Researchers have uncovered what they said is one of the biggest malicious currency mining operations ever, with more than $3 million worth of digital coin. Now, the operators are gearing up to make more.
The unknown criminals generated the windfall over the past 18 months. The campaign has mainly exploited critical vulnerabilities on Windows computers and then, once gaining control over them, installing a modified version of XMRig, an open-source application that mines the digital coin known as Monero. While the group has used a variety of mining services, it has continued to dump the proceeds into a single wallet. As of last week, the wallet had received payouts of almost 10,829 Monero, which, at current valuations, are worth more than $3.4 million.
“The perpetrator, allegedly of Chinese origin, has been running the XMRig miner on many versions of Windows and has already secured him over $3 million worth of Monero cryptocurrency,” researchers at security firm Check Point wrote in a blog post. “As if that wasn’t enough though, he has now upped his game by targeting the powerful Jenkins CI server, giving him the capacity to generate even more coins.”