Hijacker Mines $620,000 in Dogecoin after Gaining Access to Storage Devices
Gabriel Roşu / 4 years ago
Bitcoin might take the lead in the crypto currency market, having many users and organisations mine it through pools or even personal computers. A hijacker however appears to have mined a small fortune in Dogecoin after allegedly taking control of some storage devices.
Dell Secureworks researchers Litke and David Shear have followed a security vulnerability in storage hardware manufactured by Synology. It is said that researcher Andrea Fabrizi has found the operating system used by the devices in question contained flaws and would allow a remote attacker to gain control of the machines and install malware.
While this was back in September, in February it was reported that Synology users began complaining about their devices running slow, having one uses posting on Facebook that a folder named ‘PWNED’ has been discovered on the machine.
After taking a look at the found folder, Litke and Shear then found a program known by digital miners as CPUminer. Further analysis showed that Dogecoin was being mined and sent to two addresses, having more than $200,000 at the current exchange rate. The researchers have also stated that the hijacker was moving the mined currency as quickly as it was produced. However, since this happened a few months ago, the exchange rate of the Dogecoin in question has been determined to be about $620,496.
Neither Litke nor Shear could determine how the massive amount was mined, given that the Synology boxes do not have a lot of processing power. Mining cryptocurrency with a CPU takes a lot of time and not to mention machines. This is why a GPU or ASIC chips are used in order to mine coins.
Though unable to determine how the full amount was mined, the researchers were successful in finding the username “Folio” leading to a GitHub and Bitbucket account. This is how they learned that he speaks German and focuses on security exploits. This information could also lead to the possibility of other devices having been hacked in order to produce the rest of the Dogecoin amount found in the accounts.
Though the Synology boxes are the latest ones, they are not the first. Mining malware has been out there for years, having infected numerous PCs in the past. Recently, smartphones and even security camera DVRs are being targeted by such malware. In addition to new malware targeting new devices along with the continuous complexity in mining bitcoin, it is predicted that illegal mining operations to switch to other bitcoin alternatives.