Whoever it is has collected more than 500 million dogecoins, making it “the single most profitable, illegitimate mining operation,” Dell researchers wrote on their Secureworks blog. While that’s only $175,000 U.S. at today’s exchange rate, according to DogePay, at the time of the incident, it could have amounted to as much as $625,000 U.S., the researchers claim—and the individual(s) responsible was apparently converting the coins almost immediately.
The hacker(s) accomplished this by taking control of Network Attached Storage (NAS) systems, which function as purchaseable servers attached to a network. They compromised NAS boxes sold by Synology, Inc., hiding the malware that instructed the boxes to mine Dogecoin in a folder called “PWNED.”
It’s not clear why someone so skilled would go for such a relatively worthless coin as Dogecoin, with a market cap of $30 million, is relatively worthless compared to Bitcoin (market cap $7.8 billion), and purposefully so. But Dogecoin takes far less computing power to mine, and it’s less competitive to do so, making it an easier target than Bitcoin.
Dell did find, however, that by searching through the hacker’s online history, he’s likely German and has an interest in security exploits.
One thing’s certain: It’s not all fun, games, and Shibu Inus anymore.
H/T Wired | Illustration by Jason Reed