Skip to content

Is Cryptocurrency “Mining Malware” the New Ransomware?

Your smartphone could be hi-jacked by Bitcoin-seeking cybercrooks

Your smartphone could be hi-jacked by cryptocurrency-seeking cybercrooks.

Since Bitcoin’s high-profile year, the increasing popularity and real-world significance of cryptocurrencies has drawn the attention of cybercriminals and dramatically changed the threat landscape.

Drive-by mining is an automated, silent and platform-agnostic technique that forces visitors to a website to mine for cryptocurrency.

Malware-based miners are providing online criminals new revenue sources through forced crypto-mining on mobile phones and tablets. While far less powerful than a PC, there are billions of smartphones that can easily fall prey to illicit mining via “Trojanized” apps, redirects and pop-unders.

In 2017, Kapersky Lab researchers identified Loapi, a Trojan malware with several (and possibly endless) malicious features owing to its modular architecture, which includes adware module, SMS module, web crawler module, proxy module and notably, Monero miner module. Monero is a newer type of digital currency that’s less resource-intensive than Bitcoin and other cryptocurrencies. The mining module generates new coins by leaching the electricity and hardware of the infected phone. Ironically, the malware creates such heavy workload on the infected device that it heats it up causing serious and permanent damage.

In recent months, a piece of Android malware was discovered carrying a secret and aggressive cryptocurrency miner that can physically damage an infected phone.

Malwarebytes first discovered the malware while the team was testing a malvertising chain on Windows and Chrome that would lead to tech support scams. When they tested the same chain on Android, they were “redirected via a series of hops to that crypto-mining page.”

The page features a warning message and a CAPTCHA code that users need to enter, otherwise, the website will proceed to mine Monero cryptocurrency (XMR) at full speed. Malwarebytes found several identical domains, all of which use the same CAPTCHA code, registered as early as November 2017 — the latest five domains however, were more recent. It’s estimated that the five domains receive around 800,000 visits per day, with visitors spending an average of four minutes on the site. The team puts the ballpark revenue at a few thousand dollars a month but given the volatility of cryptocurrencies, the profit could exponentially grow overnight.

This phenomenon isn’t limited to Android devices, no matter how fanatic Apple defenders are about their phone’s security features. Security firm SentinelOne revealed that a third piece of Mac malware (following OSX.Mami and OSX.CrossRAT) was being spread via hack of the MacUpdate site. The Mac Trojan, OSX.Creative Update, also harnesses CPU power to surreptitiously mine Monero.

Despite the above-mentioned hack of a trusted site, sticking to official websites to download applications still applies as a rule of thumb. Keeping your software up-to-date and using appropriate antivirus software, same way you would safeguard your PC, would greatly reduce the risks of cryptocurrency mining operation attacks on your mobile device.

Related Articles

Related Articles

  • All
  • Easy Prey Podcast
  • General Topics
  • Home Computing
  • IP Addresses
  • Networking
  • Online Privacy
  • Online Safety

Privacy by Design with Nishant Bhajaria

Data privacy has often been an after-thought in software and platform development. Data breaches have increased consumer…

[Read More]

Surviving a Romance Scam with Debby Montgomery Johnson

Many are resigned to stay silent about the pain of being scammed, but today’s guest helps empower…

[Read More]

SIM Swapping. Scammers are taking over our smartphones…and text messages too!

Did you know that through a dirty trick called SIM swapping, a scammer could take over your…

[Read More]

About the Website Redesign

I hope you like the redesign and how we’ve improved the website for you. The IP…

[Read More]
Twitter Hack

Twitter Hack Lessons: Employees Often Help Hackers Succeed.

There was huge hack of Twitter in Summer of 2020. with all kinds of surprises. Here’s what…

[Read More]

A Free VPN is Always Better Than Not Using One

A free VPN (a trustworthy one) may be all that you need for more privacy, more security…

[Read More]