Crypto mining malware has been around for quite a while now. Adylkuzz, DigMine, and many others have taken control of consumer hardware in order to claim free mining power. Unfortunately for the unsuspecting consumer, the malicious code could cause their phone to become explosive.
Laopi, a strain of crypto malware discovered by Kaspersky Labs utilized higher-end phone processors to mine for Monero, a highly anonymous cryptocurrency, frequently touted as untraceable due to the “ring signatures” the network uses to sign transactions. Basically, multiple transactions are signed at the same time, which jumbles the transaction history.
Opera Browser has taken up the effort to protect consumers from being cryptojacked, or used as mining hashpower to make the hackers free money. Their Ad Block service not only blocks advertisements, but also helps to prevent users from being exposed to malicious code. This is particularly beneficial considering that their target market is mobile users.
When Kaspersky discovered Laopi, the phone it was operating on became so overheated that the battery bulged and damaged the case, rendering the phone effectively useless.
According to CoinDesk, Opera estimates that more than one billion devices globally are being enslaved for this purpose.
How does the service work?
Opera recommends that users enable their Ad Block software on their mobile devices. After users have activated the function, Opera takes care of the rest, protecting users from malicious code which has been spread to more than three million websites worldwide.
Crypto mining malware has adopted spreading from infected advertisements and website code because many average users do not notice the difference in speed, and these malware forms normally do not have any visually apparent symptoms, unlike ransomware, such as WannaCry.
By blocking the pathways that these malicious programs use to spread, Opera is helping to protect their users from frustrating and potentially harmful technology interactions.
How does the malware burst phones by mining Monero?
The issue with Laopi and other forms of mining malware is, they do not normally JUST mine a cryptocurrency. Kaspersky Labs found that the malware had also opened more than 28,000 URLs in under 24 hours, a significant contribution to the heat produced by the device, and ultimately its catastrophic failure.
Malware can be hard to locate once it has taken hold of a device as well, Laopi exemplifies this quality by remaining linked to a command and control server which lets the bug know which legitimate programs could be a threat to it, enabling the malware to live longer in a system by sabotaging legitimate programs and spreading itself from device to device.