Hackers often use legitimate websites like GitHub and Dropbox to spread cryptographic currency denial malware. This is apparent from new research by academics from the Universidad Carlos III de Madrid and King’s College London. That’s what The Next Web says.
Cryptojackers build special malware droppers – a variant of a trojan horse that forces a victim to download and install more malware. These droppers often download standard monero-mining tools from GitHub. “We see that GitHub is the most popular site to host the crypto-mining malware. This is because GitHub hosts most of the mining-tools, which are downloaded directly for malicious purposes by droppers,” says the researchers. “In addition, GitHub is also used to host custom versions of the miners.”
The researchers made a list of various public repositories and websites for sharing files that are often used by cryptojackers. These include Bitbucket, Amazon Web Services, Dropbox and Google. Furthermore, the researchers found monero mining malware hosted as torrents, attachments in Discord channels and hidden via URL shorteners.
Amount collected
The researchers also calculated how much the malware has yielded in the meantime. This amounts to approximately 720,000 XMR, which is 4.32% of all monero circulating today. The exact turnover generated depends on when the criminals have their profits paid out. However, the researchers expect it to be worth $57 million over the past four years, which is equivalent to $1.2 million per month.
It was also analysed where exactly the monero went. If hackers steal the computing power to mince cryptic currency, they can use two possible strategies. They can become members of a mining pool or they can love themselves. The use of a mining pool has advantages. This increases the chances of getting payments for minuses. In addition, less specialised equipment is needed for mincing.
The majority of the monero collected via cryptojacking went directly to one mining pool. It’s crypto-pool. Its members have raised at least 435,689 XMR, which is almost 47 million dollars. The researchers also detected 2,472 cryptojacking campaigns. 99 percent earn less than 100 XMR ($4,700).
This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.