Crypto-mining malware nets hacker group $3.4 million worth of Monero coins

Israeli security firm Check Point uncovered a large-scale cryptocurrency mining operation which installed malware on servers running Jenkins, an automation software designed for web development. The mining operation has, to date, mined around $3.4 million worth of Monero using malware installed on internet-connected Jenkins servers.

Unlike other illicit cryptocurrency mining operations, this one targeted servers rather than personal computers, which is why it went undetected long enough to earn some serious cash — $3.4 million as of this reporting.

The mining operation, which Check Point tracked to China, exploited a known vulnerability in Jenkins servers which allowed them to essentially ask the automation software to download and install the crypto-mining software. Jenkins, the ever-faithful automation software happily obliged.

Though this mining operation didn’t target personal computers, Check Point speculates that its presence on these Jenkins servers could still have some negative effects for everyday people.

“The JenkinsMiner could negatively impact the servers, causing slower load times and even issuing a Denial of Service. Depending on the strength of the attack, this could prove to be very detrimental to the machines,” Check Point reports.

While this kind of vulnerability might not be of concern to most people, it should definitely raise some eyebrows for web developers. It’s not the first time Jenkins servers have been exploited, and according to Bleeping Computer, exposed Jenkins servers pose a serious security risk to the web at large.

Citing research from security expert Mikail Tunç, Bleeping Computer reports that the researcher detected 25,000 exposed and vulnerable Jenkins servers as of mid-January. These servers are vulnerable not only because of the known exploits which hackers can use to turn them to their own ends but because of their connection to the internet. Insulating a Jenkins server from the web would be a big step in the right direction and keep hackers from repurposing a benign automation tool into a crypto-mining powerhouse.

This cryptocurrency mining operation is just one of many similar operations, siphoning clock cycles to mine Monero or other cryptocurrencies. According to Bleeping Computer, illicit Monero mining is already seeing an enormous uptick in 2018, with no signs of slowing down.

Why Monero? Well, Monero is an open-source cryptocurrency designed to be untraceable, private, and highly secure. Its security features make it an excellent choice for privacy-minded individuals, and sadly, illicit operations like this malicious mining operation.