Notebookcheck
, , , , , ,
search relation.
, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
 

ADB.Miner worm turns your Android device into a mining rig

ADB.Miner worm global infection map (Source: 360 Netlab Blog)
ADB.Miner worm global infection map (Source: 360 Netlab Blog)
Although it quickly infected a few thousand devices worldwide, the spread of the cryptocurrency mining malware ADB.Miner seems to be quite limited at this time. However, there is still time for this piece of code to become a serious global threat.
Codrut Nistor,
, , , , , ,
search relation.
, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
 

Most computer viruses used to be fun once. These days, on the other hand, if your Android smartphone gets infected, it can blow up after being pushed to the limit for many hours in a row. Fortunately, most Android malware does not go that far. The recently discovered ADB.Miner can infect a wide range of devices, including smart TVs, and then it can use them to mine cryptocurrency, apparently focusing on Monero (XMR).

According to cybersecurity blog 360 Netlab, an Android worm known as ADB.Miner was detected in its early stage, but the researchers discovered that the number of infections doubled about every 12 hours. However, the good news is that the spread of the infection has stabilized in about two days, so the count of infected IP addresses peaked at 7,000 and did not go above that value. Even more, although all infected devices are based on Android, many of them are TV boxes, so the threat to handsets is probably quite low.

ADB.Miner mainly infected devices located in Asia. As revealed by the source mentioned above, 39 percent of the victims are located in China (including Hong Kong and Taiwan) and 39 percent are from South Korea.

The sample analysis revealed that the core functions of this threat are worm propagations through ADB commands via the TCP 5555 interface, then XMR token mining. This worm has no command/control server, gaining all crypto income through a single wallet address.

In the end, this new worm is still far from infecting millions of devices as it happened with the Mirai botnet whose code can be found in ADB.Miner's scanning module. Nevertheless, we advise all our readers to secure their IoT devices, home networks, and Android devices. Some might still consider that running an antivirus on a mobile phone is a bit paranoid, but it's always better to be safe than sorry.

Source(s)

static version load dynamic
Loading Comments
Comment on this article
, , , , , ,
search relation.
, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
 
Codrut Nistor
Codrut Nistor - Senior Tech Writer - 5436 articles published on Notebookcheck since 2013
In my early school days, I hated writing and having to make up stories. A decade later, I started to enjoy it. Since then, I published a few offline articles and then I moved to the online space, where I contributed to major websites that are still present online as of 2021 such as Softpedia, Brothersoft, Download3000, but I also wrote for multiple blogs that have disappeared over the years. I've been riding with the Notebookcheck crew since 2013 and I am not planning to leave it anytime soon. In love with good mechanical keyboards, vinyl and tape sound, but also smartphones, streaming services, and digital art.
Please share our article, every link counts!
> Notebook / Laptop Reviews and News > News > News Archive > Newsarchive 2018 02 > ADB.Miner worm turns your Android device into a mining rig
Codrut Nistor, 2018-02- 7 (Update: 2018-02- 7)