Cryptocurrency mining hijack on user’s PC recently has increased on a dramatic scale But seems even smartphone users are vulnerable to cryptocurrency mining hijacks as their PC counterparts. Malwarebytes in a blog post explains in detail how a Drive-by crypto mining campaign targets millions of Android users. Here he says that though the exact trigger wasn’t clear, the researchers believed that visitors were guided towards the pages via the infected apps with malicious ads.
The site would clearly mention “Your device is showing suspicious surfing behavior. Please prove that you are human by solving the captcha.”As in the image above, until the code (w3FaSO5R) is entered and you press the Continue button, Monero currency will continue to mine on your phone or tablet at full speed, using maximum power of the device’s processor.
Though the exact numbers of the victims are unclear, Malwarebytes reported five internet domains using the same captcha code and Coinhive site keys used for the campaign. Reports suggest at least two of the sites contributed to over 30 million visits per month and the combined domain has over 8,00,000 visits per day. On an average, the users spent 4 minutes of time on the page, but that has amounted to a lot of mining time.
Further, in the blog, Malwarebytes recommends Android users to use web filters and security software to protect themselves from these hijacks. We also suggest as a tumb rule stick with Google Play for app download as it proves to be more secure. With the souring cryptocurrency prices, it is doubtful that mining ploys like this will go away anytime soon. There will always be an incentive for someone hoping to make a few coins at your expense.