Criminals Grabbed at Least 4.3 Percent of All Monero Coins on the Market

- Advertisement -

Researchers from the Universidad Carlos III de Madrid and the King’s College London analyzed a vast data set of 4.4 million malware samples collected between 2007 to 2018 to quantify the amount of Monero (XMR) coins criminals using crypto-mining malware have been able to accumulate.

Both static and dynamic analysis techniques coupled with OSINT data were used to efficiently extract info from malware samples such as mining pools and wallet identifiers. 

Processing pipeline and measurement methodology
The study’s processing pipeline and measurement methodology

The resulting information allowed the researchers to estimate the profits secured by various cryptojacking campaigns by analyzing public payment records generated as rewards for the criminals’ illicit crypto-mining efforts.

Using crypto-mining malware, criminals have mined (at least) 4.3% of the moneros in circulation, earning up to 56 million USD. One of the main reasons of the success of this criminal business is its relatively low cost and high return of investment. Also, since it is considered a lower threat to their clients, the AV industry has not paid due attention.

Illicit crypto-mining is a malicious activity through which crooks surreptitiously use desktop or mobile devices of other people to mine for cryptocurrency without having to pay for the hardware or the energy used during this process.

- Advertisement -

Malicious mining comes with high return on investment ratios

These malicious campaigns will use either a web-based mining tool (a process also known as drive-by mining) embedded in websites they’ve hacked into or a dedicated binary-based miner delivered as part of a multi-stage malware delivery campaign.

Crypto-mining campaigns allow these actors to effortlessly compete with legitimate cryptocurrency farms, with an exponentially higher profit rate given that they don’t have to pay for any of the used resources.

- Advertisement -

Moreover, the researchers found that some of the criminals behind crypto-mining malware use large-sized botnets which they update to keep them working if banned from the mining pools they use or when the mining algorithm suffers any changes.

Furthermore, these malicious campaigns use idle mining or domain aliases when contacting the mining pools as detection evasion measures, while others make use of GitHub or DrRopbox to host their binary-based miner droppers.

Previous crypto-mining malware studies
Previous crypto-mining malware studies

Previous studies also found that illicit crypto-mining is a highly profitable ‘business’

Other researchers have previously addressed the subject of malicious crypto-mining, with the “Botcoin: Monetizing stolen cycles.” paper from 2014 being the first one studying this subject finding that “in total malicious malware mined at least 4.5K bitcoins (which was worth around $3.2M in 2014).”

This paper’s authors add to those previous findings estimating monthly profits for crooks that run crypto-mining campaigns of over $1,2 per month.

We show that the earnings are massive and that this criminal activity is rooted within the underground ecosystem. In particular, we estimate that earnings are — at least — 57 million USD obtained in 4 years of operation (around 1.2M/month). 

A lot has changed since then since these days illicit crypto-mining campaigns mostly mine for Bytecoin or Monero, given that targeting Bitcoin is no longer profitable due to the highly increased energy and hardware requirements.

Top 10 campaigns ranked by amount of XMR mined
Top 10 campaigns ranked by amount of XMR mined

The study’s authors also describe some of the measures that might hinder crypto-mining malware peddlers’ efforts, with constant changes to the Proof-of-Work algorithm being the one that might be the most effective given that it will have the increase of criminals overall costs as a direct consequence.

Sergio Pastrana and Guillermo Suarez-Tangil are the authors of the “A First Look at the Crypto-Mining Malware Ecosystem: A Decade of Unrestricted Wealth” paper publicly available on the arXiv research electronic archive.

Previous Articles:

- Advertisement -

Latest News

Bitcoin Whales Move 20,000 BTC Worth $2B, Stir Market Speculation

Two major Bitcoin wallets transferred 20,000 BTC, valued at over $2 billion, to new...

Nissan Recalls 480,000 Vehicles; Stock Surges Despite Engine Issue

Nissan is recalling over 480,000 vehicles in the U.S. and Canada due to engine...

Bitcoin Risks $2.67B in Longs if Price Falls Below $108K Level

Bitcoin's price approaches its all-time high, with traders watching for signs of a breakout...

CrowdStrike Stock Hits Record High After Analysts Hike Price Target

CrowdStrike Holdings (CRWD) stock reached an all-time high with a gain of more than...

Amber International Raises $25.5M to Grow $100M Crypto Reserve Fund

Amber International Holding raised $25.5 million in a private placement to expand its $100...

Must Read

Top 5 Testing Tools For Blockchain Applications in 2022

Blockchain apps have been adopted popularly by some prominent industries due to its being a decentralized-designed technology. Furthermore, these apps eliminate the risks that...