A couple has been arrested by the Mossos in Tarragona for mining cryptocurrencies “by remote control”… parasitizing the resources of computers exposed large surfaces of his province, such as Mediamarkt and El Corte Inglés.
Both criminals had posed as clients to be able to manipulate the computers and thus have the opportunity to introduce them malware that would later allow the mining software to be installed and control them remotely.
How cryptocurrency mining works
Recall that cryptocurrency mining is carried out through proof of work, a ‘proof’ that you have made a certain level of computational effort (from the complex mathematical calculations that keep the blockchain going). Thus, the miner who provides the proof of work for a certain block more quickly obtains a profit in bitcoins.
But this kind of calculations requires great computing power (provided mainly through graphics processing cards or GPUs) that not all computers can offer, not to mention the enormous amounts of electrical expense necessary to keep multiple computers calculating constantly, as most cryptocurrency ‘miners’ have.
In fact, there are numerous cryptocurrency farms that have been closed in Spain that were illegally connected to power lines.
So they did
But the detainees in Tarragona chose another approach: ‘outsource’ electricity spending making it relapse in the big surfaces. And, to guarantee the necessary computing power, opted to introduce their malware onto computers specifically targeted at ‘gamers’, since those have more powerful hardware.
Nevertheless, the great effort to which the mining malware subjected them was what allowed the intrusion to be detected, when a Mediamarkt staff found that their theoretically new, high-powered equipment on display was failing and performing poorly, not to mention the ‘strange’ sound of their fans.
It was at that moment when they detected the presence of the malware, which was reported to the Mossos, which allowed – after an exhaustive review of the security images – to identify the couple now detainedShe had been entertaining the local staff while he took the opportunity to insert the USB stick with the malware into one of the PCs.
The security cameras captured the suspects visiting the establishment three more times: once access to the equipment was guaranteed, the next step was to install the mining software (Nicehash) and the remote desktop (AnyDesk).
The suspect, a computer scientist with a
When the Mossos finally intervened by searching his home, they discovered several computer equipment that they were using 22 computers to monitor at the time. It was then that it was discovered that the English Court had also been a victim of this intrusion system.
The 33-year-old suspect, a computer scientist by profession, has a history of fraud and public health crimes, and has recognized also having its own mining farm. Now, both he and his partner will face an accusation of intrusion into computer systems, fraud and damage.
Via | The vanguard