The Monero community has publicly denounced the individuals behind the massive cryptocurrency mining malware campaign, designed to steal users’ computing power to illegitimately bank on XMR.
“The Monero community condemns this malicious, non-consensual use of equipment to mine,” the statement reads. “[…] The Monero community does not want to sit idly by as victims struggle to understand the impact of mining and ransomware.”
It has seen it necessary to establish a “self-organized set of volunteers,” providing tools and resources necessary for protection against crypto-jackers and other malware.
To which extent, the Monero Malware Response Workgroup will be an official, sanctioned resource for protecting oneself against “unwanted in-browser mining, system mining, and ransomware.”
Crypto-jackers love Monero
Crypto-jacking refers to the injecting of malware that forces a machine to mine cryptocurrency. The malware generates digital coins using stolen processing power and sends them directly to the attacker – all without the users’ knowledge.
Most of the cryptocurrency-focused malware infecting the web actually mines Monero (XMR). Specifically, hackers have been known to favor modified versions of the browser-mining script CoinHive, which estimates suggest generates around $250,000 worth of XMR every single month.
Organizations can actually use CoinHive for good – charities are employing it to democratize the donation process to help those in need.
Still, having Monero be the preferential cryptocurrency for the internet’s crypto-jackers is undeniably bad for Monero’s image – which probably gives us the reason for this sudden interest in internet-safety.
This could very well be the first time Monero (or any other blockchain) has officially denounced crypto-jackers.
“It’s our mission to resolve an unfortunate situation as well as possible,” the statement admits. “We will not be able to eliminate malicious mining, but we hope to provide necessary education for people to better understand Monero, what mining is, and how to remove malware.”
CoinHive is spreading
Research indicates that hackers released 2.5 million new crypto-jacking scripts in the past three months – many of them new CoinHive implementations.
Recent reports suggest that attackers have used them to infect 280,000 MicroTik routers around the world.
MicroTik has since pushed a patch – but it is up to those who maintain the servers to properly clean out their systems. If they don’t, well, the scripts just keep on running.
Over the past week, this has played out in real-time. Security research unit Bad Packets Report detected more than 600 compromised MicroTik running on the network of the main service provider for the Douglas County PUD, a US non-profit utility with close ties to the government.
Hard Fork has since reached out to Douglas County PUD to confirm the security status of its network.
Other international governments have been affected, too. Several Indian municipality websites were recently found to be forcing visitors to mine Monero unawares.
In any case, if you do feel a sudden urge to make sure your machine isn’t generating sweet, sweet, cryptocurrency for someone else – head over to the new Malware Response Workgroup and get yourself checked out. Better to be safe than be the chump.
If you’re interested in everything blockchain, chances are you’ll love Hard Fork Decentralized. Our blockchain and cryptocurrency event is coming up soon – join us to hear from experts about the industry’s future. Ticket sales are now open, check it out!
Published September 28, 2018 — 13:38 UTC