On the most recent episode of Monero Talk, host Douglas Tuman spoke with King’s College London Assistant Professor Guillermo Suarez-Tangil about a research paper (PDF) he co-authored with the University Carlos III of Madrid’s Sergio Pastrana about the degree to which malware is involved in the crypto asset mining ecosystem. Their paper estimates that at least 4.32% of all Monero in circulation has been mined through the use of malware.
During the interview, the discussion turned to the reasoning behind criminal hackers’ decision to mine Monero over other crypto assets. While Monero’s ASIC-resistance and privacy features are noted by Suarez-Tangil as attractive attributes for malware-based miners, he also added that a more recent policy around hard forking the proof-of-work (PoW) algorithm used in Monero has caused some problems for those who mine via botnets.
Why Do Criminal Hackers Mine Monero?
Mining Monero is a useful option for black hat hackers who have access to large numbers of other people’s computers because other crypto asset networks, such as Bitcoin, allow for the creation of specialized hardware that are orders of magnitude more efficient for specific hashing algorithms than what’s available in a normal desktop computer.
“Bitcoin, for example, was a theme several years ago, but . . . some of these big hackers started developing dedicated hardware to mine these things,” explained Suarez-Tangil. “I guess if you control a very large botnet of like medium-sized PCs, you are not able to compete with people mining bitcoin in one of these farms or using GPUs or using more advanced hardware.”
Suarez-Tangil specifically pointed to Monero’s somewhat recently implemented policy of hard forking the PoW hashing algorithm in response to the existence of ASICs focused on mining the crypto asset. These new ASICs, of which bitcoin mining giant Bitmain was a manufacturer, effectively became worthless bricks overnight.
Suarez-Tangil also mentioned that Monero has become a more widely-used form of money in the criminal underground, which means those who mine the crypto asset are able to use it to trade for other goods and services on these online black markets.
The Problematic Hard Fork Policy
Although Monero’s hard fork to change the PoW hashing algorithm last year was aimed at kicking ASIC miners off the network, the upgrade also had a negative effect on botnet-based miners. According to Suarez-Tangil, the criminal hackers who had rented out services from those who provide access to various botnets were forced to make additional payments in order to update the Monero-mining malware on victims’ computers.
“They need to pay the botnet owners to update their machines,” said Suarez-Tangil.
Suarez-Tangil added that the “big fishes” are still able to operate under these conditions as they have the required infrastructure to do so.
According to Suarez-Tangil, it would be possible to implement methods of making Monero more botnet-resistant in the future, but this would require mining pools to more closely monitor the activities of their users.