Report: GitHub hosts the most cryptocurrency mining malware of any site

It’s no secret cryptojackers prefer Monero , but now researchers have determined exactly how much they have gained with illicit cryptocurrency mining malware.

In a new study , academics from Universidad Carlos III de Madrid and King’s College London calculated that crypto-mining malware has generated roughly 720,000 XMR – or 4.32 percent – of Monero‘s currently circulating supply, reports CoinDesk.

While the exact amount of generated revenue depends on when the criminals cash-out their earnings, the researchers estimated it to be worth nearly $57 million over the last four years ($1.2M per month).

Popular online code repository GitHub was recognized to host more of the mining malware than any other site.

A small group of wealthy bad actors are running the show

The research also analyzed where that XMR was being routed to. When hackers steal computing power to mine cryptocurrency surreptitiously, they can employ two possible strategies: joining a “mining pool,” or mine by themselves.

Using mining pools has advantages – it increases the odds of receiving payments for mining (as pools with more members are more likely to receive blocks to validate). It also reduces the need for specialized mining equipment.

What’s noteworthy is that an overwhelming majority of the XMR mined through cryptojacking campaigns has gone directly to one cryptocurrency mining pool: crypto-pool. To date, its members have mined at least 435,689 XMR (almost $47 million).

Researchers detected 2,472 cryptojacking campaigns, finding that 99 percent earn less than 100 XMR ($4.7K).

“We also observe that while majority of the campaigns earn very little, there are a few campaigns overly profitable,” they wrote. “This indicates that the core of this illicit business is monopolized by a small number of wealthy actors.”

GitHub hosts a lot of cryptocurrency mining malware

The researchers found hackers are using legitimate sites like GitHub and Dropbox to facilitate the spread of cryptocurrency mining malware.

Cryptojackers build special malware “droppers,” a variant of Trojan horse computer virus that forces a target to download and install more malware.

Most of the time, these droppers downloaded standard Monero mining tools hosted by GitHub.

“We observe that GitHub is the most popular site used to host the crypto-mining malware. This is because GitHub hosts most of the mining tools, which are directly downloaded — for malicious purposes — by droppers,” the researchers wrote. “Additionally, GitHub is also used to host modified versions of the miners (e.g., by removing the donation capabilities or adding further capabilities).”

The paper lists other public repositories and file sharing sites favored by cryptojackers, including Bitbucket, Amazon Web Services, Dropbox, and Google.

The researchers also found Monero mining malware hosted as torrents, attachments in Discord channels, as well as obfuscated through various URL-shortener services.

Last September, the Monero community was forced to rebuke cryptojackers who had been terrorizing the internet, after government routers in the US were discovered to be housing mining malware.

Hackers also hijacked several municipality websites in India , forcing users’ browsers to illegitimately generate Monero with embedded malicious code.

Ethereum market faces bearish ‘death cross’ pattern, while Bitcoin retains momentum

Ethereum, the world’s second-largest cryptocurrency, is struggling to find any sense of market momentum, with its price dropping almost 50 percent since its 2019-peak of $349.

To make matters worse, Ethereum‘s market is on the verge of a “death cross.” This is a spooky technical pattern that’s only happened three times before in its history, reports digital asset research firm Delphi Digital in commentary shared with Hard Fork.

“Death crosses” occur when an asset’s moving price average over the past 50 days dips (or ‘crosses’) below the moving price average over the past 200 days. These are highlighted on the chart below by red circles.

“The historical precedent for such an event is quite limited given its relatively short price history, but in the three prior instances, ETH’s average loss in the following 14 and 30 days was 6 percent and 7 percent, respectively,” said Delphi Digital.

“The most recent death cross occurred in April 2018 after ETH tumbled more than 20 percent in the 30 days leading up to the event,” it added. “It proceeded to fall another 14 percent over the subsequent two weeks.”

Bagholder’s favorite cryptocurrency BNB hasn’t posted gains in a while

When it comes to the broader cryptocurrency market, Bitcoin has been killing it. Over the past 90 days, its price has risen over 36 percent, which makes it the best performing large-cap digital asset over that period.

“Price does not necessarily reflect the true intrinsic value of any given token or coin, but the growing sophistication among crypto investors coupled with the strengthening ‘digital gold’ narrative for Bitcoin has helped suppress much of the publicly traded crypto market in recent months,” said Delphi Digital.

Binance Coin (BNB), the branded token of prominent cryptocurrency exchange Binance , has performed much worse over the past three months.

Last week, BNB dropped 13 percent, which Delphi Digital noted as the second straight week that it’s been found among the worst-performing large-cap digital assets.

Stellar Lumens (XLM) is also heavily down, with its US-dollar value essentially halving over the past 90 days.

The suffering of alt-coin markets can be further represented by Bitcoin‘s increasing “market dominance,” which recently hit 70 percent for the first time since March 2017.

That sounds impressive, but you can read more on why that doesn’t mean shit , as it’s a metric based on some pretty flawed concepts.

This is not investment advice. This is for educational purposes only. Do your own research.

3 years later, Visa’s blockchain-powered payment network finally goes live

Visa’s blockchain-powered B2B payments product has finally gone live after almost three years in the making.

First made public in October 2016, the Visa B2B Connect network is being made available in 30 markets, with plans to expand to as many as 90 territories by the end of the year.

According to a company statement , the service was created to help financial institutions (aka Visa’s corporate clients) to circumvent existing banking networks and process cross-border payments by leveraging blockchain technology.

“Launching Visa B2B Connect marks an important industry milestone which will accelerate the evolution of how commercial payments move around the world,” said Kevin Phalen, SVP, global head of Visa Business Solutions.

“By creating a solution that facilitates direct, bank to bank transactions, we are eliminating friction associated with key industry pain points. With Visa B2B Connect, we are making payments quicker and simpler, while enhancing transparency and consistency of data,” he added.

It’s worth noting, however, that the network is not actually a blockchain, although some elements of the technology have been used because they allow network participants to transfer more information on a payment than existing alternatives, Phalen told Reuters .

Initially Visa worked alongside startup Chain to create the new platform but eventually decided to use elements of Hyperledger Fabric, the Linux Foundation’s open source distributed ledger.

IBM, FIS, and Bottomline helped Visa build the network. IBM has been somewhat active in the distributed ledger space despite Hyperledger being criticised for not being a real blockchain.

However, last month we reported on how IBM was putting sustainable shrimp on the blockchain. The tech giant also launched a blockchain skills academy with University of Louisville.

Hunter Jones

Hunter Jones

Next Post

Leave a Reply

Your email address will not be published. Required fields are marked *