A June 11 report by networking security company Palo Alto Networks has revealed a dark secret about the Monero (XMR) network. The report claimed that nearly five percent of all XMR in circulation today were mined using “crypto-jacking,” which is a relatively new type of cyber attack that involves infiltrating victims’ computers and, covertly, using their resources to mine cryptocurrencies.
In other words, the perpetrator of a crypto-jacking attack steals the victim’s computing power for profit. While it may not sound that bad compared to some other forms of malware such as ransomware, crypto-jacking can severely affect your online security and computing experience.
Monero: The Most Preferred Coin for Crypt-Jacking
Researchers from Palo Alto Networks analyzed nearly 630,000 samples of cryptocurrency-mining malware that they detected over the past few years. The team, then, used these samples to extract details such as mining pools and wallet IDs used by the perpetrators. They did this by matching more than 2,300 Monero Wallet IDs with the mining pools linked to the crypto-jacking malware.
According to their findings, Monero (XMR) is, by far, the most targeted cryptocurrency with 531,000 recorded instances of crypto-jacking attempts.
The total number of XMR tokens mined during these attacks is 798,613.33, which is roughly five percent of all XMR tokens in circulation. The fiat equivalent of these illegally mined tokens at press time stands at approximately $175 million.
The actual number, however, could be far worse as the researchers did not include the corresponding figures from web-based Monero mining.
Only a Few Hackers Pulled Off Large-Scale Heists
The report further stated that, despite appearing a lucrative choice for making easy money, only a tiny fraction of Monero crypto-jacking attempts was proven successful.
More than half of the wallets analyzed — 55 percent to be precise — made 0.01 XMR (~$2.20) or more. Just one out of 10 wallets earned more than 100 XMR, whereas, approximately 100 wallets got away with 1,000 XMR. Only 16 wallets linked to the recorded crypto-jacking attempts made more than 10,000 XMR.
According to Josh Grunzweig, a senior security expert at Palo Alto Networks, the perpetrators of these attacks usually limit the CPU utilization of their malware to avoid being flagged by security software. Moreover, most hackers design their fraudulent programs to run only when the host computer is inactive.
Because of these factors, the total hash rate for fraudulent mining is just around 19MH/s, which roughly translates into $30,443 a day based on the current network difficulty and exchange rate.
Meanwhile, the net earnings for the three most successful hackers on any average day stand at $2,737, $2,022, and $1,596 respectively.