An investigation by Chinese authorities revealed that over the course of two years, more than 1 million computers were infected with crypto mining malware, which would have resulted in illicit profits of more than $2 million for computer criminals. The operation resulted in the arrest of 20 suspects from the technology firm Dalian Shengping Network Technology and another management software distribution company accused of implementing cryptojacking.
According to police reports, hackers were able to extract 26 million units of DigiByte (DGB), Decred (DCR) and Siacoin (SC), valued at 15 million yuan (about $2.2 million).
Cryptojacking involves using the processing power of a computer for crypto mining
The scheme was discovered after the security team at Tencent Holdings Limited alerted public safety authorities about a “Trojan” crypto mining script hidden in free downloadable plug-ins. Hackers developed and embedded the malware in these add-ons which they offered through advertisements that promised user benefits, such as improved browsing speed. Infected files reached 5 million computers in China.
The software was programmed to initiate the mining script once it detected that the computer’s CPU usage was less than 50%. In this way, it ran in the background quietly. Hackers would also have developed a network of more than 100 agents to help spread malware, hidden in software for the administration of Internet cafe networks.
20 Chinese arrested for cryptojacking
Of the total of 20 people arrested in this case, 11 were released on bail, while nine others remain behind bars.
Cryptojacking has captured the interest of cybercriminals, generating a significant increase in attacks via crypto mining malware between 2016 and 2018, according to a study by the cyber security company Kaspersky Labs. This report seems to indicate a migration of hackers from ransomware attacks to hidden crypto mining.
Large companies have also been affected by cryptojacking, and, in February, cybersecurity firm RedLock reported attacks cases at electronic car company Tesla Inc, Gemalto, the world’s largest SIM card manufacturer, and international insurance company Aviva.