Hackers have been secretly hijacking millions of smartphones in order to mine the cryptocurrency monero, new research reveals.
Analysts at security firm Malwarebytes first spotted the illicit cryptocurrency mining, known as cryptojacking, in late January but only published details of the campaign this week.
The research explains how a phone’s processing power is being used to mine cryptocurrency—the process of generating virtual currencies like bitcoin by completing complex equations in order to confirm transactions—when visiting certain websites.
“We estimate that the traffic combined from the domains we identified so far equals to about 800,000 visits per day, with an average time of four minutes spent on the mining page,” said Jerome Segura, lead intelligence analyst at Malwarebytes researchers.
It is not possible to determine the exact amount of cryptocurrency that cyber criminals have been able to generate through this technique, though Malwarebytes estimates it is probably only in the region of a few thousand dollars each month. The figure generated by an individual device would be a tiny fraction of this.
“Similar to what we see with IoT [internet of things] devices, it’s not always the individual specifications, but rather the power of the collective group altogether that matters,” Segura said.
The cryptocurrency mining scheme discovered by Malwarebytes is done without the phone user’s consent, though website owners are gradually adopting the technique as a legitimate source of revenue.
The online publication Salon recently began requesting that visitors to its website either disable ad blocker software or give up spare processing power in order to mine cryptocurrency and “contribute to the advancement of technological discovery, evolution, and innovation.”
Read more: Hackers take over U.S. government websites to mine cryptocurrency
Cryptocurrency mining has mostly been a favored method for hackers looking to make a quick profit from vulnerable websites. Cryptojacking software was recently found on more than 4,200 websites in the U.S. and U.K., which were running a malicious version of a tool used to help people with poor vision to understand the site’s content.
Malwarebytes researchers warned that that the current cryptojacking trend not only had the potential to choke up a phone’s processor and make the device slow, it could also cause permanent damage.
One strain of cryptocurrency mining software discovered last year proved to be so powerful that it could melt a person’s smartphone if it was not detected in time.
Researchers from the Russia-based cybersecurity company Kaspersky detailed the malware, dubbed Loapi, in a blogpost in December.
“Because of the constant load caused by the mining module and generated traffic, the battery bulged and deformed the phone cover,” the researchers said. “It’s [sic] creators have implemented almost the entire spectrum of techniques for attacking devices.”