Watch out! There is a Monero worm on the loose. Chinese cybersecurity firm 360 Netlab have reported that a Monero (XMR) worm which harnesses android devices to mine the coin and send it to a single digital wallet, is currently active.
In an updated blog post, 360 Netlab describe what they know so far about the malware, which is currently infecting users mostly in China and South Korea. Presently, we know that the first infection can be traced back to January 31st, and is able to double every 12 hours. However, the infected population seems to be pretty much quarantined at the moment; As of 3PM (presumably CST, though this is not specified) Monday, there have been no new infections from the 7,000 currently observed.
In an earlier report, Netlab confirmed that mobile phones and TV boxes are definitely some of the Android devices infected, though they will not disclose any information about models just yet. This just goes to show that almost any electronic device with processing power could potentially be used to mine cryptocurrency, if only very slowly. Though once enough of them are connected to a network, this speed could rapidly increase.
The final major detail that Netlab know is that the malware enters devices through an open port (essentially a line of communication in the software) that should normally be closed. This port – port 5555 – is typically used by an android debugging program.
Other than that, we’re waiting to hear. If you’re currently looking with some concern at your Android device, don’t be too worried. Even if you do live in China or South Korea where the bug seems to be proliferating, the chance that your device is one of the 7,000 infected are ridiculously slim. According to Statista, there were around 1.4 billion mobile phone subscriptions registered in China alone at the end of 2017. So don’t sweat it.
This is not the first such hack this year. In January, it was discovered that Malware was being hidden inside Youtube ads which would then infect users’ computers. Similarly, it would then leech off of the system’s processing power to begin mining cryptocurrency. Interestingly, the method can also be used for good. Children’s charity UNICEF are currently engaged in a campaign in which gamers can volunteer to lend their graphics card power to mine ethereum (ETH) when not in use. UNICEF will then take the money and use it to help children in the Syrian war.
Who knows what other malicious software will grow from the cryptocurrency boom?
Featured image: Bitcoin Magazine