Researchers at SecureWorks, the information security services subsidiary of Dell, have uncovered what appears to be the biggest string of malicious mining attacks ever. More remarkable is that this time, it was for dogecoins.
Over 500 million dogecoins were mined off of storage hardware made by Taiwanese manufacturer Synology. SecureWorks had been researching Synology’s machines for security vulnerabilities for several months. Users had complained that their machines were running slowly. Suspicious files like “CPUminer” were found.
The coins were sent to two addresses and mined over a 2-month period around February of this year- the peak of Dogecoin prices, perhaps the motivation for the hacker.
The sheer quantity of dogecoins mined represents 1% of the total circulation at the time, which was roughly 50 billion.
Why Your Enterprise’s Finances Rely on Employee TrainingGo to article >>
Dogecoin had traded close to the equivalent of 300 satoshi ($0.002) during those days. If cashed out at maximum levels, which would have been a challenge considering the excess supply flooding the market, the hacker would have netted $1 million. The researchers assess that his actual bounty was closer to $620,000. Based on current prices, the stash would be worth $180,000.
It’s still a bit of a mystery how such a large bounty was reaped from the Synology boxes, which the researchers said have the computing capacity of a smartphone. While Dogecoin mining is far less computationally intensive than that of Bitcoin, such apparatus is still grossly inadequate to yield such a reward. Even thousands of such machines are insufficient.
The researchers did trace a username found in the malware to accounts on GitHub and Bitbucket, owned by a German-speaking individual focused on security exploits. They believe that the many of the coins were mined from other machines.
If similar such attacks happen in the future, we may see that well-traded altcoins will be the products of choice. In an attack where available resources are fairly limited, even when carried out across multiple machines, a low mining difficulty and favorable exchangeability are key to maximizing the hacker’s profits.