Vendors have been shipping Android products with Android Debug Bridge enabled, making them attractive targets for hackers.

Researchers discovered a cryptocurrency mining botnet that uses the Android Debug Bridge (ADB) Wi-Fi interface and SSH connections to hosts stored in the known_hosts list to spread to other devices.

"Overall, we believe malicious code based on the Android system ADB debug interface is now actively spreading in worms and infected over 5,000 devices in 24 hours," the team says.

The security community raised the alarm regarding a serious issue last week —that of Android devices shipping with their debug port open to remote connections.

Researchers spot Trinity and Fbot botnets trying to infect Android devices via the ADB interface.

However, some might prefer to use the ADB interface through a computer. The setup process involves more than the on-device wireless debugging feature introduced with Android 11.

Google has made ADB and fastboot available as a standalone package, meaning users no longer need to download them with Android Studio or the Android SDK.

WinADB is a graphical front-end for adb commands which is an all-in-one solution for carrying out the most common adb commands.

You can still use the tool to run your own custom commands, so Universal ADB Helper can run as your main ADB interface without changing your normal flow when you need to do more complex tasks.

There’s a severe vulnerability in the way that all versions of Android handle the restoration of backups that can allow an attacker to inject a malicious APK file into the backup archive.