At least 4.3% of Monero has been mined by cryptojacking malware

A recent report has revealed that at least 4.3% of all Monero coins in circulation have been mined by malicious malware.

The report was compiled by university researchers Sergio Pastrana and Guillermo Suarez-Tangil. Pastrana is currently working as an associate professor at the University of Cambridge, and Suarez-Tangil is a lecturer at King’s College London.

The data was gathered by analysing roughly 4.4 million malware samples, including 1 million malicious miners, and was collected from 2007 to 2018. When the data was first gathered, the white paper for Bitcoin had yet to be published online.

The issue of malware and ransomware has grown exponentially over this time, and “nowadays most of the illicit mining focuses on Monero.”

The report states: “The high value of crypto-currencies has attracted a large number of malicious actors that use hijacked resources to mine these currencies.”

It continues on to reveal that the increase of crypto-mining malware has been “dethroning ransomware as the top cyber-security threat.” Coin Rivet recently reported on the issue of cryptojacking, which saw a 44% increase in 2018.

One of the most notable comments made in the report is that “criminals have mined (at least) 4.3% of the Moneros in circulation, earning up to 56 million USD.” At the time of publication, this figure equated to roughly 720,000 Monero tokens that had been mined by malware.

One of the tactics employed by cyber-criminals is a “common yet effective approach” of using “legitimate infrastructure such as Dropbox or GitHub to host the droppers, and stock mining tools such as claymore and xmrig to do the actual mining.”

Furthermore, the report states that “one of the main reasons of the success of this criminal business is its relatively low cost and high return investment.”

The report also advises on how you can limit the possibility of being infected by malware. Since a lot of the malware is coded in JavaScript, one way to help prevent your device from getting infected is to restrict the use of JavaScript.

This issue has been a growing concern for many through 2018, and it doesn’t look like it’s going to settle down in 2019.

For more information and guides from Coin Rivet, click here.