Malware Study Claims Criminals Mined 4.4 Percent of Monero, Less Than Previously Thought

Published at: Jan. 10, 2019

Cryptocurrency mining malware is responsible for less of the supply of altcoin Monero (XMR) in circulation than previously thought, new research published Jan. 3 claims.

A joint effort by researchers at King’s College London and Carlos III University in Madrid, Spain, the study analyzed huge swathes of malware over a twelve-year period.

“In this paper, we conduct the largest measurement of crypto-mining malware to date, analyzing approximately 4.4 million malware samples (1 million malicious miners),” authors Sergio Pastrana and Guillermo Suarez-Tangil confirm.

According to their calculations, Monero, which continues to be a favorite target for malicious mining operations, has an illicit supply of around 4.36 percent — or roughly $56 million in profits.

The figure is somewhat less than the roughly 5 percent mentioned as an estimate in previous research from June 2018.

Nonetheless, Pastrana and Suarez-Tangil say their numbers broadly correspond to existing theories about the extent of Monero’s mining malware problem.

“One of the main reasons of the success of this criminal business is its relatively low cost and high return of investment,” they concluded.

“...Our profit analysis is more reliable than those in related studies. Our findings complement these studies, corroborating that malicious crypto-mining is a growing and complex threat that requires effective countermeasures and intervention approaches.”

As Cointelegraph previously reported, the privacy-focused traits of XMR mean it is the asset of choice for covert mining. Bad actors inject code into websites, apps and extensions which when activated begins using a victim’s device to mine the altcoin.

In October, Google announced tighter restrictions on extensions in its Chrome Web Store as part of efforts to combat the issue.

Tags
Related Posts
Hackers Mass-Scanning Web for Docker Platforms to Mine Cryptocurrencies
A group of hackers has launched a new cryptojacking campaign on Nov. 24, scanning as many as 59,000 IP networks to find Docker platforms that have API endpoints exposed online, business technology publication ZDNet reports Nov. 26. According to the report, the campaign is targeting vulnerable Docker instances in order to deploy crypto-malware to generate funds for the hacking group by mining Monero (XMR). The mass scanning issue was first discovered by American internet security firm Bad Packets LLC on Nov. 25. Troy Mursch, chief research officer and co-founder of Bad Packets LLC, said that exploit activity targeting exposed Docker …
Blockchain / Nov. 27, 2019
'Less sophisticated' malware is stealing millions: Chainalysis
Cryptojacking accounted for 73% of the total value received by malware related addresses between 2017 and 2021, according to a new malware report from blockchain analysis firm Chainalysis. Malware is used to conduct nefarious activity on a victim’s device such as a smartphone or PC after being downloaded without the victim’s knowledge. Malware-powered crime can be anything from information-stealing to denial-of-service (DDoS) attacks or ad fraud on a grand scale. The report excluded ransomware, which involves an initial use of hacks and malware to leverage ransom payments from vicitms in order to halt the attacks. Chainalysis stated: “While most tend …
Blockchain / Jan. 20, 2022
Sneaky fake Google Translate app installs crypto miner on 112,000 PCs
Crypto mining malware has been sneakily invading hundreds of thousands of computers around the world since 2019, often masquerading as legitimate programs, such as Google Translate, new research has found. In an Aug. 29 report by Check Point Research (CPR), a research team for American-Israeli cybersecurity provider, Check Point Software Technologies, the malware has been flying under the radar for years, thanks partly to its insidious design which delays instaling the crypto mining malware for weeks after the initial software download. .@_CPResearch_ detected a #crypto miner #malware campaign, which potentially infected thousands of machines worldwide. Dubbed ‘Nitrokod,” the attack was …
Blockchain / Sept. 1, 2022
Expert Warns: Don’t Trust Ransomware Groups Amid Pandemic
A cybersecurity expert explained why he is convinced that the promises made by ransomware groups amid the pandemic are irrelevant. Brett Callow — threat analyst at cybersecurity firm Emsisoft — told Cointelegraph that multiple ransomware groups recently made promises to halt their activity against medical organizations amid the coronavirus pandemic. Still, he believes that those promises are irrelevant: “The claims of a ceasefire made by ransomware groups are irrelevant [and] should be completely disregarded. Would you leave your front door unlocked simply because the local burglars had pinky-promised not to rob you? Probably not. The story of the frog and …
Blockchain / April 16, 2020
FTX hacker reportedly transfers a portion of stolen funds to OKX after using Bitcoin mixer
Hackers who drained FTX and FTX USA of over $450 million worth of assets just moments after the doomed crypto exchange filed for bankruptcy on Nov. 11, continue to move assets around in an attempt to launder the money. A crypto analyst who goes by ZachXBT on Twitter alleged that the FTX hackers have transferred a portion of the stolen funds to the OKX exchange, after using the Bitcoin mixer ChipMixer. The analyst reported that at least 225 BTC — worth $4.1 million USD — has been sent to OKX so far. 1/ Myself and @bax1337 spent this past weekend …
Blockchain / Nov. 29, 2022