Unfortunately for Yasuda, his cheating tool wasn’t very popular, only seeing about 90 downloads over January and February of this year. The cryptojacking scheme only generated around $45 (5,000 yen) worth of Monero over that time, and the scam itself was quickly discovered and reported to the authorities. According to a report on BleepingComputer, Yasuda is the first person to be sentenced for malicious use of the Coinhive library.
While embedding Coinhive-based mining scripts in a program or website isn’t technically illegal in Japan, using another person’s computer for financial gain without their consent is viewed as theft by law enforcement. In Yasuda’s case, very little serious damage appears to have been done by the scammer. Apart from stealing processing power, the cheating tool doesn’t appear to have stolen data, captured passwords, or installed further malware on the infected machines. As malware scams go, Yasuda’s was fairly tame.
This fact doesn’t appear to have been lost on the court, as Yasuda’s sentence was suspended for three years, meaning the programmer won’t see the inside of a prison if he can stay out of trouble with the law through mid-2021. According to an article published by Japanese news outlet Mainichi, the presiding judge explained that lenience was called for because “The defendant regretted what he did, learning information ethics and other matters.”
Other Coinhive malware users may not be as fortunate as Yasuda, however, as law enforcement agencies in the country have begun cracking down on cryptojackers. In March, Japanese police arrested three men on suspicion of using “viruses” to install cryptocurrency mining software on the machines of people who visited their websites. Another 13 suspects are currently being investigated for similar crimes. As in the Yasuda case, authorities believe the suspects embedded Coinhive-based scripts were used to mine Monero, with the most successful generating around $1,100 (120,000 yen) from the scam.