Experts Weigh In On New Cryptocurrency-Mining Botnet

Experts Weigh In On New Cryptocurrency Mining Botnet

A new cryptocurrency-mining botnet could severely affect unprotected Android users. Experts say while the unprotected devices are mostly phones in Asia, these issues are becoming a big problem for technology security.

  • By Kaitlyn DeHaven
  • Jun 26, 2019

There is a new cryptocurrency-mining botnet that arrives via open ADB (android Debug Bridge) ports and can spread via SSH, according to Trend Micro.

Android-based devices are susceptible to the malware due to the use of ADB. The attack exploits open ADB ports, and can spread from the infected host to any system that has had a previous SSH connection with the host. This exploitation is similar to the Satori botnet.

According to ZDNet, many Android devices have the ADB developer function and command-line tool disabled by default, but some devices do ship with the feature enabled. If it’s enabled, the device is susceptible to the attack.

Mounir Hahad, head of Juniper Threat Labs at Juniper Networks, said that most of the vulnerable devices exist in Asia, and not all of them are phones.

“The number of publicly vulnerable devices has declined from about 40,000 devices one year ago to about 30,000 devices today,” Hahad said. “Most of the remaining vulnerable devices are located in Korea, Taiwan, Hong Kong and China. It should be noted that some of the vulnerable devices are set top boxes used for IPTV, not mobile phones. It is our speculation that most of the phones are, or become, vulnerable, due to enabling the Android Debug Bridge during device rooting, a process which allows a locked down device to move freely between service providers.”

Sam Bakken, senior product marketing manager of OneSpan, said Androids are difficult devices to secure, making this bot an even bigger issue for companies.

“It can really be hard for the general Android user to keep their device secure. They are beholden to their carriers or device manufacturers in most cases. Even if they wanted to harden their device with security updates or more secure configurations they simply can’t,” Bakken said. “Security is becoming a more important criterion in consumer decisions about which devices and apps they will and will not use. Savvy organizations are responding, building security into their mobile apps with technologies such as app shielding and other in-app protections.”

About the Author

Kaitlyn DeHaven is the Associate Content Editor for the Infrastructure Solutions Group at 1105 Media.

Featured

  • Maximizing Your Security Budget This Year

    7 Ways You Can Secure a High-Traffic Commercial Security Gate  

    Your commercial security gate is one of your most powerful tools to keep thieves off your property. Without a security gate, your commercial perimeter security plan is all for nothing. Read Now

  • Surveillance Cameras Provide Peace of Mind for New Florida Homeowners

    Managing a large estate is never easy. Tack on 2 acres of property and keeping track of the comings and goings of family and visitors becomes nearly impossible. Needless to say, the new owner of a $10 million spec home in Florida was eager for a simple way to monitor and manage his 15,000-square-foot residence, 2,800-square-foot clubhouse and expansive outdoor areas. Read Now

  • Survey: 72% of CISOs Are Concerned Generative AI Solutions Could Result In Security Breach

    Metomic recently released its “2024 CISO Survey: Insights from the Security Leaders Keeping Critical Business Data Safe.” Metomic surveyed more than 400 Chief Information Security Officers (CISOs) from the U.S. and UK to gain deeper insights on the state of data security. The report includes survey findings on various cybersecurity issues, including security leaders’ top priorities and challenges, SaaS app usage across their organization, and biggest concerns with implementing generative AI solutions. Read Now

  • New Research Shows a Continuing Increase in Ransomware Victims

    GuidePoint Security recently announced the release of GuidePoint Research and Intelligence Team’s (GRIT) Q1 2024 Ransomware Report. In addition to revealing a nearly 20% year-over-year increase in the number of ransomware victims, the GRIT Q1 2024 Ransomware Report observes major shifts in the behavioral patterns of ransomware groups following law enforcement activity – including the continued targeting of previously “off-limits” organizations and industries, such as emergency hospitals. Read Now

Most   Popular

Featured Cybersecurity

Webinars

New Products

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis. 3

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation. 3

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions. 3