Google’s Android OS is undoubtedly the most widely used mobile operating system but unfortunately it is not as secure as it should be. Although, earlier reports have already proven Android to be more vulnerable to malware as compared to Windows and iOS but the new study conducted by Malwarebytes has revealed yet another worrying factor for Android users.
The cyptojacking has become the new kind of threat since the cryptos have gone mainstream with the rise of cryptocurrency trading. Even official websites of government institutions have been found involved in crypto mining.
According to details, a popular anti-malware firm Malwarebytes revealed in a recent study that a “drive-by” crypto-mining campaign has redirected millions of Android users to a website that hijacked their phone processors for mining Monero (XMR) cryptocurrency.
Although, the exact number of infected devices is yet not known but the victims are mainly infected by malicious ads displaying on Android apps apparently driving people to the infected pages. The site would claim that you were showing “suspicious” web activity and tell you that it was mining until you entered a CAPTCHA code to make it stop.
The study further reveals that Malwarebytes found several more domains using the same CAPTCHA code, apparently mining cryptocurrency using CPU of victim’s Android device. The first domain was registered in November 2017 while the latest of the five suspicious domains found so far was registered in late January 2018.
Malwarebytes estimated that combined traffic of the five domains identified so far equals to about 800,000 visits per day, with an average time of four minutes spent on the mining page.
The firm advises users to run the same security tools they have on their PC on their mobile devices, because cryptojacking is not only a nuisance but can also cause permanent damage to their Android device.