Skype-spread malware mines for Bitcoins

Kaspersky Lab’s Dmitry Bestuzhev reports that spam Skype messages that lure people in with a “this is my favorite picture of you” line are spreading an initial dropper that is downloaded from a server located in India. Once the machine is infected, it drops many other pieces of malware onto the compromised system, downloaded from the Hotfile.com service. At the same time, the malware connects to its C2 server located in Germany.

While the malware “To be honest [does] many things…one of the most interesting is it turns the infected machine to a slave of the bitcoin generator,” Bestuzhev said in a blog post.

Users can detect infection by virtue of the fact that the usage of CPU grows up significantly as the infected machine is used to mine Bitcoins—a resource-intensive process. “If you see your machine is working hard, using all available CPU resources, you may be infected,” Bestuzhev.

Bitcoin mining is “the process of making computer hardware do mathematical calculations for the Bitcoin network to confirm transactions and increase security. As a reward for their services, Bitcoin miners can collect transaction fees for the transactions they confirm along with newly created bitcoins. Mining is a specialized and competitive market where the rewards are divided up according to how much calculation is done," according to the Bitcoin Project.

Bitcoin this month hit an all-time high valuation of $142 per BTC, according to trading platform Mt. Gox, but it also has been firmly in hacker sites. Recently, two separate attacks, aimed at Mt. Gox as well as Instawallet, have caused major Bitcoin service interruptions. In the case of the latter, the service has been suspended indefinitely after hackers compromised its database.

Even though recognition on VirusTotal is low for the new malware, users are falling for it in numbers, with Kaspersky logging more than 2,000 clicks per hour. That means that it has the potential to spread quickly, unchecked. Most of potential victims live in Italy then Russia, Poland, Costa Rica, Spain, Germany and the Ukraine.

Skype-spread malware mines for Bitcoins

You may also like

Bitcoin Mining Affiliate Program Pays Per Mass Malware Infection

The Hype and the Hurt: Bitcoin’s Incredible Boom

Researcher discovers distributed bitcoin cracking trojan malware

Mac Trojan Lifts Bitcoins from Digital Wallets

Android Wallpaper Apps Hide Bitcoin Mining Malware

What’s hot on Infosecurity Magazine?

Alarming Decline in Cybersecurity Job Postings in the US

CrushFTP File Transfer Vulnerability Lets Attackers Download System Files

MITRE Reveals Ivanti Breach By Nation State Actor

How to Backup and Restore Database in SQL Server

Russia's Sandworm Upgraded to APT44 by Google's Mandiant

Massive Brute-Force Attack on Alibaba Affects Millions

Cybersecurity Pros Urge US Congress to Help NIST Restore NVD Operation

North Korean Group Kimsuky Exploits DMARC and Web Beacons

Report Suggests 93% of Breaches Lead to Downtime and Data Loss

US Government and OpenSSF Partner on New SBOM Management Tool

NIST Unveils New Consortium to Operate National Vulnerability Database

EU Elections: Pro-Russian Propaganda Exploits Meta's Failure to Moderate Political Ads

Incident Response: Four Key Cybersecurity Measures to Protect Your Business

Is MFA Enough? Strategies for Next-Level Identity Security in 2024

Disinformation Defense: Protecting Businesses from the New Wave of AI-Powered Cyber Threats

Navigating the Evolving Cybersecurity Compliance Landscape in 2024

Adapting to Tomorrow's Threat Landscape: AI's Role in Cybersecurity and Security Operations in 2024

Beyond Passwords: Securing the Digital Age with MFA, 2FA, and Passwordless Authentication

Infosecurity Magazine Spring Online Summit 2024: Day One

Infosecurity Magazine Spring Online Summit 2024: Day Two

Russia’s Midnight Blizzard Accesses Microsoft Source Code

I-Soon GitHub Leak: What Cyber Experts Learned About Chinese Cyber Espionage

LockBit Takedown: What You Need to Know about Operation Cronos

Women in Cybersecurity at Infosecurity Europe 2024