Researchers find malware rigged with Bitcoin miner

Researchers find malware rigged with Bitcoin miner

Summary: The idea is to steal computer resources from infected computers to generate the valuable peer-to-peer virtual currency.

SHARE:
TOPICS: Malware, Security
13

Researchers at Kaspersky Lab (disclosure: my employer) have discovered a new piece of malware that plants Bitcoin miners on infected computers.

The idea is to steal computer resources from infected computers to generate the valuable peer-to-peer virtual currency.

Kaspersky Lab's Alex Gostev said the new threat was discovered targeting Russian users with a Trojan that contains two components -- a legitimate bcm.exe file BitCoin Miner; and a malicious module that installs the bcm without the user’s knowledge and adds it to the autorun registry.follow Ryan Naraine on twitter

"The infected computer then starts to generate bit-coins for the Trojan’s author," Gostev explained.

The malicious hacker behind the Trojan did not generate any riches from this attack because the system detected the mining activity coming from multiple IPs.

Before the account owner had time to start out on his road to riches, the automated system suspected something was up and the account was temporarily blocked :)

Judging by the statistics, the black hat failed to find his very own Klondike and managed to ‘pan’ slightly less than a single coin.

This is the second bit of malicious activity aimed at stealing bitcoins.  Just last week, researchers at F-Secure warned about a Bitcoin pick-pocket Trojan that targets the standard file location for Bitcoin wallets on Windows computers.

"The Trojan is Infostealer.Coinbit and it has one motive: to locate your Bitcoin wallet.dat file and email it to the attacker...We have also discovered source code on underground forums which locates the wallet and, using FTP, uploads it to the attacker's servers," writes Symantec's Stephen Doherty.

Topics: Malware, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

13 comments
Log in or register to join the discussion
  • These trojans PROVE that Windows security is fundamentally flawed

    Instead of working on Windows 8, Micro$ux MUST improve security on Windows 7. The existence of these trojans (and millions others) PROVE that Winblowz security is fundamentally flawed.

    Switch to OS X and be immune to all of this nonsense.
    woulddie4apple
    • I like you. You make me laugh!

      @woulddie4apple "immune" Ha Ha Ha.
      Scubajrr
    • RE: Researchers find malware rigged with Bitcoin miner

      @woulddie4apple
      Apple computers are too underpowered to mine bitcoins or you would see this type of thing on macs as well. OS X is not immune to anything. Its just not a very interesting target for malware authors.
      kandyass@...
    • RE: Researchers find malware rigged with Bitcoin miner

      @woulddi.e4apple - oh geezus another MacMoron, You even use the $ and 'blowz'.If your goal is to convert people to Mac, your immaturity hurts your case rather than helping it. At least use proper english like an adult.
      dev/null
    • LOL!

      @woulddie4apple
      Micro$ux, Winblowz
      You got 2 of them in there!
      Will Pharaoh
    • RE: Researchers find malware rigged with Bitcoin miner

      @kandyass
      @dev/null
      @Will Pharaoh
      @Scubajrr
      Come on, guys. Can't you recognize flame bate when it's that obvious?
      galley
    • RE: Researchers find malware rigged with Bitcoin miner

      @woulddie4apple OS X is usually the first OS to fall in pwn2own competitions. It may well be it has a more sensible Unix like security model but it is not immune from cracks and anyone who thinks it is is an idiot. A mac user who downloads and runs some arbitrary app is rolling the dice as surely as a Windows user.
      DrXym
      • RE: Researchers find malware rigged with Bitcoin miner

        @DrXym Having a system that is capable of using the very good Unix security model is only good if you actually use the Unix security model.

        Right now, if I remember correctly, Linux, Solaris and the BSD's do use that system, Windows 7 uses it partially, and Mac leaves it off most of the time.

        A vital part of that model is that the Root (administrator) account is seldom used, which leaves standard users unable to install programs or modify or even see the programs of other users.
        YetAnotherBob
  • Why target bitcoin?

    Hmmm ...

    Not necessarily the most important or valuable bit of my data ... yet. Either they have gone to press much much too soon, or there is some other motive.

    Now who would want to discredit bitcoin, I wonder?
    PassingWind
    • RE: Researchers find malware rigged with Bitcoin miner

      @PassingWind Bitcoin discredits itself. It's a pump and dump scam by the people who got in early and wish to profit from latecomers.
      DrXym
    • RE: Researchers find malware rigged with Bitcoin miner

      @PassingWind

      Not discredit, steal.

      Bitcoins are used right now as a currency exchange. They don't inflate, and are growing in relative value, as the Dollar and Euro inflate.

      Bitcoins also have better protection than most commercial currency transfer mechanisms do.

      Note that the Article says they didn't succeed. But the attacks are out there. To actually steal the Bitcoins, the attacker will also need the users private key.

      Bitcoin is still experimental. It will be interesting to see if the system can withstand these and other attacks.
      YetAnotherBob
  • RE: Researchers find malware rigged with Bitcoin miner

    It would be nice if the first post would add something intelligent to the topic. I'm used to the third or fourth post being fanboy flame bait. This instance may be a new record for the ealiest Mac fanboy post in a thread. Thanks for that.
    JB Tucson
  • Bitcoin will fade

    Bitcoin will fade because of a combination of two things:<br />1. Bitcoins can be counterfieted. It may be difficult, but it can be done. The hacker (or hacker team) in this article proves it. All that's needed is powerful processing.<br />2. Bitcoins are much more easily stolen than physical currency. A couple hacks and some malware and your "savings" are gone. And, if the past is any indicator, it doesn't look like PC Security is going to improve in the reasonable future<br /><br>Bitcoin is a good proto-idea, but I don't think our technology (or mass populations) are ready for it. I suspect it will join other ideas who flashed and burnt, to be resurected only when people and technology are ready. Classic example: the iCat.
    Jeff_D_Programmer