Researchers to Find Malicious Monero Miner in Google Play

The miner wasn't hidden - it had to sent XMR to user's wallet, but sent it to scammer's wallet instead
13 March 2018   472

In the Google Play app store, an application for the Monero mining with a "defect" was found. Monero Miner successfully coped with the stated task and really mined the crypto currency, using for this purpose the computing power of the Android devices, but their owners did not become richer from it. This is reported ESET antivirus company.

The thing is that mined XMR coins were send to the scammers addresses, not user's. 

The general mining fever helps scammers. Some of them hide the function of mining in their mobile applications for hidden mining using the users' devices. Others, on the contrary, specifically develop applications to deceive novice miners. 

Sergey Kuznetsov

Head of the technical support department,  ESET Russia products and services

To date, the application has been removed from Google Play. Before that, up to 50,000 users could install it. 

Report: 16 Persons arrested for Monero Jacking in Japan

Coinhive has been installed by Japanese hackers on the websites with weak security to mine Monero - a privacy coin, what makes it harder to catch criminals
17 June 2018   130

A number of profile websites have been suffered from cryptojacking. This year eralier, Tesla’s website was applied by hackers in order to mine Monero with Coinhive. A bug in Drupal lead to 300 sites became infected with Coinhive, including the websites of San Diego Zoo and the government of Chihuahua. As declared in the official report of UK’s National Crime Agency (NCA), the issue is not going away in the near future:

Popular websites are likely to continue to be targets for compromise, serving cryptomining malware to visitors, and software is available that, when run in a webpage, uses the visiting computer’s spare computer processing power to mine the digital currency Monero.
National Crime Agency, the UK

The Japanese authorities have made significant progress in case of cryptojacking. Last week, it was displayed that the Japanese police was examining 3 suspects using Coinhive to run mining scripts in many sites surreptitiously. The recent report from local publication The Asahi Shimbun claimed that the police have now captured 16 persons from 10 prefectures for cryptojacking, aged between 18 and 48. The suspects had conducted their own websites, that they allegedly applied to transfer programs to the visitors of their site for mining digital money without the consent of the users.

All suspects, except one, had used Coinhive. The one person had created his own program, very similar to Coinhive and he has been detained on suspicion of making a computer virus. Although Coinhive is free to install, it processes on a 70/30 model. Only 70% of the Monero mined goes to the website operator, and the remaining 30% goes to Coinhive developers.

The individuals that had only set Coinhive on the websites they owned and not on the hacked sites, were arrested nevertheless as they did not get any permission from their visitors to mine cryptocurrencies.