Digital currency mining malware that earned its creators more than $2 million over two years has been detected, with the developers now facing potential jail time or hefty fines at the least. According to local media outlets, detectives have arrested 20 suspects, working in a computer technology company. 11 of them were released on bail and 9 remain arrested.

Having access to a large number of computers, they have managed to infect them with malware that has further spread across the country. A staggering 389 million PCs were deemed to have been “illegally controlled” by the group, with over a million of them silently mining virtual currencies.

The fraudsters hid the malware inside internet browser plug-ins and by installing them, people, unbeknownst to them, lent their computing power to quietly mine digibyte, siacoin and decred tokens. Whenever the software detected CPU utilization of less than 50%, the crypto mining operations would start, with all proceeds getting sent back to hackers. Over 26 million tokens had been mined during the course of the illicit operation.

The scammers were quite well organized, as they had an additional agent network, dedicated to spreading the software in internet cafes and other accessible areas. The lesser-known cryptocurrencies were chosen due to the fact they require less computer resources and thus the secret mining process is harder to detect.

Developers of the illicit software were located and apprehended in the town of Qingzhou, with an individual named Yang Mobao identified as the leader of the group. Shortly after, the authorities found out a company named Dalian Yuping Network Technology was the real culprit, run by He Mou and his wife Chen Mou, who ran the financial side of things.

Reportedly, the development of the mining malware started back in 2015, with the Trojan-like software released to unsuspecting public shortly after completion. All of the mined coins were automatically delivered to He Mou’s wallet with his wife handling the further distribution of the profits.

This is not the first instance of siacoin being targeted by similar illegal operations. Just last month, Chinese police found out that over 100,000 computers at internet cafes were contaminated with malware that silently mined siacoin. A single network technician was behind the scam and he managed to spread the illicit software across 30 Chinese cities, pretending to do routine checks.

Image Source: “Flickr”