Cryptojackers Who Hacked $2M USD In Crypto Arrested In China

Crime, News | July 10, 2018 By:

Chinese authorities have arrested 20 individuals for allegedly hacking millions of computers and generating $2.2 million in illicit cryptocurrency mining profits.

According to local news outlet Legal Daily, Chinese law enforcement agencies started investigating the case after the security team at tech giant Tencent alerted the Weifang City Public Security Bureau about a mining script hidden in freely-downloadable Internet browser plugins.

Computers of users who installed the plugins were initially infected with a mining script and a mining monitoring software. Once the monitoring sofware detected that the CPU utilization of the computer was at less than 50 percent, the mining script would silently start mining in the background. According to the police, over a million computers were subsequently infected, mining a total of 26 million Digibyte, Decred and Siacoin tokens over the course of two years, totaling more than 15 million yuan ($2.2M USD).

The mining script’s developers were traced to the city of Qingzhou, where Yang Mobao was later identified as the leader of the group. The Qingzhou Public Security Bureau established a dedicated task force to handle the investigation, and arrested Mobao on March 8. Shortly after, the task force found out that a company called Dalian Shengping Network Technology was behind the masterplan, leading to 16 more arrests. 12 were found to be suspects of taking illegal control of other computers, while the remaining 4 were released on bail pending trial.

The authorities claimed that He Mou, founder of the Dalian Shengping Network Technology, had instructed his research and development (R&D) department to focus on researching and developing mining software and mining trojans, back in 2015. Dalian Shengping is alleged to have advertised free downloads to 2.89 million computers, selecting over 1 million of them for cryptojacking.

Last month, cyber security firm McAfee Labs reported that crypto mining malware grew at 629 percent in Q1 2018, rocketing from around 400,000 total known samples in Q4 2017 to over 2.9 million the next quarter.