New Monero Crypto Mining Botnet Leverages Android Debugging Tool

Your Feed is from https://www.safeharboroncyber.com/Blog/
CyberWisdom Safe Harbor Commentary on Mining Botnet:
What is most likely to be an overlooked story from threatpost.com analyzes a surprising
According to researchers at Qihoo 360 Network, a new botnet distributes malware to mine Monero cryptocurrencies and infect Android devices through ports linked to operating system debugging tools.
Botnets, called 360B.Net by 360 Netlab, are entering Android devices via port 5555 associated with the Android Debug Bridge – primarily smartphones and TV boxes – a command-line tool for debugging, installing applications, and other purposes.
The ADB usually communicates with the device over USB, but depending on the Android document it may also be set up using wifi. The botnet spread in a “worm” fashion, looking for open 5555 ports on other devices, most of which 360 Netlab researcher Wang Hui said in a blog post.
It is noteworthy that it uses some of the port scan code in the Mirai Botnet which is the first time the Mirai code has been used to target Android devices. Mirai appeared in August 2016 and has historically been used to attack Linux devices.
Most of the Android devices targeted by ADB.Miner is located in China and South Korea, but 360 Netlab has not identified any of them yet.
“In general, we think there is a new worm that targets the adb debug interface for the android system, which may have infected more than 5,000 devices in 24 hours. In fact, according to 360 Netlab’s own scan data, 5555 Port scanning traffic has entered the top 10.
The botnet is distributing malicious code and is digging for Moro coins, but so far no fees have been paid.
Increasingly, cybercriminals are turning to cryptocurrency mining through botnets, while Monetar is a favored target. According to Proofpoint, people behind the massive Smominru botnet have generated up to $ 3.6 million in revenue from more than 500,000 infected machines since May.
Encrypting mined botnets offers significant advantages over other types of attacks such as ransomware, as they do not necessarily require social engineering, and their nature also means that they run sneaky and do not steal anything from the victim. In fact, encrypting miners could be a “new option” for cybercriminals, researchers at Cisco Talos said recently.
Read more…
The botnet uses port scanning code from Mirai, a first for Android-related attacks, according to researchers. Engaging post, Read More…
thumbnail courtesy of threatpost.com
If you like to receive more of these curated safe harbor news alerts then subscribe to my mailing list. and come back soon at https://www.safeharboroncyber.com/Blog/ to read further CyberWisdom Safe Harbor Commentaries. Home » Curated SafeHarboronCyber’s CyberWisdom Post
The post New Monero Crypto Mining Botnet Leverages Android Debugging Tool appeared first on Safe Harbor on Cyber.