Researchers Find 5% of Monero Were Mined Maliciously
A report finds that 5% of Monero (XMR) on the market has been mined maliciously.
The official research was conducted by Palo Alto Networks and published on 11 June. According to it, about 5% of circulating Monero (XMR) has been mined via cryptojacking, the unauthorized use of foreign devices’ processing power for illegal purposes.
Josh Grunzweig, one of the cybernetics researchers of Unit 42 who dealt with this case, identified through the investigation:
- “629,126 unique samples;
- 3,773 Emails used to connect with mining pools;
- 2,995 mining pool URLs;
- 2,341 Monero (XMR) wallets;
- 981 Bitcoin (BTC) wallets;
- 131 Electroneum (ETN) wallets;
- 44 Ethereum (ETH) wallets;
- 28 Litecoin (LTC) wallets .”
*The wallets were used to connect to mining pools.
Grunzweig thinks Monero is an incredible cryptocurrency-based target for hackers, with $ 175 million worth of XMR mined by maliciously. According to CoinMarketCap, Monero has a market capitalization of $ 1,841,547,824 and a 24-hour selling volume of $ 40,089,800.
The investigation shows that only 55% of 2,341 wallets hold over 0.01 XMR. Researchers say the information gathered does not include the number of company’s miners, indicating that the percentage of 5% is too low.
Asked by Cointelegraph, Justin Ehrenhofer, a representative of Monero Malware Response WorkGroup, explained that miners “may take advantage of Monero’s privacy and accessible proof of work features for their own illegitimate personal gain” because the platform is “built without any explicit use cases“.
“The Monero community is interested in helping victims of unwanted system mining and other nefarious actions […] We will never be able to prevent every machine from being compromised. The proportion of coins estimated to be mined with Monero speaks largely to the number of machines that are compromised. In addition to mining Monero, they could be sending spam and monitoring users. We hope that our contributions will limit unwanted behavior at the source,” stated the malware workgroup.
On Tuesday, the Japanese authorities announced the launch of an investigation into the latest Monero cryptojacking that used the Coinhive mining protocol. Following the attack, more than 40,000 computers were infected.