Bitcoin mining botnets infect thousands of PCs: Kaspersky

Saturday, Sep 23, 2017 08:27

The Kaspersky Lab Anti-Malware Research team has identified two botnets made of computers infected with malware that silently install cryptocurrency miners, which are legitimate software used to create (mine) virtual currencies based on blockchain technology. — VNS Photo

The Kaspersky Lab Anti-Malware Research team has identified two botnets made of computers infected with malware that silently install cryptocurrency miners, which are legitimate software used to create (mine) virtual currencies based on blockchain technology.

In one instance, researchers estimated that a 4,000-machine network could bring its owners up to US$30,000 a month, and in another instance witnessed criminals jackpotting more than $200,000 from a 5,000-PC botnet.

The architecture of Bitcoin and other cryptocurrencies suggests that in addition to buying cryptocurrency, a user can create a new currency unit (or coin) by utilising the computing power of machines installed with specialised “mining” software.

But the more the coins produced, the more the time and computing power required to create a new coin.

Several years ago the malware silently installing Bitcoin miners was a common threat.

But after more and more Bitcoins were mined, it became harder to mine new ones and at some point the process even became useless: the potential financial gain for a criminal from Bitcoin mining no longer covered the investment for the creation and distribution of malware and backend infrastructure.

But the price of Bitcoin, the first and still the most famous cryptocurrency, has been skyrocketing in recent years from hundreds of dollars per coin to thousands, igniting a cryptocurrency fever around the world.

This has inevitably attracted cybercriminals.

Kaspersky Lab experts have found that the criminals behind the newly discovered botnets distribute the mining software with the help of adware programmes that victims instal voluntarily.

After the programme is installed in the victims’ computer it downloads a malicious component: the miner installer.

To prevent computers from turning into a cryptocurrency harvesting zombie, Kaspersky Lab researchers advise users not to install suspicious software from untrusted sources, enable the adware detection feature, and use a proven internet security solution.

If customers are running a server, they should make sure it is protected with a security solution since servers are lucrative targets for criminals thanks to their high computing performance, they said. — VNS

Comments (0)

Statistic