Tech 11 January 2019

Erik Gibbs

GitHub becoming a repository for crypto malware

There has been a lot of discussion over the past several months about the amount of Monero that is being syphoned off through cryptocurrency malware. A new study digs deeper into the subject and reveals that the majority of the illicit operations have their footing in a central location – the GitHub repository.

Researchers from the Universidad Carlos III de Madrid in Spain and King’s College London have put together a report (in pdf) that shows crypto-mining malware has allowed thieves to get away with 720,000 XMR tokens. This amounts to around 4.30% of the total circulating supply and could be worth an estimated $57 million. They also point out that most of the malware has been hosted by GitHub.

The report was also able to determine the destination for the bulk of the XMR mining malware. According to the researchers, most ended up in a single crypto mining pool, crypto-pool. Members of the pool have, to date, mined a minimum of 435,689 XMR, or roughly $47 million.

In stealing computer power in order to conduct illegal crypto mining operations, hackers can designate their actions to send the digital currency either to a mining pool or to their own wallets. By sending to a mining pool, there are better odds that mining payments will be received since large mining pools typically receive more blocks to mine. The use of a mining pool also reduces the dependency on special or expensive mining equipment.

In total, there were 2,472 cryptojacking campaigns, with almost all of them – 99% – earning under 100 XMR. The researchers added, “We also observe that while majority of the campaigns earn very little, there are a few campaigns overly profitable. This indicates that the core of this illicit business is monopolized by a small number of wealthy actors.”

GitHub and DropBox, a file-sharing service, were the two most common sources of the malware. The researchers explain that the hackers will use variations of Trojan horses that force the target to download and install the malware. They stated, “We observe that GitHub is the most popular site used to host the crypto-mining malware. This is because GitHub hosts most of the mining tools, which are directly downloaded — for malicious purposes — by droppers. Additionally, GitHub is also used to host modified versions of the miners (e.g., by removing the donation capabilities or adding further capabilities).”

GitHub and Dropbox aren’t alone, however. The researchers also indicated that malware was found hosted on Bitbucket, Google, Amazon Web Services, as attachments on Discord channels and as torrents.

Note: Tokens on the Bitcoin Core (SegWit) chain are referenced as BTC coins; tokens on the Bitcoin Cash ABC chain are referenced as BCH, BCH-ABC or BAB coins.

Bitcoin Satoshi Vision (BSV) is today the only Bitcoin project that follows the original Satoshi Nakamoto whitepaper, and that follows the original Satoshi protocol and design. BSV is the only public blockchain that maintains the original vision for Bitcoin and will massively scale to become the world’s new money and enterprise blockchain.

COMMENT

latest news

Blockchain analyst CipherBlade criticizes WSJ journalism, or lack thereof

Tech 22 March 2019

Blockchain analyst CipherBlade criticizes WSJ journalism, or lack thereof

CipherBlade, a blockchain investigation firm, has concluded that the Wall Street Journal (WSJ) has overstated its previous claims about the cryptocurrency exchange ShapeShift.

Read More
Unwriter announces Bottle, a Bitcoin browser

Tech 22 March 2019

Unwriter announces Bottle, a Bitcoin browser

Looking to find a way out of the world wide web, Unwriter has released Bottle, a new browser exclusively for the Bitcoin SV network.

Read More
Money Button CEO: How to upload large files to Bitcoin SV blockchain

Tech 22 March 2019

Money Button CEO: How to upload large files to Bitcoin SV blockchain

OP_Return has a 100KB upload limit, but Ryan X Charles will show you how you can upload much larger files with a new tool from Money Button.

Read More