Cryptocurrency Hackers Mined More Than 5% Of Monero Using Malware

The activity of unauthorized crypto-mining has continued to increase with attackers using malicious scripts to mine for the coins. Researchers have discovered another case of this where approximately 5% of Monero coins have been mined using corrupted devices. The researchers from Palo Alto have analyzed a total 0f 630,000 samples of cryptocurrency mining malware and have extracted the wallet IDs and the mining pools used by the hackers to mine the cryptocurrency.

The researchers have found more than 2341 unique wallet IDs that are attached to numerous mining pools which are used by the cryptocurrency malware. While most of the mining pools have statistics based on the wallet IDs it is very easy to find how much the miners have earned. The miners were able to successfully mine 798,613.33 XMR.

Josh Grunzweig, a senior malware researcher at Palo Alto, said in a blog post that the figure of 5% could in fact be higher. “This, of course, doesn’t take into account web-based Monero miners, or Monero miners that we do not have visibility into. As such, we can assume that the actual percentage of Monero in circulation that was mined via malicious activity is actually higher.”

The current exchange rate of Monero is $180 for 1 XMR and when converted for the total cryptocurrency mined by the attackers it equates to $144 Million. In the analysis, only 55% of the total wallets earned 0.01 XMR and only 244 wallets have earned more than 100 XMR and only 99 wallets have earned more than 10,000 XMR.

The mining power is calculated in the terms of Hashrate and the current rate is at 19 MegaHashes/sec. The rate would yield a total of $30,000 per day. While the individual Hashrates of top three users is $2737, $2022, and $1596 per day.

“Defeating cryptocurrency miners being delivered via malware proves to be a difficult task, as many malware authors will limit the CPU utilization, or ensure that mining operations only take place during specific times of the day or when the user is inactive,” Grunzweig said. “Additionally, the malware itself is delivered via a large number of methods, requiring defenders to have an in-depth approach to security.”

Take your time to comment on this article.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients