A malicious cryptomining app which is seen to target Android-based devices has been discovered recently. Known as “UFO Miner”, this app lacked a user interface and banked on Chrome’s Android Webview to download malicious payloads which corrupt the hardware of the device.
Andrew Brandt, Principal Researcher at Sophos spotted this app when he was analyzing samples of automated attacks directed towards Android devices.
How much impact does it have - Even though UFO Miner attacks are relatively few in number so far, Brandt suggests that it might soon pick up with more rogue IoT botnets.
“UFO Miner is just one of a number of malicious apps that have been picked up by the honeypot, but it has (so far) been the most prolific. It seems that botherder gangs that operate IoT botnets (like Mirai) have slowly been joining the ADB bandwagon,” the researcher wrote.
How can you protect yourself from it?
Unlike other malicious apps, UFO Miner does not present much hassle for uninstallation. It can be located in the Apps section of Settings under the name “Test”. Using Force Stop and then uninstalling the app would remove the miner app completely from the device.
The other method involves performing a factory reset of the device.