Cyber criminals now cryptojacking mobile phones

Security experts say infected websites using phones' processors to mine digital currency

Cyber security experts are warning against the rising threat of cryptojacking on mobile devices. PHOTO: REUTERS

Beware. Your mobile phone might actually be helping cyber criminals mine for cryptocurrency like Bitcoin, even if you were diligent enough not to download suspicious, malware-laden apps.

Cyber security experts are warning against the rising threat of cryptojacking on mobile devices. Cryptojacking occurs when a user visits a website infected with software which then prompts the device to mine for cryptocurrency.

Cyber security companies Symantec and ESET released two reports in March showing an increase in mobile cryptojacking, where hackers slipped code into websites and online ads which then makes use of the phone's processor when a user opens the infected website on the mobile browser.

Symantec's latest Internet Security Threat Report, released on Tuesday, said Singapore ranks sixth as a victim of cryptomining attacks in the Asia-Pacific region, and 25th globally. The report analysed data from 157 countries and territories.

Symantec saw a 34,000 per cent jump in in-browser mining globally last year, when cyber criminals rushed to take advantage of the cryptocurrency craze. Cryptominers were included for the first time in the Symantec report as a cyber security threat, reflecting cryptomining's growing use as another tool in a cyber criminal's arsenal.

"There has been a shift in attack groups away from ransomware - which were behind some of the major attacks last year - to cryptomining," said Mr Sherif El-Nabawi, senior director for systems engineering at Symantec Asia-Pacific.

Unlike cryptomining malware, which requires a user to install an app or software onto their mobile phone, cryptojacking occurs the moment a user browses an infected website on the phone.

This makes it easier to infect many users, said Mr El-Nabawi.

"It's a game of mass - the more you infect, the more money you generate."

One mobile phone or one computer running 24 hours "might generate anything between 1 to 25 cents."

"But if you multiply that by 100,000 infected devices, you get $25,000 overnight," he said.

"This is a problem that won't go away anytime soon," said Mr El-Nabawi, "unless there is a decrease in cryptocurrency values, which is something we don't expect".

An indication of cryptojacking is a mobile phone performing sluggishly and experiencing fast battery drain.

Join ST's Telegram channel and get the latest breaking news delivered to you.

A version of this article appeared in the print edition of The Straits Times on March 30, 2018, with the headline Cyber criminals now cryptojacking mobile phones. Subscribe