Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    Bitcoin is still in the news, even if it’s not exactly for the right reasons. From it’s peak value of $263.798 per bitcoin on April 10, it has since fallen to just over $100. That actually represents a recovery from it’s post-peak low value of just over $50. Clearly, the market for Bitcoins is… volatile.

    For those not in the know, Bitcoin is a new digital currency which is generated, or “mined”, by software solving computationally difficult problems. Cybercriminals have latched onto Bitcoin as well, as it represents another way to earn money (Bitcoins are exchangeable for real-world currencies like US dollars via various exchanges.)

    Since 2011, we have found various malware threats that try to use victim machines as Bitcoin miners, or steal user’s Bitcoins. One even tried to pass itself of as a Trend Micro component. Just this past week, malware exploiting the Boston Marathon bombing to spread turned out to be stealing Bitcoin wallets as well. Bitcoin exchanges have also been hit with frequent denial-of-service attacks, with the largest exchange (Mt. Gox) suffering from three DDoS attacks in April alone.

    For criminals, using infected systems as miners makes perfect sense, as using infected machines offloads the costs associated with Bitcoin mining, which can be significant. They would no longer need to purchase expensive graphics cards and/or application-specific integrated circuit (ASIC) chips. (Either one is necessary to mine Bitcoins with any reasonable expectation of profit.)

    Of course, for users, this can cause problems. This would raise the power usage of their systems considerably, particularly if it wasn’t used for overly demanding applications. Users would feel this the next time they received their electric bill.

    As we noted just a few weeks ago, Bitcoin is something that users should keep an eye on. That is turning out to be one giant understatement. What are we going to see next?

    One step we may see is more sophisticated miners. As we noted earlier, graphics cards can be used for high-volume Bitcoin mining. The miners that are used by malware, however, currently take advantage only of an affected system’s CPU, not its graphics. It is not difficult to imagine that criminals would take advantage of these and use GPU-capable miners as well. A computer with one of these GPU-capable miners would be equivalent to dozens of ordinary machines. The temptation is simply too strong for this not to happen sooner rather than later.

    We’re trying to make the Security Intelligence Blog better. Please take this survey to tell us how.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon

    • Buck Jones

      What pip01 andpaulsnx2 said is correct. You clearly have no idea what you are talking about.

      I use Trend Micro, but I’m starting to wonder about this blog. Scare mongering and buzz words don’t make for good content.

    • pip010

      Are you sure?
      it sounds very unpractical to mine using botnet

      I assume it is CPU, which superslow, but combine that with net-latency and you are out of the equation

      what equation?
      to generate valid blocks you need to be in sync with the network.

      so considering those 2 points:
      1) hardly can utilize GPU so you are left with CPU
      2) need good network connection + constant connectability

      so the risk to have a REJECTED resutls from any mining pool increase significantly

    • Paul Snow

      Bitcoin mining generally eats up your GPU. Unlike other malware, that can run without disturbing too much what the user wants to do, GPU mining pretty much hogs the system (at least display wise). The user will just turn it off before they let it run without the system allowing them to play games, do email, or whatever.

      ASIC mining is replacing GPU mining pretty fast. Very soon, it will be useless to use botnets to try and mine bitcoin.


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice