Traditionally, Online Advertising platforms were often breached by criminals to push malwares/Trojans, they also delivered Adobe Flash / Java based exploits through hacked websites. However, with the advent of Crypto-Currency, criminals were always attracted due to the anonymity it offered. The meteoric rise in the prices of Crypto-Currencies made it more lucrative for the Crypto-Currency miners and like-wise criminals too started to add mining modules to their Trojans. In the mean-while, Ransomware was very fast gaining prominence and we started observing a flood of malware authors diverting their coding time to write newer versions / variants of ransomwares.
The Monero
However, when a crypto-currency which goes by the name “Monero” started providing Browser / Javascript based mining operations, there was a surge in the malicious mining activity. Criminals started targeting, servers, web-sites and also started exploiting vulnerabilities to gain access to the Processing Power of the CPUs. Due to the simplicity of equation solving in Monero, the developers were able to come up with the javascript / browser based miner, otherwise the complexity of the mining operation requires High-end CPU / GPU
Hackers have also been targeting Online Advertisement platforms, since; the criminals can infect a large percentage of victims with least amount of efforts. Furthermore, browser based mining operations can also be conducted on Smartphones; hence criminals have also been publishing weaponized apps on the android playstore, to take advantage of the millions of Smartphones.
Unlike Desktop / Laptops, users seldom install Antivirus / Security Suite on their Smartphones, which has attracted criminals from all nooks and corners. Furthermore, the crypto-currency mining apps have risen exponentially and are targeting Smart-Phone users like never before.
Crypto-Currency Mining Campaign
Recently, researchers came across a mining operation which resulted in almost 60 million Android users getting affected by Crypto-Currency Miners viz. Monero. As is the case with exploit-kits, new domains are registered and servers are procured which host the mining script, while compromised-websites would inadvertently load the mining scripts from these servers and start their operations, the victim in this case would be battling the CAPTCHA which is being presented to them.
Crypto-Currency as Distributed Computing
Crypto-Currency Mining operations are the best example of distributed computing and we may consider mining of crypto-currency to be the single largest application utilizing the full potential of CPUs. As long as Smart-Phones are not protected by a capable Web-Filtering, App Blocking and Malicious App Scanning Antivirus, these attacks are bound to rise. Coupled with the fact that the process for vetting an app on the Playstore is a lengthy process and code checking not as stringent as iOS, Android Smartphones users would invariably be affected by these threats.
eScan has various products viz. eScan Mobile Security for Android and eScan Tablet Security for Android, furthermore, an Enterprise / Corporate may choose to implement Enterprise Mobility Management or eScan Corporate 360 to protect their assets from such attacks and gain granular control over them.
