Mining malware?

Crypto-Currency Mining Malware


Cyberspace is here to stay, and its internal financial mechanisms and instruments develop with increasing speed today.

That means, that both sides of the coin do. And, there will be increasing interest, even conflicting interests in that who and what entities have a mandate to enforce regulation, do casual policing – and what is more, ultimately define implementations and practices of moral, ethics and finally, regimes, within the cyberspace.

Financial mechanisms in the cyberspace are increasingly based on decentralized tokens, and even when they are oftentimes marketed by using arguments of “practicality”, what the question really is about governance and rule of the cyberspace – a battle of power. Notion of decentralized non-governance is merely a myth here.

One pressing and fundamental issue within the financial system of the cyberspace, that is then the characteristics of crypto token schemes, is that of privacy. Privacy in relation to the real world, but also privacy within the system. Where early BitCoin network provided zero privacy within the system, it held a relevant distance to the concepts and institutions of traditional nation-state backed up privacy. Something that has been a major grievance between those reaching towards the seat of power in the cyberspace.

crypto-currency mining malware webarx

Most recent entrant, Monero, takes an ambitious reach to the cyberspace, by introducing even stronger concept of internal privacy and thus, in essence, strengthening the declaration of independence of cyberspace. Introduction of a financial system leads also inevitably to the question of resources – and at some point in future about social control, responsibility, management of labour and ultimately perhaps, distinctive regimes and identities in a peaceful settlement.’

 

Ownership of resources in the cyberspace

Cybespace depends on various things from the real world, one of them is computing power and time. On theoretical level, most cryptocurrency projects are spin-offs from the academic discussion to build mechanisms to control and manage essential blood and nerves of the cyberspace. Whether successful or not, at least they have had the issue to surface and recent malware, and double-ware, have shown initiative to make cyber-territorial claims to seemingly unused blocks of that valuable power and resources. This is of course oftentimes in contrast with the territorial claims and ownership in the real world.

Monero, as one of the most privacy-preserving crypto tokens currently out there has got two ambassadors, at least two projects that aim to demonstrate how unused resources in the cyberspace could be used, even lawfully, for the good for the society. As an initiative this can perhaps be somehow loosely connected to various political campaigns to “reclaim unused houses, public places, etc”. One Monero mining malware has recently seen spreading on server side, exploiting common vulnerabilities, not to destroy things or look for ransom, but to use the spare computing time and resources to mine Monero tokens for the attackers.

crypto-currency mining malware webarx

Another project lets people to place a tiny piece of code on their web site, to mine same tokens on the computing power and time of the visitors who stay on their site. Both are old tricks, but encouraging now new discussion on relevant issues, not only “who governs”, but “who owns” – including loose references to civil rights, communism and universal rights of humans to exploit resources for the good.

 

Contributing resources, taxation and the cyberspace

crypto-currency mining malware webarx

These two Monero mining projects, one of which is more “malwarish” than the other, bring up the question of social economics in the cyberspace. Nation-state oriented legacy taxation systems are not able to contribute to the wealth of cyberspace, but rather just aim to exploit it for its own patriotic needs of surveillance and control. In cyberspace labour has two things, computing power and time, and their own effort and choices. Contributing computing power to the cyberspace is an old idea, already something explored tens of years ago. Users, like people in general, are not irrational.

The other server-side invasive Monero miner, on the other hand, comes to collect taxes by force. That is a direct analogue how tax-collection goes in real world as well. Perhaps this new method of forced contribution, which does not end to the Monero miner, by the way, is maybe better seen as proof of concept demonstration, and capability exercise, perhaps even unintentionally.

If the only thing the end-users have in the cyberspace, as they can not breed and their social reproduction is virtually, is their computing power they can contribute. They can build apps and trade labour and physical items, but they can not pay back to the society. In the traditional sense, by ensuring social reproduction and by avoiding tax evasion. On this background, these new Monero-mining malware incidents can perhaps be seen more of like triggers for further development of the decent governance in and of the cyberspace.

Of course, using the computing power of a random web site visitor in order to generate cash for someone is, in one way, inappropriate thing to do. However, ultimately the question is not whether that is the case, but who has the right to exploit resources for their benefit. Recall, that much of the global social media and “googlish” economy is based on the idea of exploiting side-products of innocent visitors.

On that background, the client side Monero miner is nothing more than a new variation of the theme. And the server side could be also seen as capability training forward forced tax collection in the cyberspace.

 

 

Read more about crypto-currency mining malware:

Massive Brute-Force Attack Infects WordPress Sites with Monero Miners – BleepingComputer
Hackers target WordPress websites with cryptomining campaign – SC Magazine UK