Local media has reported that in Japan, 16 men have been arrested in connection with a cryptojacking ring which installed malware on victims’ computers in order to mine Monero (XMR).
The arrests took place in 10 different prefectures across the country and the first of these may have occurred as early as March. The suspects are accused of installing a range of software on their victims’ computers without consent. This included the notorious Coinhive program, which is used to mine Monero through the victim’s web browser.
Cryptojacking is a relatively new practice which involves using unsuspecting victims’ computer processing power in order to mine cryptocurrency for a malicious party; it relies on the processing power of a user’s internet browser, diverting it away from efficient functioning and towards mining. This way, conventional mining costs, such as high energy usage, are avoided, as the victims’ computers take the burden of the power consumption.
Coinhive became one of the most pervasive cryptojacking services after its launch in 2017. It works by installing a small piece of code onto a website, which then serves to exploit the visitor’s computer processing power for Monero mining as long as they stay on the page. Its presence has been found on a number of sites, including even YouTube, as well as government and university sites across the world.
According to details about the arrests, the largest sum value of Monero obtained by the suspects through their operation was equal to around 120,000 JPY (around $1000). This is based on the 70 / 30 model of Coinhive, which charges users 30% of total mined currency as payment for its services, whilst allowing them to keep the other 70%.
A professor at Konan Law School in Tokyo, Hisashi Sonoda, who is a specialist in cybercrime has stated that the immediate arrests may have been premature, as there is no legal precedent which has been set for this case. However, it soon might be as the practice of cryptojacking is on the rise; last week three suspects in Yokohama were also arrested over cryptojacking charges, one being ordered to pay a $900 fine.
The use of software like Coinhive has become a rapid problem in the field of cybersecurity. It is often pitched in a seemingly legitimate way to website owners, in order to make an income without resorting to advertisements. However, in reality the software runs like any other malicious bot or trojan, often locking up a user’s browser and draining battery life. It is the ideal production method for privacy-focussed coins like Monero however, as identity of users is almost entirely concealed. It is estimated that around 5% of Monero in existence has been created through cryptojacking.
Image Source: “Flickr”