Hackers Mine $800k worth of Siacoin
According to news reports, a group of hackers teamed up with computer maintenance companies in China and proceeded to hack into computers owned by internet cafes so that they could mine cryptocurrencies.
On Saturday, the police in the city of Rui’An in Zhejiang province in China arrested 16 people suspected to have gained 5 million yuan (~$800,000) by hacking into more than 100,000 computers in internet cafés across more than 30 cities in the country and using them to mine the Siacoin cryptocurrency. The group is suspected to have mined for this crypto since July last year.
According to the police report, hackers first created a malware designed specifically to mine Siacoin from affected devices. After having created that malware, the perpetrators then proceeded to market this software to computer maintenance firms. These firms helped the hackers by injecting this malware into computers at internet cafés during their scheduled maintenance checkups.
Once the system was set up, the profits garnered from mining for Siacoin using these computers was split between the hackers and the computer maintenance firms.
How Was the Hack Caught?
The hack was first noticed in July of 2017, when the internet cafés in the city of Rui’An noticed that their computers were becoming extremely slow, with the CPU usage rate being at 70% even when the computers were restarted.
Simultaneously, the price of Siacoin skyrocketed 400% from $0.002 in May 2017, to more than $0.01 by July.
The third indicator of something being drastically wrong were the electricity bills that these internet cafés got. All of them showed electricity bills that were significantly higher than before, leading the owners of the cafés to suspect something was wrong.
The matter was then reported to the local police.
What made things easier for the local police was that most of the internet cafés in Rui’An were serviced by one computer maintenance firm. The police arrested the Chief Executive Officer of the firm (whose name was not released in the reports) in August and interrogated him. The CEO then revealed the hack-attack plan and also named of some of the hackers during this interrogation.
This investigation is still ongoing since the scale of the hack is massive, having spread to 30 cities. Authorities also suspect that more than 100 computer maintenance companies across these cities are involved in this plot.
The arrest of 16 of the hackers is just the tip of the iceberg.