk your phone faces from the cryptocurrency-miner

The attack might seem relatively harmless since it exploits your phone for a short while and leaves no traces.

However, cryptocurrency mining is a very heavy-duty operation even for gaming computers. For an Android phone, it might be a death sentence.

Monero mining uses a 100% of CPU capacity indefinitely, which might cause the phone's chips to melt due to overheating in extreme cases.

Not possible to avoid the attack without an anti-virus suite

Prevention

Not possible to avoid the attack without an anti-virus suite

The malvertising is likely to be on shady pop-up websites or adverts, and the best way to protect yourself from it is to install an anti-virus suite on your phone.

Malwarebytes recommends its own app, but others like Norton, Avast etc. also work.

An anti-virus suite apart, however, it's not quite possible to "avoid" the attack, owing to the insidious nature of malvertising.

Ask NewsBytes
User Image

I have Samsung J5. And it has its own security manager which cleans unnecessary data and detects malware. Will it protect my phone from this malware?

Asked on 15-02-2018 by Anonymous

Answered by NewsBytes

The best way to protect yourself from this malvertising is to have any anti-virus suite on your phone. Since your Samsung J5 already has in-built security manager, in all likelihood, it would protect you from this cryptocurrency malvertising.

loading information

Which antivirus app is better: 360 security, Clean Master, Hi Security, Norton or Avast? I already have 360, Clean Master and Hi on my phone for a long time.

Asked on 15-02-2018 by Anonymous

Answered by NewsBytes

There are several anti-virus apps available on Play Store, and since they work on the same principle of identifying threats, it is difficult to judge which app works best. However, AV-Test, an independent security institute, compiles a list of best anti-virus apps every few months. According to the latest list, Avast tops in terms of protection. You can view the complete list here.

loading information

More questions

Next Timeline