Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Skype-spread malware mines for Bitcoins

Kaspersky Lab’s Dmitry Bestuzhev reports that spam Skype messages that lure people in with a “this is my favorite picture of you” line are spreading an initial dropper that is downloaded from a server located in India. Once the machine is infected, it drops many other pieces of malware onto the compromised system, downloaded from the Hotfile.com service. At the same time, the malware connects to its C2 server located in Germany.

While the malware “To be honest [does] many things…one of the most interesting is it turns the infected machine to a slave of the bitcoin generator,” Bestuzhev said in a blog post.

Users can detect infection by virtue of the fact that the usage of CPU grows up significantly as the infected machine is used to mine Bitcoins—a resource-intensive process. “If you see your machine is working hard, using all available CPU resources, you may be infected,” Bestuzhev.

Bitcoin mining is “the process of making computer hardware do mathematical calculations for the Bitcoin network to confirm transactions and increase security. As a reward for their services, Bitcoin miners can collect transaction fees for the transactions they confirm along with newly created bitcoins. Mining is a specialized and competitive market where the rewards are divided up according to how much calculation is done," according to the Bitcoin Project.

Bitcoin this month hit an all-time high valuation of $142 per BTC, according to trading platform Mt. Gox, but it also has been firmly in hacker sites. Recently, two separate attacks, aimed at Mt. Gox as well as Instawallet, have caused major Bitcoin service interruptions. In the case of the latter, the service has been suspended indefinitely after hackers compromised its database.

Even though recognition on VirusTotal is low for the new malware, users are falling for it in numbers, with Kaspersky logging more than 2,000 clicks per hour. That means that it has the potential to spread quickly, unchecked. Most of potential victims live in Italy then Russia, Poland, Costa Rica, Spain, Germany and the Ukraine.

 

What’s Hot on Infosecurity Magazine?