New Android Malware Mines Cryptocurrency on Your Phone

New Android Malware Mines Cryptocurrency on Your Phone

The value of cryptocurrency is down right now, but online criminals are still happy to generate coins using your hardware. Usually, this comes in the form of crypto mining plugins running on websites, but there’s a new form of Android malware spreading online that mines coins on your phone. The odds of picking up this particular virus are low, but it’s still a clever bit of coding.

The malware, known as ADB.Miner, was discovered by Chinese IT firm Qihoo 360 Netlab. The researchers report this is a “wormable” piece of malware, which means it’s capable of spreading to new devices over a Wi-Fi network. The “ADB” in the name comes from the method it uses to spread: the Android Debug Bridge. This is a developer tool built into Android that allows communication with a device via a command line interface. In this case, the malware authors turn it against the user.

Every infection with ADB.Miner starts with a bad decision. Someone has to find the infected APK on a shady app store and manually install it. Qihoo 360 Netlab reports this malicious package is hiding in a number of apps that promise either porn or antivirus protection. Instead, you get ADB.Miner. It uses the processing power of your device to mine the Monero cryptocurrency and deposit it in the wallet belonging to the malware distributors. Of course, this causes lag and drains your battery.

ADB.Miner infection rates.
ADB.Miner infection rates.

The next phase is where things get interesting. ADB.Miner uses code from the Mirai IoT malware that hit last year. The malware scans any Wi-Fi network it isn’t connected to in search of vulnerable devices to infect over ADB. However, ADB is disabled by default on all Android devices, and it’s a multi-step process to enable it. The devices also need to have ADB over port 5555 turned on, which requires a separate setup process after enabling ADB. Basically, we’re talking about active developer devices. Still, that’s probably some phones and tablets. By infecting the right target, the malware creators can build a stable of devices churning away to produce cryptocurrency.

Qihoo 360 Netlab reports that the number of infected devices is in the thousands, most of which are in China and South Korea. You’re not likely to run into this malware, but it’s a good idea to avoid installing sketchy APKs anyway. You won’t find this malware floating around on the Google Play Store, so stick to that if at all possible.

Continue reading

Android 12 Could Include Major App Compatibility Improvements
Android 12 Could Include Major App Compatibility Improvements

Google has attempted to centralize chunks of Android over the years, and a major component called ART is set to get this treatment in Android 12. The result could be vastly improved app compatibility, which is sure to make everyone happy.

Qualcomm’s New Snapdragon 888 Will Power Flagship Android Phones in 2021
Qualcomm’s New Snapdragon 888 Will Power Flagship Android Phones in 2021

The 888 comes with a new CPU design, integrated 5G, and a massive GPU boost. It's shaping up to be the most significant update to Qualcomm's flagship system-on-a-chip (SoC) in years.

Samsung Starts Rolling Out Galaxy S20 Android 11 Update on Verizon
Samsung Starts Rolling Out Galaxy S20 Android 11 Update on Verizon

Not only does this include the Googley Android 11 enhancements, but it also has numerous Samsung-specific changes as part of the One UI 3.0 revamp.

It Turns Out Huawei’s HarmonyOS Is Still Just Android
It Turns Out Huawei’s HarmonyOS Is Still Just Android

Following the Commerce Department's actions against the Chinese megafirm, Huawei has been unable to use Google services on its new phones. The company's solution was to develop HarmonyOS, but now that we've gotten our first real look at it, one thing is clear: this is just Android with a skin.