ADB.miner Infected 7400 Android Devices

New hidden XMR miner uses the components of the code of the Mirai botnet
06 February 2018   2283

Qihoo 360 researchers discovered a new botnet ADB.miner. It attacks Android and mines Monero using infected devices. The number of infected devices has already reached almost 7.4 thousand, Bleeping Computer reports.

The first botnet attacks occurred on Saturday, February 3. According to experts, ADB.miner uses the components of the code of the Mirai botnet, which attacked large websites in 2016. Botnet looks for open debug ports, in particular port 5555, which provides access to key functions of the Android system. Penetrating the device, the malicious program forces it to mine the Monero cryptocurrency.

Port 5555
Port 5555

40% of the victims of ADB.miner are in China and 30% in South Korea.

The number of scan [sources] has doubled every 12 [hours]. We will see how big this botnet gets.
 

Yiming Gong

Director, Network Security Research Lab at Qihoo 360

Researchers emphasize, the danger threatens all devices on the Android OS - from smartphones to smart technology.

At the moment of press, ADB.miner generated around $0.04 worth XMR.

ADB.miner Founds
ADB.miner Founds

It is not the first hidden miner, that mines XMR. Monero attracts hackers due to high anonymity level. In May 2017, researchers at GuardiCore found a BondNet botnet out of 15,000 servers that were used to mine the XMR and bring the operator up to $ 1,000 a day. 

Billionare's Wife Kidnappers to Demand €9M Worth XMR

Anna-Elizabeth Falkievik Hagen was allegedly abducted from her home, although the law enforcement agencies found no sign of hacking
10 January 2019   422

In late October, the wife of one of the wealthiest entrepreneurs in Norway, Tom Hagen, was kidnapped. The kidnappers are demanding a ransom of € 9 million in Monero, according to Norway Today.

Anna-Elizabeth Falkievik Hagen, 68, was allegedly abducted from her home, although the law enforcement agencies found no sign of hacking. A note with a ransom request was also found there.

Note that Interpol and Europol are involved in the investigation of the case of Falkievik, and the fact of the abduction was kept secret for a long time for security reasons.

Today, January 9, the police confirmed that Falkievik was abducted, and communication with the criminals takes place exclusively through some kind of "electronic platform". In addition, in December, the kidnappers could not provide evidence that she was still alive.

Probably the Falkievik case is the first time in Norway when a ransom is demanded in a cryptocurrency equivalent. Nevertheless, the police recommended that the criminals be denied their claims.

Tom Hagen is the founder of Elkraft AS, a power supply company. His fortune is estimated at 1.7 billion NOK (€ 170 million).

Earlier, employees of the local prosecutor’s office in Kiev and the National Police of Ukraine detained two suspects accused of stealing a miner in March of this year and stealing $ 50,000.

Now they face up to 15 years of imprisonment for robbery committed by a group of individuals in a preliminary conspiracy, infiltration and theft in a particularly large scale.