Malware that infects 5000 Android phones in 24 hours and starts mining virtual currency will be reported

byDeyvi Romero

Virtual currency "Monero(Monero)Mining of "wormThere are reports of the presence of malware like. This malware is thought to have infected more than 5000 units in just 24 hours, centered around Android terminal.

Early Warning: ADB.Miner A Mining Botnet Utilizing Android ADB Is Now Rapidly Spreading
http://blog.netlab.360.com/early-warning-adb-miner-a-mining-botnet-utilizing-android-adb-is-now-rapidly-spreading-en/


In just 24 hours, 5,000 Android devices are conscripted into mining botnet | Ars Technica
https://arstechnica.com/information-technology/2018/02/out-of-nowhere-currency-mining-botnet-infects-5000-android-devices/


According to the contents released by Chinese security company Netlab, malware which newly infects like a worm was confirmed. The diffusion of this malware was confirmed by the system of Netlab at 15 o'clock on 3rd February, 2018 in Greenwich Mean Time, but it is believed that there was an early infection on January 31 as it retroacted.

This malware needs almost no action by the user, Android terminal and Android TV Box once infected with malware are "MiraiThe code is used to scan the network, searching for a device whose port 5555 is open and spreading the infection. The port 5555 is normally closed,Android Debug BridgeDevelopment tools like this are designed to open this port.

Researchers at Netlab conclude that "Malware is very fast movement" as this malware could have infected 5000 terminals in just 24 hours. However, researchers have made some of the information "How to infect" the malware found this time is not disclosed, which is used by other attackers for the vulnerability of Android used by malware It is to prevent it. About 40% of infected terminals are in China and about 30% are in Korea.

Once the device infects the worm it starts mining the virtual currency called Monelo. Although the exact effect of this worm on the device is not disclosed, in December 2017, Android malware that performs mining of Monera has also reported the case that the terminal physically destroyed the terminal.

Fearful multi-functional malware "everything shop" featuring the possibility of physically destroying infected smartphones appeared - GIGAZINE