Chinese internet café cryptojacking ring uncovered, 15 arrested

Getting your Trinity Audio player ready...

Chinese authorities have cracked down on a new ingenious cryptojacking scam. 15 individuals have been arrested for a scheme that saw them mine 100 million yuan ($14 million) in cryptocurrency through internet cafes, CCTV reports.

The operation, uncovered by the Shigu Branch of the Hengyang Municipal Public Security Bureau of Henan Province, was quite ingenious. As early as June 2017, a man named Zhang bribed more than 9,000 network technicians to install Trojan viruses in internet cafes as they made their rounds.

He would then remotely access the infected machines to install mining software. To keep things under wraps, he kept 2000 administrators on his payroll, paying out 20 million yuan ($2.79 million) for their services.

The initial tip, coning to the security bureau in 2018, started an investigation that uncovered everything. The internet cafes believed they were receiving some kind of extra value from the technicians, not realizing their machines were being used to profit a criminal mastermind.

Funnily enough, this isn’t even the biggest scam with this method uncovered, although it may be the most profitable. In June 2018, another internet café scam was uncovered with over 100,000 machines infected, however that particular incident only saw roughly $800,000 mined before being caught.

Then in July 2018, an even bigger scam was caught, as over 1 million computers had been victimized by cryptojacking, many of them internet café machines. In that instance, $2.2 million worth of crypto was estimated to have been mined.

While their scemes might seem ingenious, this is all very labor intensive activity for the hackers, and costly considering the number of people they had to bribe to make it happen. Meanwhile, America might have the more profilic cryptojacker of recent times.

Paige Thompson, a former Amazon employee, is facing charges of stealing the data of 100 million Capital One users, while also cryptojacking any server that she felt was unsecure. If the charges are true, she likely used her inside knowledge of Amazon Web Services (AWS) to access the servers, making it an easy cryptojack she could perform from nearly anywhere.