Discreet cryptocurrency mining is a real threat and as per research, millions of Android users are at risk of getting their devices hijacked for the process without their knowledge. The method involves hackers taking control of your device’s processing capabilities to secretly mine virtual currency called Monero, using forced redirects and Trojanized apps.
Security researchers at Malwarebytes have discovered a new malware that redirects Android users to a website, which hijacks the processor of their smartphone to mine Monero. Users of the infected smartphones are asked to enter a specific CAPTCHA code (w3FaSO5R) to prove they are humans and not robots. Until users enter the CAPTCHA code and press the Continue button, the infected phone or tablet will mine Monero at full speed, maxing out the device’s processor.
According to the researchers, this campaign was first observed in late January but appears to have started even before at least around November last year. In addition to Android users being redirected from regular browsing, researchers also believe that infected apps that contain ad modules are also loading similar chains and leading to cryptomining page.
Several domains using the same CAPTCHA code with different Coinhive site keys have been identified since last year and more are being adding to the list. Some of the domains include recycloped.com, rcyclmnr.com, rcylpd.com, rcyclmnrepv.com, rcyclmnrprd.com, and rcyclmnrhgntry.com. From these domains, it is estimated that the combined traffic equals to about 800,000 visits per day, with an average time of four minutes spent on the mining page. With this duration, it is estimated that hackers are probably netting a few thousand dollars each month. However, given the dynamic valuation of cryptocurrencies, the amount could easily increase.
While it is clear that not only standalone computers but smartphones too are running the risk of potential cryptomining, it is critical you are able to identify if your device is being hijacked. Here’s how you can look for the red flags and take necessary precautions to curb the misuse of your smartphone or tablet.
– Check if your smartphone is slowing down, battery is draining faster than usual, or device is overheating while accessing certain (infected) apps or websites, as this could be an indication of hackers using your device to mine coins in the background.
– Malwarebytes researchers advise users to strictly run the same security tools they have on their PC on their mobile devices. It is a good practice to periodically run anti-virus software on your device to keep malicious activities away.
– It is always wiser to install verified apps from the official Play Store. Apps installed from unverified sources are prone to infection, and may cause long-term damage to your device.
– Web browsers, such as Opera, offer anti-Bitcoin mining feature for mobile browsers. This will ensure you don’t end up on malicious websites in the first place.