Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Hidden threat: Cybercriminals conceal miners in football and VPN applications
#1
https://usa.kaspersky.com/about/press-re...den-threat        
April 4, 2018
Hidden threat: Cybercriminals conceal miners in football and VPN applications
Kaspersky Lab researchers have discovered that an increasing number of cybercriminals are turning their attention to malicious software that is mining cryptocurrencies at the expense of users’ mobile devices.

Woburn, MA – April 4, 2018 – Kaspersky Lab researchers have discovered that an increasing number of cybercriminals are turning their attention to malicious software that is mining cryptocurrencies at the expense of users’ mobile devices. These criminals are getting greedier and now use not only malware, but also risk tools, hiding mining capacities in popular football and VPN applications to profit from hundreds of thousands of victims without their knowledge.

The hot topic of cryptocurrency mining could not be ignored by cybercriminals, as they seek to increase their profits. They are mining on computers, servers, laptops and mobile devices; however, it is not only mining malware that they use. Kaspersky Lab experts found evidence showing that criminals are adding mining capacities into legitimate applications and spreading them under the guise of football broadcasting and VPN applications, with Brazil and Ukraine as the main victims.

According to Kaspersky Lab data, the most popular “legitimate miners” are football-related applications. Their main function is to broadcast football videos while discreetly mining cryptocurrencies. For this, developers used the Coinhive JavaScript miner. When users launch the broadcast, the application opens an HTML file with the JavaScript miner embedded, converting visitors’ CPU power to the Monero cryptocurrency for its author’s benefit. The applications were spread via the Google Play Store and the most popular was downloaded around 100,000 times. Nearly all (90 percent) of these downloads originated from Brazil.

Legitimate applications responsible for VPN-connections became the second target for malicious miners. A VPN is a Virtual Private Network where users can get access to web resources that would not otherwise be available due to local restrictions. Kaspersky Lab found the Vilny.net miner, which is able to monitor the battery charge and the temperature of the device, to obtain money with less risk for the attacked gadgets. For this, the application downloads an executable from the server and launches it in the background. Vilny.net was downloaded over 50,000 times, mostly by users in Ukraine and Russia.

Kaspersky Lab products successfully detect these applications as risk tools.

“Our findings show that authors of malicious miners are expanding their resources and developing their tactics and approach to perform more effective cryptocurrency mining,” said Roman Unuchek, security researcher, Kaspersky Lab. “They are now using legitimate thematic applications with mining capacities to feed their greed. As such, they are able to capitalize on each user twice – firstly via an ad display, and secondly via discreet crypto-mining.”

Kaspersky Lab researchers advise users to abide by the following measures in order to protect their devices and private data from possible cyberattacks:

    Disable the ability to install applications from sources other than official app stores
    Keep the OS version of your device up to date in order to reduce vulnerabilities in the software and lower the risk of attack
    Only choose applications from trusted and reliable vendors – especially those which are geared towards safeguarding your privacy when online (e.g., VPN)
    Install a proven security solution to protect your device from cyberattack

To learn more about development of mobile miners, read our blogpost on Securelist.com.

About Kaspersky Lab

Kaspersky Lab is a global cybersecurity company, which has been operating in the market for over 20 years. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

Media Contact
Jessica Bettencourt
774.451.5142
Jessica.Bettencourt@kaspersky.com
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Avast Threat Report Discovers Cybercriminals Using Common Applications mrtrout 0 467 05-20-2023 , 05:33 PM
Last Post: mrtrout
  Cybercriminals devise ‘The Last of Us’ scams ahead of new series release mrtrout 0 567 01-15-2023 , 10:48 PM
Last Post: mrtrout
  Cybercriminals Publish Data Allegedly Stolen From Shell, Multiple Universities Bjyda 0 794 03-31-2021 , 12:18 PM
Last Post: Bjyda
  Cisco points to new tier of APT actors that behave more like cybercriminals Bjyda 0 814 02-23-2021 , 11:22 PM
Last Post: Bjyda
  Cybercriminals have found a devious new way to trick you with phishing scams Bjyda 0 778 02-19-2021 , 10:52 PM
Last Post: Bjyda

Forum Jump:


Users browsing this thread: 1 Guest(s)