1. Home
  2. Hackers target smartphones to mine cryptocurrencies

Hackers target smartphones to mine cryptocurrencies

Agencies
August 23, 2018

Paris, Aug 23: Has your smartphone suddenly slowed down, warmed up and the battery drained down for no apparent reason? If so, it may have been hijacked to mine cryptocurrencies.

This new type of cyberattack is called "cryptojacking" by security experts.

It "consists of entrapping an internet server, a personal computer or a smartphone to install malware to mine cryptocurrencies," said Gerome Billois, an expert at the IT service management company Wavestone.

Mining is basically the process of helping verify and process transactions in a given virtual currency. In exchange miners are now and then rewarded with some of the currency themselves.

Legitimate mining operations link thousands of processors together to increase the computing power available to earn cryptocurrencies.

Mining bitcoin, ethereum, monero and other cryptocurrencies may be very profitable, but it does require considerable investments and generates huge electricity bills.

But hackers have found a cheaper option: surreptitiously exploiting the processors in smartphones.

To lure victims, hackers turn to the digital world's equivalent of the Trojan horse subterfuge of Greek mythology: inside an innocuous-looking app or programme hides a malicious one.

The popularity of games makes them attractive for hackers.

"Recently, we have discovered that a version of the popular game Bug Smasher, installed from Google Play between one and five million times, has been secretly mining the cryptocurrency monero on users' devices," said researchers at IT security firm ESET.

Growing number of attacks

The phenomenon is apparently growing.

"More and more mobile applications hiding Trojan horses associated to a cryptocurrency mining programme have appeared on the platforms in the last 12 months," said David Emm, a security researcher at Kaspersky Lab, a leading supplier of computer security and anti-virus software.

"On mobiles the processing power available to criminals is less," but "there is a lot more of these devices, and therefore taking in total, they offer a greater potential," he added.

But for smartphone owners, the mining is at best a nuisance, slowing down the operation of the phone and making it warm to the touch as the processor struggles to unlock cryptocurrency and accomplish other task.

At worst, it can damage the phone.

"On Android devices, the computational load can even lead to 'bloating' of the battery and thus to physical damage to, or destruction of, the device," said ESET.

However, "users are generally unaware" they have been cryptojacked, said Emm.

Cryptojacking affects mostly smartphones running Google's Android operating system.

Apple exercises more control over apps that can be installed on its phones, so hackers have targetted iPhones less.

But Google recently cleaned up its app store, Google Play, telling developers that it will no longer accept apps that mine cryptocurrencies on its platform.

"It is difficult to know which applications to block," said Pascal Le Digol, the country manager in France for US IT security firm WatchGuard, given that "there are new ones every day."

Moreover, as the miners try to "be as discreet as possible" the apps do not stand out immediately, he added.

How to save your phone

There are steps to take to protect one's phone.

Besides installing an antivirus programme, it is important "to update your Android phone" to the latest version of the operating system available to it, said online fraud expert Laurent Petroque at F5 Networks.

He also noted that "people who decide to download apps from non-official sources are at more risk of inadvertently downloading a malicious app".

Defending against cyberattacks of all kinds is "a game of cat and mouse", said Le Digol at WatchGuard. "You need to constantly adapt to the evolution of threats."

In this case he said "the mouse made a large leap", said Le Digol, adding cryptojacking could evolve to other forms in the future to include all types of connected objects.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
January 20,2020

Washington D.C., Jan 20: An American bride asked for money from her invitees so that they can be on the 'exclusive guest list'.

Weddings can be surely expensive. But is it feasible for one to charge the guests to make up for the expenses?

According to Fox News, that is exactly what happened in a recent American wedding. A 19-year-old shared on Reddit that her cousin was getting married on Sunday and announced that she would charge 50 dollars to those who wanted to attend her wedding.

"She said that they can Venmo her money so there won't be no [sic] problems and everyone who paid will be added onto the 'exclusive guest list' which basically means you won't have to wait in line while other guests pay," wrote the user named DaintySheep.

While she refused to pay for entry into her cousin's wedding the bride-to-be contacted the elders in the family which ended up in an embarrassing situation.

"She wanted to get the money she spent on her special day back. I told her I wouldn't be able to come because this was outrageous and that I wish her well on her special day. She contacted my aunt and my aunt called me cheap and rude. My parents offered to pay for my entry, but I refused," continued the disheartened girl.

While in almost every nook and cranny of the world gifting the bride-groom with money is a tradition, asking for money from friends and family to replenish the money spent on a wedding is can be said to be a rare scenario.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
May 30,2020

May 30: Patients undergoing surgery after contracting the novel coronavirus are at an increased risk of postoperative death, according to a new study published in The Lancet journal which may lead to better treatment guidelines for COVID-19.

In the study, the scientists, including those from the University of Birmingham in the UK, examined data from 1,128 patients from 235 hospitals from a total of 24 countries.

Among COVID-19 patients who underwent surgery, they said the death rates approach those of the sickest patients admitted to intensive care after contracting the virus.

The scientists noted that SARS-CoV-2 infected patients who undergo surgery, experience substantially worse postoperative outcomes than would be expected for similar patients who do not have the infection.

