Sign up to our newsletter
The latest security news direct to your inbox
A hacker has reportedly harvested over $600,000 in digital currency, using a network of hijacked machines, in what is believed to be the largest fraud of its kind.
The crime was discovered by tracing malware-infected network attached storage (NAS) drives back to a single hacker. Researchers at Dell say the hoard, which took just two months to accumulate, may represent the largest operation of its type to date.
The hack isn’t technically a theft, as the money was created rather than stolen. Cryptocurrencies like Bitcoin are ‘mined’ by solving complex algorithms, a process that gets harder as it goes on, requiring more and more computing power to generate new currency. The hacker used malware to infect the NAS drives, harnessing their collective power to generate Dogecoin, a Bitcoin derivative named after a popular internet meme.
The NAS drives in question were made by Taiwanese company Synology. In February this year, users started to notice sluggish performance from their drives. One user posted on Facebook that he had found a folder entitled ‘PWNED’ on his drive that was responsible for the drop in performance.
It had already been noted last September that the drives contained flaws in their operating system that would allow remote attackers to install malware. Researchers David Shear and Pat Litke examined several users’ ‘PWNED’ folders and discovered a program called CPUminer, designed to mine Bitcoins or similar.
Checking the public record of transactions in Dogecoin – all cryptocurrency transactions are publicly logged – they were able to track the operations back to the same hacker. A total of more than 500 million coins were mined – at today’s exchange rate, worth $200,000. However, exchange rates were higher earlier in the year, and Litke and Shear worked out the hacker would have made $620,496.
The hacker is believed to be German, and to have hacked other devices as part of accumulating his ill-gotten fortune. Fraudulent mining operations have been discovered on a wide range of devices including smartphones and CCTV cameras, as hackers look to use devices with weaker security than PCs.
Author Alan Martin, ESET