As often as we hear stories of regulation and clampdowns, we’re now hearing more of hacks and malware. A new incursion is discovered on an almost weekly basis now as cyber-criminals edge away from ransomware and into cryptocurrency mining malware. The latest detection was made by Chinese security researchers who uncovered an Android-based mining worm.
Thousands of Android devices are currently affected by a malicious piece of malware called ADB.Miner that infects the device and then uses it to mine for the cryptocurrency Monero.
Creating what is known as a botnet, this particular piece of malware targets Android devices (including TV boxes and possibly phone and smart home electronics) using the debugging system as an entry point to access a port called ‘port 5555’. This port is usually closed, but can be accessed using debugging tools, which give the malware its name ‘ADB’ after the Android Debug Bridge system.
Majority of victims in Far East
Netlab has since released another blog post stating that “the daily active infected IP addresses reached the peak at 7,000, and remained stable for last 24 hours”. The vast majority of affected devices are in the Far East, with China and Korea making up 78% of victims.
In the original blog post Netlab didn’t explicitly name any devices that were affected in an effort to not create further safety concerns for vulnerable devices but clarified in the later post that TV boxes were confirmed to be affected with other devices yet to be confirmed.
How to protect your Android gadget from ADB.Miner
To protect your Android-based smartphone, tablet, smart TV and set-top box from ADB.Miner, make sure your gadget’s ADB interface is disabled. All Android gadgets have ADB port 5555 closed anyway. If you haven’t enabled it manually, you need not bother about this botnet.
It’s also a good idea to put your network behind a firewall. Most routers have basic firewalls that will let you disable ports. As usual, beware of installing applications straight off the web and not from the official Google Play Store. Also, look out for surprise app permission requests that might pop out and never grant them!
Make sure you enable Android’s real-time security program, Google Play Protect. It certainly will be a huge help in containing malicious apps before they can cause damage.
Last updated:
0 Comments