According to the study, the 30-day mortality among these patients was nearly 24 per cent.

The researchers noted that mortality was disproportionately high across all subgroups, including those who underwent elective surgery (18.9 per cent), and emergency surgery (25.6 per cent).

Those who underwent minor surgery, such as appendicectomy or hernia repair (16.3 per cent), and major surgery such as hip surgery or for colon cancer also had higher mortality rates (26.9 per cent), the study said.

According to the study, the mortality rates were higher in men versus women, and in patients aged 70 years or over versus those aged under 70 years.

The scientists said in addition to age and sex, risk factors for postoperative death also included having severe pre-existing medical problems, undergoing cancer surgery, undergoing major procedures, and undergoing emergency surgery.

"We would normally expect mortality for patients having minor or elective surgery to be under 1 per cent, but our study suggests that in SARS-CoV-2 patients these mortality rates are much higher in both minor surgery (16.3%) and elective surgery (18.9%)," said study co-author Aneel Bhangu from the University of Birmingham.

Bhangu said these mortality rates are greater than those reported for even the highest-risk patients before the pandemic.

Citing an example from the 2019 UK National Emergency Laparotomy Audit report, he said the 30-day mortality was 16.9 per cent in the highest-risk patients.

Based on an earlier study across 58 countries, Bhangu said the 30-day mortality was 14.9 per cent in patients undergoing high-risk emergency surgery.

"We recommend that thresholds for surgery during the SARS-CoV-2 pandemic should be raised compared to normal practice," he said.

"For example, men aged 70 years and over undergoing emergency surgery are at particularly high risk of mortality, so these patients may benefit from their procedures being postponed," Bhangu added.

The study also noted that patients undergoing surgery are a vulnerable group at risk of SARS-CoV-2 exposure in hospital.

It noted that the patients may also be particularly susceptible to subsequent pulmonary complications, due to inflammatory and immunosuppressive responses to surgery and mechanical ventilation.

The scientists found that overall in the 30 days following surgery 51 per cent of patients developed a pneumonia, acute respiratory distress syndrome, or required unexpected ventilation.

Nearly 82 per cent of the patients who died had experienced pulmonary complications, the researchers said.

"Worldwide an estimated 28.4 million elective operations were cancelled due to disruption caused by COVID-19," said co-author Dmitri Nepogodiev from the University of Birmingham.

"Our data suggests that it was the right decision to postpone operations at a time when patients were at risk of being infected with SARS-CoV-2 in hospital," Nepogodiev said.

According to the researchers, there's now an urgent need for investment by governments and health providers in to measures which ensure that as surgery restarts patient safety is prioritised.

They said this includes the provision of adequate personal protective equipment (PPE), establishment of pathways for rapid preoperative SARS-CoV-2 testing, and consideration of the role of dedicated 'cold' surgical centres.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
January 10,2020

Indian enterprises were flooded with a whopping 14.6 crore malware threats in 2019 - a growth of 48 per cent (year-on-year) compared to 2018, a new report said on Friday.

Manufacturing, BFSI (banking, financial services and insurance), education, healthcare, IT/ITES, and the government were the most at-risk industries in the country, said the report from Seqrite, the enterprise arm of Pune-based IT security firm Quick Heal Technologies.

Interestingly, almost a quarter (23 per cent) of the threats were identified through 'Signatureless behaviour-based' detection by Seqrite, indicating how a growing number of cybercriminals were deploying new or previously unknown threat vectors to compromise enterprise security.

"With the latest Seqrite annual threat report, we want to empower CIOs, CISOs, business leaders and all key public stakeholders with the insights they need to combat the growing complexity of the threat landscape," said Sanjay Katkar, Joint Managing Director and CTO, Quick Heal Technologies.

The most prominent trend was the drastic increase in the volume, intensity, and sophistication of cyber-attack campaigns targeting Indian enterprises in 2019.

The rapid integration of IoT devices, BYOD (bring your own device), and third-party APIs into enterprise networks has created newer security vulnerabilities that might go unnoticed until a major breach occurs.

Threat researchers at Seqrite observed several large-scale advanced persistent threats (APT) attacks deployed against organisations in the government sector.

"The entry of nation-states and organised cybercrime cells into the fray is expected to add more complication to this situation and will require Indian government bodies and corporate enterprises to shore up their cyber defence strategies in 2020 and beyond," the report noted.

More alarming, however, was the continued lack of security awareness amongst enterprises and government organisations.

"Unsecured Remote Desktop Protocol (RDP) and Server Message Block (SMB) protocols continued to be targeted through brute-force attacks," said the report.

Spear phishing attack campaigns leveraging Office exploits and infected macros were also used extensively by cybercriminals to gain access to enterprise networks and steal critical data.

"India's digital journey depends on ensuring robust cybersecurity for all stakeholders within the enterprise ecosystem," said Katkar.

The sharp spike should be a cause of concern for CIOs and CISOs in the country, especially given the growing digital penetration within their enterprise networks.

"With network vulnerabilities and potential entry points increasing at a rapid pace, threat actors are expected to leverage artificial intelligence (AI) capabilities to power their malware campaigns in the future to capitalise on newer attack vectors," the report added.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.