Researchers at Kaspersky Lab (disclosure: my employer) have discovered a new piece of malware that plants Bitcoin miners on infected computers.
The idea is to steal computer resources from infected computers to generate the valuable peer-to-peer virtual currency.
Kaspersky Lab's Alex Gostev said the new threat was discovered targeting Russian users with a Trojan that contains two components -- a legitimate bcm.exe file BitCoin Miner; and a malicious module that installs the bcm without the user’s knowledge and adds it to the autorun registry.
"The infected computer then starts to generate bit-coins for the Trojan’s author," Gostev explained.
The malicious hacker behind the Trojan did not generate any riches from this attack because the system detected the mining activity coming from multiple IPs.
Before the account owner had time to start out on his road to riches, the automated system suspected something was up and the account was temporarily blocked :)
Judging by the statistics, the black hat failed to find his very own Klondike and managed to ‘pan’ slightly less than a single coin.
This is the second bit of malicious activity aimed at stealing bitcoins. Just last week, researchers at F-Secure warned about a Bitcoin pick-pocket Trojan that targets the standard file location for Bitcoin wallets on Windows computers.
"The Trojan is Infostealer.Coinbit and it has one motive: to locate your Bitcoin wallet.dat file and email it to the attacker...We have also discovered source code on underground forums which locates the wallet and, using FTP, uploads it to the attacker's servers," writes Symantec's Stephen Doherty.