ADB.miner Infected 7400 Android Devices

New hidden XMR miner uses the components of the code of the Mirai botnet
06 February 2018   781

Qihoo 360 researchers discovered a new botnet ADB.miner. It attacks Android and mines Monero using infected devices. The number of infected devices has already reached almost 7.4 thousand, Bleeping Computer reports.

The first botnet attacks occurred on Saturday, February 3. According to experts, ADB.miner uses the components of the code of the Mirai botnet, which attacked large websites in 2016. Botnet looks for open debug ports, in particular port 5555, which provides access to key functions of the Android system. Penetrating the device, the malicious program forces it to mine the Monero cryptocurrency.

Port 5555
Port 5555

40% of the victims of ADB.miner are in China and 30% in South Korea.

The number of scan [sources] has doubled every 12 [hours]. We will see how big this botnet gets.

Yiming Gong

Director, Network Security Research Lab at Qihoo 360

Researchers emphasize, the danger threatens all devices on the Android OS - from smartphones to smart technology.

At the moment of press, ADB.miner generated around $0.04 worth XMR.

ADB.miner Founds
ADB.miner Founds

It is not the first hidden miner, that mines XMR. Monero attracts hackers due to high anonymity level. In May 2017, researchers at GuardiCore found a BondNet botnet out of 15,000 servers that were used to mine the XMR and bring the operator up to $ 1,000 a day. 

Monero to Preserve Its ASIC Resistance

On Sunday,  Monero developers published a development update on PoW change and key reuse  
14 February 2018   122

The development update addressed a recurring question among altcoins that can currently be mined profitably with GPU hardware and how to respond to the threat that a mining rig manufacturer will develop an ASIC miner built to mine Cryptonight.

The Monero developers are going to protect the network’s ASIC resistance by modifying its PoW algorithm at a scheduled hard fork. The hard fork occurs two times per year. The XMR users will not notice these changes. The changes will alter the network’s hashing algorithm that Cryptonight ASIC miners will have to follow every fork.

However, if these scheduled PoW forks will not be enough to disincentivize the development of ASIC miners for Cryptonight, Monero will modify PoW algorithm at a nonscheduled fork in order to prevent any potential threat from ASICs.

According to the development update, this stance will ensure that Monero mining remains relatively democratic and decentralized at least until such time the same can be said of the ASIC mining industry. The developers believe that any transition to an ASIC-dominated network needs to be as egalitarian as possible in order to foster decentralization.

Currently, the ASIC market is dominated by Chinese manufacturer Bitmain. It means that it would be simple for governments to force companies like this to build “kill switches” into the miners or sell rigs to customers who obtain special government licenses. By contrast, GPU miners rely on general-purpose computer chips. It makes regulator’s attempt to force miners to acquire government-issued licenses impossible.

The first PoW adjustment will be implemented at the network’s next hard fork, which is currently scheduled for March.