Chinese police have arrested the malware developers who carted away $2 million in cryptocurrencies by hacking millions of computers.
At first, the computers were infected with a mining program and mining monitoring software.
In a combined effort from various Chinese law enforcement agencies, 20 people were arrested for the brazen crime. However, 11 of those arrested have been released on bail while 9 are still in police custody. The group is suspected of illegally taking over more than 389 million computers across China, while the suspects utilized a total of 1 million computers to discretely mine for them.
The security team at Tencent Keeper Program has been applauded for giving the police a heads up on the hack. Earlier on January 3rd, the team initially detected a game plug-in containing a Trojan horse program. The operation went on continuously for two years during which over 26 million coins were mined including DigiByte (DGB), Decred (DCR), and Siacoin (SC). In total, over 150 million worth in Chinese yuan were mined as a result.
Police detectives said the hacker groups usually go for cryptocurrencies that are difficult to mine in the market. Hackers tend to get control over other computers through cloud computing services. After getting control of the systems, the hackers install their virtual currency mining programs on them.
As long as the hacked computers are on, they uninterruptedly go on mining cryptocurrencies in the background and move them back to the hacker group for fast cash outs.
The Trojan program developers were first detected in Qingzhou, where one Yang Mobao was later identified as the leader of the team. The Municipal Bureau of Network Security Detachment and Qingzhou Municipal Bureau created a task force which apprehended Mobao on March 8, at his residence.
During trial, Mobao confessed to using the game plug-in to illegally access computer systems.
Soon after, the task force found out Dalian Yuping Network Technology Co. Ltd. was responsible for the master plan, carried out by He-Mou and his wife Chen Mou, who was the company’s financial director.
The task force deployed over 50 units to Dalian on April 11, where 16 people were arrested.
According to the indictments, He Mou had instructed his R&D department to concentrate on researching and creating mining software and mining Trojans, in 2015. Once done, the Trojan was then released to the public who inadvertently downloaded it without knowing its real use. All mining proceeds were immediately sent to He-Mou’s wallet, while Chan Mou was in charge of handling payments.