Chinese Cryptojacking Heist Infects One Million Computers

latest cryptojacking attack infects one million computersAn astonishing one million computers have allegedly been infected in the latest Chinese cryptojacking heist. What is worrying is the scale and nature of the hacks themselves. It appears to be more than malware, but a mix of organized crime using elaborate mining tools to infect computers on an unprecedented level.

The Chinese cryptojacking heist

China is becoming well known for these scandals. The story was first reported by a Chinese news outlet, Legal Daily, where it was alleged that one million computers were infected in the 20 person operation. The computers mined a total of USD 2.25 million over the course of two years. This is a long time frame, a large amount of money, and a huge number of computers. Cryptojacking has only really been brought to the public attention in the past six months or so due to security reports.

Nine suspects have currently been arrested in connection with the crime. At least a hundred more are said to be connected to the cryptojacking heist along with the core criminal group of 20. The script developers were traced back to the city of Qingzhou. Dalian Shengping Network Technology, the company involved, is said to have advertised the malicious plugins containing the virus to 2.89 million computers.

Creative crime

The investigation began in January after a security report was released. The hackers created malicious plugins for insecure Chinese browsers. The plugins were touted by agents as useful additions which could increase browser speed, and ads were placed on popular websites.

When users clicked on the ads, the plugin was installed without notifying the victim. And within this plugin was a trojan horse style mining script to mine cryptocurrency. Digibyte, Siacoin, and Decred were then mined using the host computer resources. These coins were then sent to the hackers’ wallets. Usually, Monero is the altcoin of choice when it comes to cryptojacking.

The virus only operated when the CPU was underutilized. If more than 50% of the computer was in use, the cryptojacking would not take place. This means that users were unlikely to discover the virus as the PC would not run any slower than normal.

Cryptojacking is on the rise. Operation Prowli and WinstarNssmMiner are two of the more recent and high-profile cryptojacking scandals that have occurred in recent times. But there could easily be many more that have not yet been brought to light. According to all the latest cybersecurity reports, more cryptojacking is on the way.

Digital Nomad with an interest in Zen and Blockchain technology.

Law graduate with 3 years experience as a consultant in the capital markets industry and 4 years experience freelancing on UpWork as a Creative Writer.