Malwarebytes first discovered the malware when investigating a separate campaign late last month. Specifically, the team was testing a malvertising chain on Windows and Chrome that would lead to tech support scams, but when they tested the same chain on Android, they were “redirected via a series of hops to that cryptomining page.”
The page in question features a warning message and a CAPTCHA code. Until the user enters the code, the website will proceed to mine Monero cryptocurrency (XMR) at full speed. Malwarebytes found several identical domains, all of which use the same CAPTCHA code. The first was registered in November 2017, while the latest of the five domains they found (of which there may be many more) was registered less than a month ago.
Malwarebytes estimates that the five domains it identified attain around 800,000 visits per day, with visitors spending an average of four minutes on the site. It’s impossible to determine how much money this nets the crypto-miners, but the team estimates that they are only taking in a few thousand dollars a month. And yet, as Malwarebytes notes, the unpredictable fluctuation of cryptocurrencies means that the profit could increase exponentially overnight. – READ MORE
[give_form id=”79809″] [divider][/divider]Up until today, I had no idea what the Federal Nuclear Centre in Sarov was, or that it happens to be the secret factory in Russia that made the first nuclear bomb of the USSR. But I know that now because some of the engineers working there were arrested after they tried to use the facility’s supercomputer to mine Bitcoin.
These geniuses — and they must be brilliant people to work at this particular Russian nuclear facility, which employs some 20,000 people — thought they could connect a supercomputer capable of performing 1,000 trillion calculations per second to the internet to mine Bitcoin. That’s what led to their capture. Apparently, the computer can’t be connected to the internet, which is a measure intended to prevent attacks from the outside.
“There has been an unsanctioned attempt to use computer facilities for private purposes including so-called mining,” the centre’s press service said, according to BBC. – READ MORE
[contentcards url=”http://bgr.com/2018/02/13/android-malware-mining-cryptocurrency-monero-xmr/” target=”_blank”]