Reportedly, there has been a piece of software mining Monero (XMR) secretly on android devices. The malware was first identified by Malwarebytes (a security company that produces anti-malware services). The malware works by redirecting users into a website that captures the processing power of a computer or smart phone. There is more. Other reports indicate that this is not the only incident where Monero has been mined secretly from computers on the internet.
Jenkins servers running a Monero (XMR) mining malware
If you are running a Jenkins server, you might want to check if its fully patched as Check Point ( an Israel based security firm) has ventured a large scale automated cryptocurrency mining malware running on Jenkins servers. The crooks running the malicious mining operation have so far made away with about $3million worth of Monero (XMR). Apparently, the mining malware was run on Windows machines that were connected via the internet to Jenkins servers, remaining undetected for a while unlike most illicit mining activities that run on PCs and are easily detected.
According to a statement by Check Point, the hacking of the otherwise powerful Jenkins servers was an “operation that uses a hybridization of a Remote Access Trojan (RAT) and XMRig miner” that runs on a multitude of windows operating machines.
While the vulnerabilities on Jenkins servers might not be alarming to many cryptocurrency enthusiasts, developers and users of the Jenkins servers are definitely paying attention to the developments as this is not the first time Jenkins servers are getting attacked.
In fact, Mikail Tunc (a research and security Expert) confirms in a report that there are about 25,000 vulnerabilities exposed on Jenkins servers. The fact that the serves are connected to the internet in addition to the hacker’s knowledge of the said vulnerabilities is a major contributor to the success of the culprits who made away with a staggering amount of money during the malicious mining that took place in a period of 18 months.
Additionally, Check Point has also identified Jenkins as the “most widely deployed automation server “with about a million users on its platform making it a prime target for hackers. Furthermore the fact that Jenkins servers feature incredible power and that Monero is a privacy centric coin that is virtually untraceable also explains why they managed to mine over 10,000 XMR unnoticed.
Monero’s journey from the dark web and now mainstream
Currently priced at over $300, with a market cap of over 4 billion USD, Monero (XMR) has come a long way from it days as an exchange of value in the dark web. Apart from the fact that the coin is marred by reports of unauthorized mining on PC’s, servers and android phones , Salon( an award winning online media outlet is looking to put a positive twist to the mining of Monero by providing its readers an opportunity to mine Monero on their idle PC’s.
Monero (XMR) has already gained popularity in the cryptocurrency community as a provider of anonymity and privacy. However, with more options such as what Salon is offering, a mainstream up take of the untraceable cryptocurrency is near, even in the middle of an uncertain and volatile market.