Report: Fraudulent Monero Mining Generates $100K Per Month for Hackers

A German university released a cryptocurrency mining-centric report, Aug. 14, noting a rise in revenue generated by illegal mining software, despite the fall in “cryptojacking.”

Coinhive Faces the Heat Again

As reported by Digital Trends, RWTH University in Aachen, Germany, has presented a detailed account of the infamous, browser-based miner Coinhive being used to produce over $250,000 worth of Monero (XMR) per month for attackers, as per trading value denoted by CryptoSlate at the time of writing.

Developed to be a social good, the Coinhive miner was initially introduced to crypto-enthusiasts to allow them to exchange their extra computing power for access to mine the Monero network. The code, however, targets websites seeking to make money without advertisements, meaning a user’s computer will slow down while it generates coins in exchange for ad-free viewing.

Hackers, meanwhile, have configured Coinhive to send a user’s mined Monero to their own digital wallets by hacking websites and secretly installing the code. They are also plugging Coinhive into legitimate-appearing browser extensions.

Interestingly, the Coinhive miner accounts for 1.8 percent of Monero’s hashing power, with a majority of mining incentives realized for nefarious purposes.

The report noted:

“If we sum up the block rewards of the actually mined blocks over the observation period of four weeks, we find that Coinhive earned 1,271 XMR.”

At the time of writing, Monero is trading at $89.28, signifying a $113,474 profit for hackers in a month of fraudulent mining. Meanwhile, Coinhive developers receive over 30 percent of this amount for providing their tools.

Only 10 Addresses Getting Rich

The research also claims that only 10 wallet addresses received a chunk of the fraudulently mined Monero. In this regard, attackers are using a “short link” service to redirect advertisements to their servers and paying a commission to website administrators.

The report explained:

“With Coinhive, the creator of the short link receives a share of the block reward that is mined by the users visiting the short links.”

For research purposes, the university team ran a “WebAssembly” script to detect web-based mining software running on the internet. Scan results showed a clear dominance of Coinhive, which accounted for 75 percent of mining usage. Comparable scans include AuthedMine, WP Monero Miner and CryptoLoot.

The JavaScript-based Coinhive proves to be an easy target for hackers around the world due to its choice of programming language, and attackers have deployed the open-source mining software to a diverse range of victims–including government websites, corporations and even the San Diego Zoo.

Cover Photo by Mark Harrison on Unsplash

Disclaimer: Our writers’ opinions are solely their own and do not reflect the opinion of CryptoSlate. None of the information you read on CryptoSlate should be taken as investment advice, nor does CryptoSlate endorse any project that may be mentioned or linked to in this article. Buying and trading cryptocurrencies should be considered a high-risk activity. Please do your own due diligence before taking any action related to content within this article. Finally, CryptoSlate takes no responsibility should you lose money trading cryptocurrencies.

Did you like this article? Join us.

Get blockchain news and crypto insights.

Join Us on Telegram

Shaurya Malwa Author

Shaurya Malwa

Post-mining his first bitcoins in 2012, there was no looking back for Shaurya Malwa. After graduating in business from the University of Wolverhampton, Shaurya ventured straight into the world of cryptocurrency and blockchain. Using a hard-hitting approach to article writing and crypto-trading, he finds his true self in the world of decentralized ideologies. When not writing, Shaurya builds his culinary skills and trades the big three cryptocurrencies.

View author profile