The Android operating system and its apps are usually more exposed to security problems and the presence of malware of all kinds. With the arrival of the cryptocurrencies, this was the new focus to explore the users.
A new campaign was recently detected and was obliging the mining of these crypto-coins.
This new campaign is equal to many others that have been known in the past and have affected Android smartphones. By routing users to dedicated sites, they are making a profit for attackers, either through the display of advertising or, as in this case, by offering a processor to mine crypto-coins.
In this case, Android users were even alerted to a supposed high processing problem and should put a captcha code in order for the situation to be resolved.
While this process was going on, in incognito, they were mining virtual currency for the attackers. It was only a few minutes, but it surrendered to those who set up this scheme.
Millions of android devices Hacked
This form of attack was included and disguised in several apps, which directed users to these sites dedicated to mining, discreetly and without them realizing that they were being used.
The number of victims is not known but is high. We have identified at least 5 domains using the same captcha and the same keys as the Coinhive site. At least 2 of these sites had more than 30 million hits per month and the 5 combined domains had about 800,000 visits per day, with an average of 4 minutes per visit.
As with the browser version of this type of attack, the sum of many users makes it profitable for attackers. It is only a few minutes that, accumulated, can revert significantly to who is managing the attack.