Researchers spot Trinity and Fbot botnets trying to infect Android devices via the ADB interface.

Vendors have been shipping Android products with Android Debug Bridge enabled, making them attractive targets for hackers.

"Overall, we believe malicious code based on the Android system ADB debug interface is now actively spreading in worms and infected over 5,000 devices in 24 hours," the team says.

The security community raised the alarm regarding a serious issue last week —that of Android devices shipping with their debug port open to remote connections.

However, some might prefer to use the ADB interface through a computer. The setup process involves more than the on-device wireless debugging feature introduced with Android 11.

Researchers discovered a cryptocurrency mining botnet that uses the Android Debug Bridge (ADB) Wi-Fi interface and SSH connections to hosts stored in the known_hosts list to spread to other devices.

You can still use the tool to run your own custom commands, so Universal ADB Helper can run as your main ADB interface without changing your normal flow when you need to do more complex tasks.