Bitcoin is still in the news, even if it’s not exactly for the right reasons. From it’s peak value of $263.798 per bitcoin on April 10, it has since fallen to just over $100. That actually represents a recovery from it’s post-peak low value of just over $50. Clearly, the market for Bitcoins is… volatile.
For those not in the know, Bitcoin is a new digital currency which is generated, or “mined”, by software solving computationally difficult problems. Cybercriminals have latched onto Bitcoin as well, as it represents another way to earn money (Bitcoins are exchangeable for real-world currencies like US dollars via various exchanges.)
Since 2011, we have found various malware threats that try to use victim machines as Bitcoin miners, or steal user’s Bitcoins. One even tried to pass itself of as a Trend Micro component. Just this past week, malware exploiting the Boston Marathon bombing to spread turned out to be stealing Bitcoin wallets as well. Bitcoin exchanges have also been hit with frequent denial-of-service attacks, with the largest exchange (Mt. Gox) suffering from three DDoS attacks in April alone.
For criminals, using infected systems as miners makes perfect sense, as using infected machines offloads the costs associated with Bitcoin mining, which can be significant. They would no longer need to purchase expensive graphics cards and/or application-specific integrated circuit (ASIC) chips. (Either one is necessary to mine Bitcoins with any reasonable expectation of profit.)
Of course, for users, this can cause problems. This would raise the power usage of their systems considerably, particularly if it wasn’t used for overly demanding applications. Users would feel this the next time they received their electric bill.
As we noted just a few weeks ago, Bitcoin is something that users should keep an eye on. That is turning out to be one giant understatement. What are we going to see next?
One step we may see is more sophisticated miners. As we noted earlier, graphics cards can be used for high-volume Bitcoin mining. The miners that are used by malware, however, currently take advantage only of an affected system’s CPU, not its graphics. It is not difficult to imagine that criminals would take advantage of these and use GPU-capable miners as well. A computer with one of these GPU-capable miners would be equivalent to dozens of ordinary machines. The temptation is simply too strong for this not to happen sooner rather than later.
We’re trying to make the Security Intelligence Blog better. Please take this survey to tell us how.