Posted on Tuesday, October 31 2017 @ 11:15 CET by Thomas De MaesschalckIt's highly controversial and unfortunately it's now also abused by hackers to make an extra buck. First up, security firm Trend Micro made public that they've found several apps in the Google Play store that come with cryptocurrency mining capabilities. This makes smartphones run more slowly, and can cause them to overheat:
The efficacy of mobile devices to actually produce cryptocurrency in any meaningful amount is still doubtful. However, the effects on users of affected devices are clear: increased device wear and tear, reduced battery life, comparably slower performance.Similarly, ARS Technica reports more and more websites are now serving crypto mining scripts. This is not always intentional as in many cases the script got injected by hackers:
Recently, we found that apps with malicious cryptocurrency mining capabilities on Google Play. These apps used dynamic JavaScript loading and native code injection to avoid detection. We detect these apps as ANDROIDOS_JSMINER and ANDROIDOS_CPUMINER.
Earlier this month, political fact-checking site Politifact.com was found hosting Coinhive scripts in a way that exhausted 100 percent of visitors computing resources. A PolitiFact official told Ars the incident occurred when "an unidentified hacker attached a crypto mining script to the PolitiFact code base being stored on a cloud-based server." The code has since been removed and was active only when people had a politifact.com window open in their browser.Popular overclocking website HWBOT suffered the same fate last weekend as the site's forum got hacked and injected with a cryptocurrency miner.
AdGuard recently stated they found crypto mining scripts on 220 of the Alexa top 100,000 list of most visited websites. So far it's still limited but it's likely to spread.
