While many tech-savvy people have heard of, know about, and sometimes perform cryptocurrency mining, most of the rest of the world is oblivious to its existence. Bitcoin mining, according to Coin Desk, spiked in interest in April of 2019 as the currency started trading near to the $5000 mark.

While most people who are aware of cryptocurrency mining know that bitcoin is among the least valuable coins that one could mine, several far more financially viable coins are on the market. One such coin is Monero, a currency that has built-in anonymity making it an attractive currency for use in illegal activities.

In a recent paper published in the journal Cryptography and Security, researchers explore the massive illicit mining operation that is responsible for a surprisingly significant amount of Monero in circulation and how that Monero managed to be mined.

A Hundred Thousand Distributed Threads

Cryptocurrency mining is how new coins in some currencies are minted as payment for the verification of block transactions. This verification process utilizes processing power and theoretically, a user is limited by the amount of processing they have at their disposal.

However, if a user could potentially hijack other users’ processing power, then he or she could have a nearly unlimited amount of processing power available. MIT Technology Review mentions that hijacking users’ machines in order to force them to mine crypto for a particular user is a relatively popular idea among the seedier areas of the Internet.

There are some very sophisticated crypto malware available, some of which detect the idle state of a user’s CPU to turn on when the user is not around. Others use a website to run a script to steal the CPU’s processing power and use it to mine the coin in question. While both are novel approaches, the latter is far easier to investigate and is where the research for the previously mentioned paper lay. With thousands of unsuspecting visitors to sites running the script, the amount of processing power that the criminals had access to was staggering.

Why Monero?

Block Geeks notes that Monero states that it’s a private, secure and untraceable cryptocurrency, ensuring that every transaction is unlikable and the movement of funds is undetectable to public eyes. This in itself is worrying, since it creates an unmonitored area for transactions to occur that might be entirely outside the realm of the law.

However, based on how users think about Cryptocurrency, it also gives power back to the user by ensuring no one can see what they spent their money on. This level of security is the primary reason why hijackers are more inclined to mine Monero. All it requires is for the malware to download the latest version of the miner, connect to a particular pool and start mining, sending the proceeds to a wallet held by the criminals.

The problem here is that no one is sure who owns the wallets in question since the system is so secure.

The Depth of the Problem

Crypto Economy mentions that as much as 4.3% of all Monero mined comes from illegal mining activities. Based on estimates of the volume of mining, it seems that as much as $56 million worth of Monero has been mined using this method. Generally, mining tends to be distributed across a pool.

The difficulty of algorithms used for creating new coins is sophisticated enough so that miners have to work together to generate enough processing power to get a fraction of a single currency.

In this case, a handful of actors have utilized processing power that isn’t even theirs to score a multi-million dollar profit at the expense of others.

The Limitations of the System

While the design of the system is crafty, it does tend to have a few major, glaring holes in it. Typically, cryptocurrencies update their hashing algorithms every so often, and when this happens, they require miners to upgrade their existing mining software.

For legitimate users who buy bitcoin in Malaysia, this is simply a matter of updating the current software and being on our way. For illegal miners, this could pose a significant problem, since getting the software onto the user’s computer was the most challenging task. Doing it again requires the perfect series of events to line up to allow for the exploitation of the system once more. Monero is no exception to this rule, as recent reports from Bitcoin Exchange Guide mention, that the coin changed in March 2019 to change to provide security against ASIC miners.

This follows two changes in 2018, showing how dynamically evolving the currency is. Even so, illegal miners have adapted their schemes to keep step with the algorithm changes.

Dealing with The Scourge of Illegal Mining

So far, algorithm changes tend to be the most effective way of cracking down on illegal mining. Mining pools that the illicit miners make use of are less than enthusiastic about clamping down on those miners because they may present a significant amount of processing power to the pool and thereby increase the chances of a reward.

From the user’s perspective, the best way to avoid having their processing power hijacked to mine coins is to be aware of what sites are being visited and keeping their security processes up to date. The arms race between illicit users and legitimate users isn’t going to end anytime soon, and the crypto mining space is just another added front to that ongoing battle.


How A Global Criminal Crypto-Mining Network Operates was originally published in Hacker Noon on Medium, where people are continuing the conversation by highlighting and responding to this story.