Malwarebytes researchers have discovered that crypto mining hackers are nowadays targeting Android devices for Monero Cryptocurrency by inducing a mining script into the advertising modules of free mobile apps. It is said that the hackers have managed to earn $40K worth of Monero currency so far through their crypto mining campaign, which also gave a boost to their plans of launching more such attacks
As per the Malwarebytes blog, the issue was discovered by security researcher Jerome Segura, who was carrying out a research on EITEST malware family. He found that the Monero mining attack is being presented via a series of redirects when Android is present in the browser user-agent.
What’s unusual in this whole activity is that as soon as an Android device falls prey to the said malware attack, it displays a warning to the user that his/her device is showing suspicious surfing behavior and then will start mining cryptocurrency with the help of the processor power of the smart device. Means, it issues a warning before making the mining attack campaign operational.
Currently, the Malwarebytes researchers estimate that the attack is generating only a few thousands of dollars worth of Monero per month. But it could yield more as soon as the Cryptomining attack campaign gets wider.
As of now, only Opera web browsers have blocked the mining scripts from running. Chrome and Firefox are yet to release an update on this issue.
And as this attack is being circulated through the web, Google’s ploy to ban offending APKs from the Play Store using code audits can do very little in eradicating or eliminating such crypto mining attacks.