Qihoo 360 researchers discovered a new botnet ADB.miner. It attacks Android and mines Monero using infected devices. The number of infected devices has already reached almost 7.4 thousand, Bleeping Computer reports.
The first botnet attacks occurred on Saturday, February 3. According to experts, ADB.miner uses the components of the code of the Mirai botnet, which attacked large websites in 2016. Botnet looks for open debug ports, in particular port 5555, which provides access to key functions of the Android system. Penetrating the device, the malicious program forces it to mine the Monero cryptocurrency.
40% of the victims of ADB.miner are in China and 30% in South Korea.
The number of scan [sources] has doubled every 12 [hours]. We will see how big this botnet gets.
Director, Network Security Research Lab at Qihoo 360
Researchers emphasize, the danger threatens all devices on the Android OS - from smartphones to smart technology.
At the moment of press, ADB.miner generated around $0.04 worth XMR.
It is not the first hidden miner, that mines XMR. Monero attracts hackers due to high anonymity level. In May 2017, researchers at GuardiCore found a BondNet botnet out of 15,000 servers that were used to mine the XMR and bring the operator up to $ 1,000 a day.