Android Devices Targeted by New Monero-Mining Botnet

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Android-Droid-Logo.png


A new botnet appeared over the weekend, and it's targeting Android devices by scanning for open debug ports so it can infect victims with malware that mines the Monero cryptocurrency.

The botnet came to life on Saturday, February 3, and is targeting port 5555, which on devices running the Android OS is the port used by the operating system's native Android Debug Bridge (ADB), a debugging interface that grants access to some of the operating system's most sensitive features.

Only devices running the Android OS have been infected until now, such as smartphones, smart TVs, and TV top boxes, according to security researchers from Qihoo 360's Network Security Research Lab [Netlab] division, the ones who discovered the botnet, which the named ADB.miner.

Botnet appears to have infected around 7,400 devices

The botnet has been extremely aggressive and has grown each day, exhibiting a worm-like behavior, with infected devices scanning the Internet for other victims.


"The number of scan [sources] has doubled every 12 [hours]," said Yiming Gong, Director of the Network Security Research Lab at Qihoo 360. "We will see how big this botnet gets."

Currently, Netlab has detected ADB.miner scans coming from nearly 7,400 unique IP addresses, based on public data collected by Netlab's Scanmon system.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top