A cryptocurrency miner infected Synology systems with malware and raked in more than 500 million Dogecoins in a two-month span, according to Dell SecureWorks.

The campaign is considered the most profitable illegitimate mining operation, according to a Friday post.

The majority of the Dogecoins were mined in January and February when the cryptocurrency was worth more, so, if exchanged at the time, they could have yielded more than $620,000, the post said. On Thursday, 500 million Dogecoins were worth closer to $180,000.

In February, users of Synology Network Attached Storage (NAS) boxes began noticing a spike in CPU usage and a dip in performance, according to the post.

It turns out that CPUMiner malware was being stored in a folder named “PWNED,” according to the post, which said that the miner is believed to be of German descent.