An unknown hacker has reaped an estimated 500 million dogecoins – worth nearly $200,000 at today’s prices – by hacking into a series of data storage hubs for computer networks, according to SecureWorks, an information services subsidiary of personal computing giant Dell. The SecureWorks report revealed that the hacker targeted network attached storage (NAS) boxes made by Taiwan-based Synology Inc. and used its computing power to mine dogecoin through a private pool. The action caused problems for Synology’s customers.
(
CoinDesk) An unknown hacker has reaped an estimated 500 million dogecoins – worth nearly $200,000 at today’s prices – by hacking into a series of data storage hubs for computer networks, according to
SecureWorks, an information services subsidiary of personal computing giant
Dell.
The SecureWorks report revealed that the hacker targeted network attached storage (NAS) boxes made by Taiwan-based Synology Inc. and used its computing power to mine dogecoin through a private pool. The action caused problems for Synology’s customers, some of whom reported poor performance on Facebook in February.
SecureWorks called the months-long intrusion unprecedented, saying:
“To date, this incident is the single most profitable, illegitimate mining operation.”
Following reports of an issue, the investigators ultimately discovered a folder entitled ‘PWNED’ that contained the mining software CPUMiner and the capacity to conceal the program.
The address the mined dogecoins were being sent to
was also identified,
revealing the accumulation of more than 400 million dogecoins. Along
with another wallet, the hacker generated roughly 500 million dogecoins
between January and April.
In
addition to exploring the technical aspects of the hack attack,
SecureWorks delved into the possible identity of the assailant,
suggesting that “the findings strongly indicate that the threat actor is
of German descent”.
Hacker used private pool
The
configuration file of the software that was infecting Synology’s NAS
boxes pointed to the presence of hidden mining software.
CPUMiner,
the program used, had been modified to run on the boxes and was
connecting to a dogecoin pool not associated with any public mining
group, SecureWorks said. Each NAS box acted as an individual miner,
connecting to the pool and generating dogecoins.
SecureWorks
accessed the data being sent to the NAS boxes, which allowed them to
ascertain the
dogecoin wallet address holding the fraudulently mined
dogecoins, as well as the possible identity of the hacker.
Dubbed
“foilo.root3″ in the configuration file, the user appears to have a
connection with accounts on GitHub and BitBucket, although it remains
unclear whether the name is unique to a single person.
Mining malware gains
The
dogecoin mining attack represents one of the more creative approaches
to generating digital currency through fraudulent means. Other recent
attempts have found wrongdoers using unique means to upload software to
mine
bitcoin, but in nearly all cases, the program was designed to
conceal itself and its operations.
Last month, unknown hackers attempted to distribute bitcoin mining malware through a modified torrent file of the video game
Watch Dogs. This attack was notable as it targeted another form of online piracy.
A
more unusual concealed attempt to create mining botnets out of mobile
phones was uncovered in April. At the time, a group of wallpaper apps
listed on the
Google Play app store were discovered to contain bitcoin mining programs.
Open your free digital wallet here to store your cryptocurrencies in a safe place.
