Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Security expert discovers bitcoin mining botnet

As previously reported by Infosecurity, the fact that bitcoins are an electronic currency that can be bought and sold on the internet has made them a target for cybercriminals. Last month a Symantec researcher reported the discovery of a trojan that allowed a computer to be used to mine (decrypt) botcoins using a brute force decryption approach.

Now, says Karl Dominguez, a Trend Micro threat response engineer, a botnet that controls swarms of computers running decryption algorithms has been discovered.

The malware concerned is BKDR_BTMINE.MNR and, says Dominguez, installs the mining software onto affected systems, using the computer's resources to decrypt Bitcoin blocks in order to generate more e-currency.

Interestingly, the Trend researcher says that the botnet does not just decrypt bitcoins, but attempts to create bitcoin blocks, which are used to generate 50 bitcoins at a time.

“To speed up the computation of a block, mining pools are created. The equation is split up into pieces and is solved by multiple systems. The incentive is based on how much a miner contributes to the solution”, he says in his latest security posting.

“Right now, bitcoins are worth just over $8.00 each”, he adds, noting that, because this value is rising, he expects to see more attacks of this type on the botcoin system.

In addition, says Dominguez, because bitcoins make use of person-to-person file sharing, the transaction charges for then they change hands in lower than other forms of electronic currency. Coupled with the fact that owning bitcoins is an anonymous process, the Trend Micro researcher notes they can be used almost anywhere.

Bitcoin usage is gaining popularity in web transactions because of these advantages, he says, adding that the e-currency system also raises some security issues.

To stay safe, he says, users should encrypt all wallets as soon as they leave your system, as well as using a strong and unique password for wallet encryption.
 

What’s Hot on Infosecurity Magazine?