Your Android phone is being targeted for crypto-mining

March 15, 2018

Young businessman using a smartphone with smile on his face

Last year, cybercrime cost the global economy $600 billion. In the US, $11 billion was lost to intellectual property theft, almost $800 million was paid in ransom, and $1 billion was spent in cybersecurity insurance. All those numbers are up from the year before. So in spite of our vigilance, cybercrime is getting worse, not better.


The latest fad: hijacking cellphones for crypto-mining.


Cryptocurrency, like Bitcoin, is virtual currency that is designed to work as a secure form of exchange. Crypto-mining is, according to Investopedia, “the process by which transactions are verified and added to the public ledger, known as the blockchain, and also the means through which new currencies such as Bitcoin and Ethereum are released.”


Crypto-mining requires internet access, as well as specialized programs and hardware. It’s expensive, costing as much as $5000, so it’s no surprise that criminals are using malware to obtain it. McAfee reports that the ADB Miner malware “is spreading and targeting thousands of Android devices for the primary purpose of mining cryptocurrency” in China. The malware opens port 5555 on the publicly accessible Android Debug Bridge, causing the infected device to look for other devices with the same vulnerability to “spread the malware and leverage other Android-based smartphones, tablets, and televisions for crypto-mining” McAfee reports.


Why Android? Hackers know how to manipulate vulnerabilities in Google Play. To make matters worse, Google’s app store does not have consistent or centralized reporting, meaning that Android users are not notified that they have downloaded a malicious app. Over 4,000 apps were removed last year due to malware suspicions, without users being notified. Thanks to this, Google Play has the highest amount of malicious crypto apps with 272 available for download.


Here’s how to protect your Android phone from crypto-mining malware:

  • Download your apps from a legitimate source. In spite of Google Play’s flaws, it does have security measures in place, and it’s still much safer than downloading from an unknown source.
  • Delete old apps. “An app’s security can change over time,” according to McAfee “applications that were once supported by an app store can be flagged as malicious and removed from the platform without notification. If an app is no longer supported in the app store, you should delete it immediately.” In short: if you haven’t used it in the past six months, lose it.
  • Keep all software up to date. This is one of the best defenses against viruses and malware. Having the latest versions ensures that any known bugs or exploits will have been patched.
  • Invest in comprehensive mobile security software. Trend Micro Mobile Security & Antivirus and Sophos Mobile Security are the two best options.


For help in keeping you and your facility safe from cybercrime, contact Vanguard Resources.