The Monero community has created a working group to combat the mining malware problem by making educational resources available online and answering questions on how to avoid mining malware. The individuals behind the project, along with the community, are unwilling to compromise the security of its blockchain or risk centralization of mining by changing its system to favor specialized equipment, such as mining rigs or ASICs.
Mining Malware an Issue
Roughly 5% of all XMR in circulation is estimated to have been mined using malware. Mining malware may also account for about 2% of the hashrate contributed to the Monero network. Monero-related mining schemes are estimated to account for 84% of all instances of mining malware. Cases of mining malware have also reportedly raised a staggering $108 million in illicitly mined XMR for their “owners.”
These figures include only malicious software that infected desktops and laptops, not the in-browser mining attacks known as cryptojacking. Cryptojacking has been listed as a top cybersecurity threat that has affected an estimated 50,000 websites.
Monero Recognizes Trade-Off Between Mining Malware Risk and Censor-Proof Cryptocurrency
The Monero community condemns mining malware and cryptojacking but remains unwilling to compromise the usability of Monero as a “privacy coin” that can’t be interfered with by a centralized authority. Because ASIC resistance is a special concern, Monero generally changes its PoW algorithm slightly with every hard fork to ensure that ASICs do not have a special advantage when mining XMR.
Monero cites the fact that only a few manufacturers create ASICs for XMR mining and can be vulnerable to a demand that a “kill switch” be included in their miners, which may allow ASICs to be remotely shut down or otherwise interfered with. Governments may eventually require “mining licenses” for ASIC owners, while electric companies have announced that they will raise their rates for known operators of mining rigs. Individuals mining XMR with Honeyminer on their desktops might be able to fly under the radar, but someone running a mining farm in their basement might eventually be investigated on suspicion of using excess electricity for an illegal operation.
Monero mining has also been used for positive purposes, such as raising funds for UNICEF Africa, BailBloc, and Change.org. Visitors to the official websites of these three organizations can agree to mine XMR to help fund nonprofits. Some websites have also given visitors a choice between mining cryptocurrency or viewing advertising while visiting the sites.
For these reasons, the Monero community is unwilling to compromise its reputation as a decentralized, hard to kill, relatively private cryptocurrency to stop malware and cryptojacking. However, it is willing to educate the public on what to do if they visit a website or download something, and then it seems like their computer is running unusually slowly. It could mean that the website has been hijacked by illicit mining software or they just downloaded mining malware.