en
Back to the list

Android devices targeted by crypto mining malware

source-logo  chepicap.com  + 5 more 24 June 2019 10:30, UTC

Crypto mining malware has been detected exploiting Android Debug Bridge (ADB) ports on Android phones, as discovered by Trend Micro in a new report. The botnet malware has spread to 21 different countries, but has the most dominant presence in South Korea.

This malware is affecting so many Android phones due to some phones having the ADB developer function enabled by default, as a means to debug apps. Most Android users do not need access to this function, but depending on the Android phone users have, this function may have never been disabled. On devices where the ADB was not disabled, the botnet takes advantage of the lack of authentication needed to get into the device.

Infiltration into your Android device via this botnet begins with this IP address: 45[.]67[.]14[.]179. Once the address arrives through the ADB it uses a command shell to update the directory and execute demands. Three different miners are then downloaded, and the malware will then decide which miner is best suited to the victim depending on the victims manufacturer, architecture, processor type, and hardware on their Android phone.

The full article of technical details on how Trend Micro found the exploit can be viewed on their website.

chepicap.com

Similar news (5)
Add similar news