Cyberpolice in Ukraine say they have arrested a 32-year-old Bukovina resident accused of using “cryptojacking” software against a million individuals without their consent.
Police allege the man deployed the software surreptitiously to the computers of individuals visiting websites run by the man.
The sites reportedly carried free literature and scientific information and were visited by more than 1.5 million individuals per month.
Makers of the world’s most popular cryptojacking software, CoinHive, announced last month that they were shuttering the company.
CoinHive’s crypto mining software was reportedly first conceived as a way for websites to earn revenue from visitors without having to show them ads.
The software has also been used by charities, including Bail Bloc, “a cryptocurrency scheme against bail” that allows participants to donate spare computing power so it can be used to mine cryptocurrencies the charity later uses to help impoverished Americans pay bail.
While some CoinHive-utilizing sites only engage visitor computers for the duration of their visit to the site, CoinHive software was also quickly commandeered by hackers who have used it to create large botnets (zombified computer networks) engaged in the secret mining of cryptocurrencies (mainly Monero) 24-hours-a-day, seven days a week.
A number of company networks, including Starbucks wi-fi, have been commandeered by cryptojackers, and certain crypto-jacking attacks have involved forcing computers to refrain from “sleeping.”
Crypto-mining is an energy-intensive process that usually runs up electricity bills and can run down computer processors.
All those costs are borne by the victims, with hackers’ getting the proceeds and CoinHive reportedly taking a cut, regardless of origin.
According to an automated translation of the Ukrainian Cyberpolice press release, the accused Ukrainian cryptojacker reportedly also:
“…created and administered a large number of Internet resources…Using the computing capabilities of the processor and the graphics adapter, the attacker interfered with the work of electronic computers to the visitors of the above Internet resources. This resulted in a violation of the established order of information routing and further deterioration of the work of the visitor’s computers.”
Charges against the accused reportedly relate to Ukrainian laws against, “Unauthorized interference with the work of computers, automated systems, computer networks or telecommunication networks,” included in the Criminal Code of Ukraine.
The accused faces a possible term of six years in jail.