Hackers attack users of mobile devices based on Android again.They use well known XMR mining script Coinhive. This time, to keep users on their page longer, they offer them to solve the captcha.
According to the company Malwarebytes, this scheme scammers have been using active since November last year. Users are being attracked to the malicious website by the ads.
Users are encouraged to enter captcha, which can sometimes be difficult due to the inconvenience of the keyboard of mobile devices. This feature is used by hackers, downloading the processors of their victims for 100% for the Monero mining.
It is noteworthy that the solution of captcha does not give the desired result - users are simply redirected to the Google homepage.
It is difficult to determine how much Monero currency this operation is currently yielding without knowing how many other domains (and therefore total traffic) are out there. Because of the low hash rate and the limited time spent mining, we estimate this scheme is probably only netting a few thousand dollars each month. However, as cryptocurrencies continue to gain value, this amount could easily be multiplied a few times over.
Researchers found 5 domains used in the campaign, each of which hosts the same page with the same captcha. According to their estimates, all five pages on average visit 800,000 users a day, being on them for 4 minutes.