A malware that allows mining of cryptocurrencies using Android phones has been discovered and the number of phones affected can be as high as 60 million. This number has been quoted from the visits to the malicious domains for mining of cryptocurrencies. There are 5 such websites overall and it is reported that around 800,000 visits are recorded in these sites every day in total. The blog reporting these details claims that this has been going on for over 3 months now.
There are possibly only two explanations for such a large-scale hacking of mobile phones; one is the increasing access of the internet via the handheld devices as opposed to the traditional systems; and the other is that most mobile users may not care to install any anti-malware programs, which can block or warn of such malware, in their devices. The hackers take full advantage of these factors. Another observation in the blog is that the vehicles used by the hackers are the free apps on the Android Play Store. Incidentally, Google has acknowledged the issue and has reported that the offending apps have since been removed.
It has been revealed that these domain issue a common CAPTCHA code for verifying the visitors and the mining operation has been spreading and expanding over the past months ever since it started. Cryptocurrencies are seen as a new avenue to make money as far as the cyber criminals are concerned.
“The threat landscape has changed dramatically over the past few months, with many actors jumping on the cryptocurrency bandwagon. Malware-based miners, as well as their web-based counterparts, are booming and offering online criminals new revenue sources,” the researchers said in the blog.
The best way the mobile users can protect themselves from being exploited in any manner is to download and install the best anti-malware they can find.