20 Crypto-Jackers Arrested in China

Monday, 09/07/2018 | 14:53 GMT by Simon Golstein
  • The malware infected around one million computers and mined more than $2 million.
20 Crypto-Jackers Arrested in China
Bloomberg

According to local news source legaldaily.com.cn, 20 people have been arrested over a Cryptojacking scam affecting millions of computers throughout China.

Cryptojacking refers to malware that mines cryptocurrency without the knowledge/consent of the owner of the computer. Many well-known websites have been infiltrated, and millions of dollars are being mined by criminals.

Earlier this month we reported on a Japanese man being sentenced to one year in prison for perpetrating a related scheme, and in May a virus was discovered that shuts down the infected computer when it is confronted by an anti-virus.

15 million yuan in two years

The investigation began on the 3rd of January this year when the Weifang City Public Security Bureau received a report from a security team from Tencent, the company behind the WeChat social media platform. The team had discovered a mining programme hidden in various plug-ins which were free to download.

The programme was traced to Qingzhou, and the Qingzhou Public Security Bureau was informed. It then set up a task force to deal with the case.

They found a scheme in which a group of people operated a number of chat groups which promoted a plug-in called 'World Internet Cafe'. The group was run by an individual called Yang Mobao.

Once installed, the plug-in displayed various advertisements for free downloads that would improve computer performance. This initial phase affected 3.89 million computers throughout the country. These downloads contained a hidden mining programme which initiates when it detects that the CPU is using less than 50 percent of the computer's processing power. Approximately one million computers were infected with this software.

The investigation found that a company called Dalian Shengping Network Technology developed the software and spread it by selling network management software to internet cafes.

The scheme began in 2015 when the company's financial director instructed the company's head of operations to focus company resources on developing mining trojans. The customer service department is also implicated as employees were instructing customers on how to use the software.

Over two years, cryptocurrency worth 15 million yuan (2.2 million dollars) was mined. The money was divided amongst the group.

According to local news source legaldaily.com.cn, 20 people have been arrested over a Cryptojacking scam affecting millions of computers throughout China.

Cryptojacking refers to malware that mines cryptocurrency without the knowledge/consent of the owner of the computer. Many well-known websites have been infiltrated, and millions of dollars are being mined by criminals.

Earlier this month we reported on a Japanese man being sentenced to one year in prison for perpetrating a related scheme, and in May a virus was discovered that shuts down the infected computer when it is confronted by an anti-virus.

15 million yuan in two years

The investigation began on the 3rd of January this year when the Weifang City Public Security Bureau received a report from a security team from Tencent, the company behind the WeChat social media platform. The team had discovered a mining programme hidden in various plug-ins which were free to download.

The programme was traced to Qingzhou, and the Qingzhou Public Security Bureau was informed. It then set up a task force to deal with the case.

They found a scheme in which a group of people operated a number of chat groups which promoted a plug-in called 'World Internet Cafe'. The group was run by an individual called Yang Mobao.

Once installed, the plug-in displayed various advertisements for free downloads that would improve computer performance. This initial phase affected 3.89 million computers throughout the country. These downloads contained a hidden mining programme which initiates when it detects that the CPU is using less than 50 percent of the computer's processing power. Approximately one million computers were infected with this software.

The investigation found that a company called Dalian Shengping Network Technology developed the software and spread it by selling network management software to internet cafes.

The scheme began in 2015 when the company's financial director instructed the company's head of operations to focus company resources on developing mining trojans. The customer service department is also implicated as employees were instructing customers on how to use the software.

Over two years, cryptocurrency worth 15 million yuan (2.2 million dollars) was mined. The money was divided amongst the group.

About the Author: Simon Golstein
Simon Golstein
  • 780 Articles
  • 16 Followers

More from the Author

CryptoCurrency