Home Ministry Tech Leaders Cryptojacking — The Real Danger of Smart Phones

Cryptojacking — The Real Danger of Smart Phones

Cryptojacking -- The Real Danger of Smart Phones

Can we talk about cryptojacking? It’s like having that first talk with your teenager about the dangers of smartphone use.

As parents, we all must make the inevitable choice as to when the appropriate age to purchase a cell phone for our kids may be. For me, that was the decision I wrestled with much of the summer. My oldest, now a middle schooler, and a (mostly) dependable kid, was lobbying hard for a phone. At the same time, me — a cyber-tech guy, and a security-skeptical father — couldn’t help but thwart his cause with facts regarding the reality of dangers that cell phones pose. However, in the end, and following a series of solid and heartfelt conversations, we were able to reach a mutual understanding allowing him to be trusted with a phone.

For all of us, owning a phone has inherent physical responsibilities: not losing or forgetting it somewhere, not breaking it or getting it wet, or not exceeding data usage or text restrictions. But in addition to physical maintenance, the latest phones, which now act as our personal computers, also open the floodgates to another level of safety that is not physical but informational if you will: cyber compromises, breaches, and attacks exposing your personal data and confidential information to cybercriminals.

Regarding malicious attacks, not all phones are created equal. Due to Google’s open approach to app sales and a lack of solid-regulation on what can and cannot be developed due to its open source nature, Android-based phones (e.g., Samsung Galaxy) are more highly susceptible to mobile malware and cyber attacks than Apple’s iPhone. In fact, it’s estimated that 98 percent of all mobile malware target the Android OS. But, it is also important to note, (as many Apple loyalists remain in denial), that iOS devices are not completely secure from mobile threats.

The threats posed by mobile malware are many. Mobile malware payloads can include a phone being bombarded with unwanted and often non-kid friendly (suggestive) advertisements; gaining access to your personal email; enabling your phone camera; logging banking and credit card information; tracking and reporting your GPS location; stealing your contacts, numbers, and texts; or locking you out of your device. Honestly, with all the potential nastiness out there, I may need to reconsider the whole allowing a ‘tween his own phone. Some days I wish I weren’t handcuffed to mine!

Earlier this year, I wrote of new emerging malware designed to mine crypto-currency. In these cases, the secret mining of cryptocurrency (a term called cryptojacking) was mainly performed on Windows systems through a means called In-Browser Crypto-jacking. The technique has since cross-platformed on to the Linux side of things as well! More recently, I have seen just as many variations of malware written to perform these same exact attacks on the mobile side of things. Let’s take for example the Monera Malware written for the Android platform. For starters, the Monero-mining app’s icon looks identical to the Google Play Store Update app. When downloaded and permission granted, the app hides itself and starts mining Monero in the background. In addition, prior to performing any activities on the device, the malware will use anti-emulation to bypass detection and automated analysis techniques (i.e., Anti-Virus lab), and if so, it will not perform its malicious duties. The mining process is extremely rough on the device, which will eventually cause the device to fail.

The reason for the increase in mining apps is easy to understand. Until recently ransomware was the preferred method of infection, as the financial return on investment was the greatest. However, with the introduction of cryptojacking, and the idea of using someone else’s system to generate large sums of digital cash, this technique of infection quickly became the ultimate cash cow. What’s more — and by design — ransomware infections are short-lived, while mining malware can reside on a system or device for weeks if not months and go undetected or until the device gives out.

The bottom line is that the amount of mining malware out there is surging, and I don’t expect it to subside anytime soon. These types of mobile malware exploit and make excessive use of a device’s resources. Whether Windows or Mac or on a mobile device, [there] are few signs your device may have gotten compromised by mining malware:

  1. Your device is experiencing unexpected over-heating
  2. Your device battery is continually draining
  3. You notice increased of CPU and RAM Usage
  4. Your system is suffering poor performance
  5. Your device fails