Police in Japan have charged three individuals with infecting the computers of unsuspecting individuals with malware that mines the privacy cryptocurrency Monero.
According to the Japanese daily news provider Mainichi, the three individuals are accused of setting up web sites designed to attract and then surreptitiously infect visitor’s computers with a Monero-mining software called Coinhive.
Although Coinhive networks are used to mine Monero consensually for charities like UNICEF and Bail Bloc, the software is also being widely deployed to mine crypto on affected computers’ without owner’s awareness or permission.
Malicious Coinhive infections engage infected computers’ CPUs (Central Processing Units) to mine Monero coins and then send them back to culprits.
Cryptocurrency mining is an energy-intensive process that consumes a lot of power. Victims of cryptojacking may experience reduced computer performance and damage and are left holding the (electricity) bill.
Mainichi reports that:
“Computer security companies such as Trend Micro have warned users about Coinhive…The company detected 181,376 terminals running mining software from January through March 2018 in Japan, marking an explosive increase from 767 in the same period a year ago.”
Although regular computers can only mine a little crypto at a time, if that, malware-infected “botnets” (hundreds or thousands of synchronously infected computers) have reportedly generated hundreds of thousands of dollars for hackers.
Police used anti-computer virus laws to charge the three accused, who reside in Kanazawa, Chiba, and Tochigi in central Japan.
One suspect is a web designer and another was previously ordered to pay 100 000 yen for “illegally storing a computer virus.”
Lawyers for that defendant claim that “cryptojacking” using Coinhive does not involve a virus, and rather uses a method similar to ad scripts that generate pop up ads, thereby generating revenue for the site.
“Following a search for hotels, internet users often see hotel ads even when they are visiting websites not related to accommodation because view records are used for ad distribution,” writes Maniachi.
But police have apparently made a distinction between pop-ups and Coinhive used as malware: people can see ads and use ad blockers, but are not made aware of the presence of Coinhive on their computers.