Millions of Android Phones Hijacked to Mine Monero Cryptocurrency: Malwarebytes

Advertisement
By Sumit Chakraborty | Updated: 13 February 2018 18:37 IST
Highlights
  • Hackers have been mining Monero coins via smartphones for months
  • Users presented with CAPTCHA to solve while browser mines Monero
  • Android phone users should use web filters, security software

Millions of Android smartphones have reportedly been hijacked in a drive-by cryptocurrency mining campaign. As per security researchers, over the past few months, hackers have secretly been mining Monero coins via smartphones. According to Malwarebytes researchers, the campaign was first observed in January though it had started around November last year.

According to the report, millions of Android mobile users have been redirected to a specifically designed page "performing in-browser cryptomining." Though the method, the report says, is "automated, without user consent, and mostly silent," visitors are presented with a CAPTCHA to solve to prove that they are human and not a bot.

Advertisement

The warning message reads as "Your device is showing suspicious surfing behaviour. Please prove that you are human by solving the captcha. Until you verify yourself as human, your browser will mine the Cryptocurrency Monero for us in order to recover the server costs incurred by bot traffic." Until a user enters the code, the smartphone or tablet continues mining Monero, damaging the device's processor.

Also see: How to Stop Websites From Using Your Phone or Computer to Mine Bitcoin and Other Cryptocurrencies 

Interestingly, upon clicking entering the code, users are redirected to the Google home page, the report says. Also, the code is static and hardcoded in the page's source, making the process appear malicious. The researchers at Malwarebytes say that victims may face the forced redirection during regular browsing sessions or via infected apps with malicious ads.

Advertisement

"It's possible that this particular campaign is going after low-quality traffic-but not necessarily bots -and rather than serving typical ads that might be wasted, they chose to make a profit using a browser-based Monero miner," Jerome Segura, lead malware intelligence analyst at Malwarebytes, wrote in the blog post.

Malwarebytes identified five domains using the same captcha code and Coinhive site keys used for the campaign. According to the data posted on the blog, at least two websites had more than 30 million visits per month, and the domains combined yielded around 800,000 visits per day.

Advertisement

Unsurprisingly, Web filtering or security applications on smartphones have been highly recommended by the researchers, to prevent such hijacks. They say that forced cryptomining is now affecting mobile phones and tablets not only via Trojanised apps but also via redirects and pop-unders. Meanwhile, here is a guide on how to stop websites from using your phone or computer to mine cryptocurrencies.

 

Also seeCryptocurrency Prices across Indian exchanges

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement

Related Stories

Popular Mobile Brands
  1. Best Water-Resistant Smartphones You Can Buy in India
  2. Top 5 Features Worth Trying Out on Apple's First iOS 27 Public Beta
  3. How to Watch the FIFA World Cup 2026 Final Live Stream in India
  4. Galaxy Unpacked Roundup: Here's Everything We Know So Far
  1. Redmi Note 17 Pro Global Variant Reportedly Appears on NBD Database Alongside Poco Model
  2. Google Pixel 11a Codename Reportedly Spotted in Phone App
  3. Huawei Mate XT 2 Leaked Patent Reveals New Tri-Fold Design and Folding Mechanism
  4. Airtel Unlimited 5G Data Subscribers Reportedly Cannot Share 5G Data via Mobile Hotspot: Here's What We Know So Far
  5. Lenovo Legion C700 Teased as a Cloud Gaming Handheld Ahead of August Launch
  6. Marvel's Wolverine Gets New Trailer That Will Play Ahead of Christopher Nolan's The Odyssey in Select Theatres
  7. Airtel Quietly Removes Rs. 549 Individual Postpaid Plan in India; Rs. 699 Plan Becomes Next Upgrade
  8. Poco M8 Power, Poco X8 India Launch Timeline Tipped; Could Arrive as Rebranded Redmi Note 17 Series
  9. Samsung Galaxy S25 Series Could Get Galaxy S26’s Horizontal Lock Camera Feature With One UI 9 Update
  10. Asus Pad India Launch Date Announced as Company Reveals Key Specifications
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.