Amazon.com Inc.’s Fire devices are being targeted by a new variant of cryptomining malware as a new report shows that mining for Monero, the cryptocurrency of choice for hackers, is surging.
The malware is a variant of the ADB.Miner malware that previously targeted stock Android devices (Amazon runs a customized version of Android). It uses the same infection path, the Android Debug Bridge, to target Amazon Fire television and Fire TV stick devices.
The distribution method for the mining malware is via third-party website-based app stores that Amazon users visit to obtain apps unavailable from the Amazon’s own app store, which they’re restricted to using by default. Amazon doesn’t allow access to Google Play.
Once a user downloads an app infected with ADB.Miner, the malware goes to work, using Coinhive script to mine Monero in the background. Both Amazon devices are not known as high-end hardware, meaning that the first time users may realize they have been infected is a noticeable reduction in performance.
The malware has a second infection process, a worm function, in that it seeks out other devices on a network it can infect.
That hackers are targeting Amazon Fire devices does not come as a great surprise, since mining for Monero continues to surge. Security researchers at Palo Alto Networks Inc. have published a new report stating that there has been a massive surge in cryptomining malware, having discovered 629,126 cryptomining malware samples recently, with the vast majority mining for Monero.
Monero miners, described as holding an “incredible monopoly,” were found in 531,666 samples, an 84.5 percent market share.
Counting the top 10 Monero mining wallets linked to the malware, the researchers found that the malware linked to those wallets alone had mined 798,613.33 Monero to date, about 5 percent of all known Monero in circulation.
That amounts to a current value of just over $100 million as of midnight EDT. The number in total is likely to be far higher again, with the total number of Monero wallets detected coming in at 2,341.
Picture: Hedwig Storch/Wikimedia Commons
Since you’re here …
… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.
The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE: