A few days ago we spoke about how certain Government websites were injected with a software that would infect PCs and then proceed to use the resources of those PCs for mining Cryptocoins. Well, now it appears that the plot thickens. According to MalwareBytes, a group of hackers has been running a campaign where they infected millions of Android devices.
What did the hackers do?
The group essentially managed to infect a number of popular apps that were then downloaded by unsuspecting android users. When launched, the app would redirect the users to a website. This is where things get really interesting. The website boldly claimed that the user’s device was infected with a software that would mine cryptocurrency, more specifically Monero (XMR) currency.
As you can see from the screenshot above, users had to enter in a CAPTCHA code to prove that they were in fact humans and not bots. Until the CAPTCHA code was entered, your Android smartphone or tablet would be mining Monero using all available processing power that the device has.
According to the research carried out by MalwareBytes, users spent an average of 4 minutes on the malicious website. That may not seem like a lot of time to mine Monero, until the next bit of data. There were over 30 Million visits to the site on a monthly basis. Now that is a staggering amount of Monero being mined at no expense of the hackers.
Staying safe from the Monero attack
Well, for starters, you should only download and install apps from sources that you absolutely trust. The Google Play Store has a number of security protocols that have been put into place to make sure that apps published on it are safe from malware. Apart from that, you can also ensure that your device is protected from unauthorized access by setting up a lock screen either with a PIN code or a pattern. If your device has a fingerprint sensor, you can set that up as well.,
Have you experienced anything of this nature on your smartphone? Leave a comment below.