Amazon Fire TV Sticks Hit By Monero (XMR) Mining Malware ‘ADB.Miner’
Amazon Fire TV Sticks Hit By Mining Malware
If you own an Amazon Fire TV Stick, it might be inadvertently mining digital currencies. Apparently, a malicious programmer recently exploited the system and placed an Android malware that has rapidly spread across many exposed streaming gadgets worldwide. The malware's objective is to mine Monero, one of the most established virtual currencies.
The malicious software is known as the ADB.Miner and it exploits an advanced developer feature that is supposed to be disabled. The Android Debug Bridge is a compelling feature that allows a developer to control any device without asking for authentication credentials remotely. As of now, Amazon has remained mum on this development.
Usually, the Android Debug Bridge is inactive. However, AFTV news recently discovered that ADB.Miner was spreading across Fire TV devices whose Debug Bridge feature was active. Consequently, such hardware would display a remote application called ‘test' that incessantly pops up as a white page. During this process, media streaming suddenly becomes intermittent while Monero mining is initiated in the background. The sluggishness is as resulting in the dedication of CPU resources towards the cryptocurrency mining process.
The peculiar white page was first reported in April on the Android developers’ online community. After a while, it was concluded that the cause of this problem was ADB.Miner. Nonetheless, this problem is not prevalent across all Fire TV Sticks. ADB.Miner usually attacks devices which are loaded with shady third-party applications, a factor that significantly increases their susceptibility. Often, these apps switch on the debug feature without the user’s knowledge. As per Kevin Beaumont, a security expert based in the United Kingdom, Fire TV Sticks that are loaded with the KODI media player are highly vulnerable to ADB.Miner breaches.
Additionally, affected devices will try to spread the infection to unaffected gadgets. This is because the malware is not specific to Fire TV Sticks, but all devices whose Android Debug Feature is active. Earlier this year, Qihoo 360 Netlab, a Chinese security company, discovered that ADB. Miner was scouring the internet for exposed hardware and had infected numerous gadgets, primarily in the Far East countries.
While the reason behind the attacks remains unspecified, experts speculate that some manufacturers have been unknowingly packaging devices without deactivating the Android Debug Bridge. As mentioned above, this feature gives root access (administrator privileges) to any person, allowing them to modify, install and execute malicious software endlessly. Currently, the ADB.Miner malware has one specific purpose, which is to mine Monero silently. Therefore, its only ramification is the slowing down of the CPU.
To eliminate the ADB.Miner program, a Fire TV Stick must be reset to factory settings. Once this process is complete, the next (the most important) is to deactivate the Android Debug Feature to prevent the possibility of reinfection. In case another Android device is affected, the disinfection measures include the switching off of the Android Debug Bridge, as well as the deletion of the ‘test’ application. Alternatively, users can utilize antivirus programs to detect and subsequently disinfect the malicious software.