Since Cryptocurrency has become one of the most trending subject of the internet world, fraud activities related to it has also started evolving. We’ve seen so many reports about the secret crypto mining viruses and malwares. Now, a new report claims that a new cryptocurrency malware is in the market. This new malware affects global Android devices including smartphones, tablets, TVs and more. The malware is named as ADB.Miner. Wang Hui, a researcher from the security firm 360NetLab discovered this malware first.
As per the reports, almost 7000 devices are infected so far and most of them are in South Korea and China. This malware uses the port 5555, which is being used by ADB tool to diagnose purposes of the devices. After infecting a device with an open port 5555, the malware will then replicate itself and spread to other Android devices that also have an open port. It has a doubling capacity at each 12hrs interval. So the malware is spreading rapdily. The droidbot code, according to Wang Hui, executes an ADB command that replicates the malware.
As even being the most used smartphone operating system ever, the Android is at the stake of virus and malware infection due to its open source nature. A lot of trojans and virus have been detected on Android devices so far, and even many RATs (Remote Access Tools) are there affecting thousands of smartphones a day. This sample is a apk file running in the Android environment. Its core function is using webview to load a local HTML page, which contains coinhive script to dig XMR tokens, as shown in the following two figures: