A new cryptocurrency-mining botnet has been detected exploiting Android Debug Bridge ports, a system designed to resolve app defects installed on a majority of Android phones and tablets.
The attack takes advantage of the way open ADB ports don't require authentication by default, and once installed is designed to spread to any system that has previously shared an SSH connection.
"Being a known device means the two systems can communicate with each other without any further authentication after the initial key exchange, each system considers the other as safe," the researchers say.
"The presence of a spreading mechanism may mean that this malware can abuse the widely used process of making SSH connections."
Tmp files often have default permission to execute commands.
Once the bot determines its entered a honeypot, it uses the wget command to download the payload of three different miners, and curl if wget is not present in the infected system.
The malware determines which miner is best suited to exploit the victim depending on the system's manufacturer, architecture, processor type, and hardware.
If miners are already found using the system the botnet attempts to invalidate their URL and kill them by changing the host code.
Outlaw, was spotted in the past weeks spreading another Monero mining variant across China through brute-force attacks against servers.
At the time researchers hadn't determined whether the botnet had begun mining operations, but found an Android APK in the script, indicating Android devices may be targeted.
TrendMicro Detects Crypto-Mining Malware Affecting Android Devices
gepubliceerd op Jun 23, 2019
by Coindesk | gepubliceerd op Coinage
Coinage
Recent nieuws
Alles zien
Blockchain Bites: Bitcoin's Run, Uniswap's Hemorrhaging Value, Anchorage's Banking Bid
Bitcoin is nearing all-time highs in price and market cap last set three years ago.
Japan's megabanks to lead experiment with digital yen
We have, in order, Cheese Bank with a $3.3 million theft, Akropolis with its $2 million loss, Value DeFi with a whopping $6 million exploit and finally Origin Protocol's loss of $7 million.
Number of new Bitcoin addresses spikes amid growing FOMO
Japan's three largest banks, as part of a group of 30 private sector actors, are set to collaborate on an experiment with a digital yen.
Not just Wall Street: Quant trader explains why Bitcoin price is going up
Sam Trabucco, a quantitative trader at Alameda Research, believes four general factors are pushing up the price of Bitcoin.