Monero [XMR] the privacy-focused cryptocurrency that has long been a staple for hackers and nefarious internet users is back on the limelight again and (as often) it is for the wrong reasons. According to a recent paper by cryptocurrency researchers Sergio Pastrana, from Universidad Carlos III de Madrid and Guillermo Suarez-Tangil, from King’s College London, the leading privacy coin is also leading in the number of illegally mined coins. The report claims that as much as 4.3% of total coins in circulation have been illegally mined since the inception of the currency. Titled “A First Look at the Crypto-Mining Malware Ecosystem: A Decade of Unrestricted Wealth,” the paper takes a deeper look into the actions of cryptocurrency mining.
The researchers note in the report that “Our profit analysis reveals campaigns with multi-million earnings, associating over 4.3% of Monero with illicit mining. We analyze the infrastructure related to the different campaigns, showing that a high proportion of this ecosystem is supported by underground economies such as Pay-Per-Install services. We also uncover novel techniques that allow criminals to run successful Campaigns.” According to these figures shared above, more than 700,000 Monero coins (XMR) have been mined illegally. This represents about $33.4 million worth as of current spot prices of $$46.34 per XMR (according to data from Coinmarketcap).
The most common method of mining these coins illegally involves hijacking unsuspecting internet users’ computing resources and redirecting them towards mining XMR coins. There has been a proliferation of cryptocurrency programs that enable web browsers to mine cryptocurrency and most of these are available at a cheap price online. Hackers can also code malware which purposefully harnesses a system’s computing power and redirects it towards contributing hashing power to mining cryptocurrencies. As the paper notes, over the past two years between the start of 2017 and the end of 2018, there were discovered 4.4 million malware samples and 1 million cryptocurrency mining applications.
Mining Bitcoin in this way is certainly possible but Bitcoin has an extremely high hash-rate that will cause a normal CPU trying to mine some Bitcoin to freeze thereby prompting the victim to restart their computer and possibly attracting attention towards the malware. Mining Monero through hijacking victim’s resources is so effective because this activity can proceed in the background or when the computer is idle without affecting the usability of the machine.