While the associated domains display information relating to a standard technical support scam when viewed on Internet Explorer or Chrome, the Monero mining attack is presented through a series of redirects when "Android" is present in the browser user-agent, according to the MalwareBytes blog.
Cryptojacking may not appear to be the most malicious of attacks but it can lead to device slowdown and having a processor running at full whack all the time is a good way to knacker it out. Thus, each of you can become a victim of fraud, so not worth the extra time to pass a captcha - it is better to visit another resource with similar themes. According to Malwarebytes researchers, the campaign first spotted in January seems to have begun in November 2017. The website directly laid out that it was using the infected device to mine cryptocurrency, and would only stop when the user entered a valid CAPTCHA code.
In our previous research on drive-by mining, we defined this technique as automated, without user consent, and mostly silent (apart from the noise coming out of the victim's computer fan when their CPU is clocked at 100 percent). But even though the combined domains had around 80,000 visitors per day and at least two of them had over 30 million visits per month, the company thinks the campaign isn't making a huge amount of money-at least not yet.More news: After a Twitter Storm, The Times and a New Hire Part Ways
Once the code is entered, the user will be redirected to their browser home page. While some people may be redirected through regular browsing via malvertising, it's thought that infected apps with malicious ad modules are the main culprit.
Malwarebytes recommends users to make use of web filters and antivirus software to keep their device intact from such vulnerabilities. This is the part of the cybercrime that has been going on since November previous year. "This is unfortunately common in the Android ecosystem, especially with so-called "free" apps".
Malwarebytes identified five domains using the same captcha code and Coinhive site keys used for the campaign. It takes a ton of processing power to mine a cryptocurrency or make a transaction. Users who are redirected to the site, sometimes through a pop-under, stay on the mining page for four minutes on average.More news: Saakashvili wants to settle in the Netherlands
"It is hard to determine how much Monero currency this operation is now yielding without knowing how many other domains (and therefore total traffic) are out there". As per the security researchers, over the past few months, the hackers have been clandestinely mining Monero coins on the hijacked smartphones without the knowledge of the users.
The threat landscape has changed dramatically over the past few months, with many actors jumping on the cryptocurrency bandwagon. "Malware-based miners, as well as their web-based counterparts, are booming and offering online criminals new revenue sources".More news: Comm Games boss owns up to ticket fiasco