Siacon mining falls victim to massive malware hack in China

Getting your Trinity Audio player ready...

The cryptocurrency space continues to be affected by scams, hacks and outright frauds as it struggles to recover from the huge loss in confidence caused by the massive drop in prices over the past months. One of the most popular forms for cyber thieves to make money is crypto jacking with Monero being one of the main targets of late. In fact, according to security firm Palo Alto Networks, around 5% of the privacy-oriented cryptocurrency in circulation is estimated to have been fraudulently mined.

Another incident that came to light over the weekend in China has created considerable panic amongst the crypto community. According to local reports, a ring of cyber criminals collaborated with computer maintenance companies in the country to inject computers based at around 100,000 internet cafes with malware to mine Siacon illegally. The hacking group allegedly mined well over $800,000 of the coin, according to estimates.

The illegal mining scheme has reportedly been in operation since July 2017, with over 100,000 internet café computers affected by the malware hack. The Chinese media reported that a network technician who works for internet café software firm JinHua was allegedly the brains behind the illegal cryptocurrency mining scheme. According to investigators, the technician developed the cryptocurrency mining malware, which, in turn, was installed by maintenance firms on these computers when routine checks were carried out. The eventual proceeds from the scheme was split amongst those participating in the heist, according to reports.

Most crypto jacking malwares usually limit their activities and their resources they use to avoid eventual detection. However, it appears that the Jin Hua malware was not limited and was actually mining at full capacity. Concerns had already been raised when internet cafes in the city of Rui’an in Zhejiang Province reported bogged down processing speeds of their internet café computers. Electricity bills for these cafés had suddenly shot up but when the maintenance companies checked the computers they found nothing amiss, according to reports.

The malware eventually spread to 30 cities, but it was only after the internet café owners began realizing that the whole business was becoming unviable that they lodged a complaint with the police. Arrests were made in October 2017 with 16 suspects currently held in custody. However, investigations on the issue are still ongoing with the malware still to be contained after having spread to several other Chinese cities. At least 100 maintenance companies are allegedly involved in the scheme.