piece of trojan as an entrant for the title of the world's least subtle
malware. Security researchers at Symantec Corp. (SYMC) have discovered a
trojan, which they've dubbed "Trojan.badminer" [database entry], that exhibits a highly unusual attack
The trojan targets users’ GPUs and CPUs, using them in a botnet scheme.
But rather than simply sending
spam, like your average botnet, the attacker uses the infected machines as
brute-force tools to mine for Bitcoins.
Bitcoins, a crypto-currency that's growing
in popularity are currently in the process of being "seeded"
-- a way of establish an initial amount of circulation. Miners can set
their hardware to work trying to solve difficult cryptographic problems.
Occasionally, if their hardware is powerful enough, they will obtain
proof of work for a problem, which leads to a reward of 50 new Bitcoins, according
to the current scheme embraced by Bitcoins international proponents. At
today's market value, that's a reward of almost $544 USD.
Symantec researcher Poul Jensen describes how the new Trojan abuses the
mining process, writing, "With the advent
of Trojan.Badminer and common usage of fast graphics cards, it may well begin
to make economic sense to rent botnets in order to carry out distributed Bitcoin
mining and run the process on an industrial scale."
Peter Coogan, another Symantec researcher, turned heads in June when he suggested that cyber-criminals could use
a Bitcoin botnet of 100,000 machines to make $97,000 USD a month. At that
rate, Bitcoin mining becomes in close contention with other botnet profiteering
schemes like spamming.
Just because you don't have a top-of-the-line gaming GPU doesn't mean your home
computer is safe from "badminer". While a GPU can crunch hashes
750 times faster than a CPU, or more, the trojan will put CPUs to work on the
task as well.
The malware is the latest setback to Bitcoin, which has recently experienced massive
swings in market value and a major security breach
at its biggest currency exchange -- Mt. Gox.
As for the new virus, it seems that the threat on the GPU side may be a bit
overstated. Bitcoin clients heavily tax GPUs, meaning that they will be
very noisy when the client is running. So the next time your GPU is
inexplicably screaming like a wailing banshee, you might want to do a malware
scan -- you may be infected with a Bitcoin trojan.
(Of course CPU infections would likely be more subtle.)
quote: A common criticism is that the initial bitcoin distribution is heavily advantageous towards early-adopters. As stated, bitcoins are distributed ("generated") as an award for the solution to a difficult proof-of-work problem. The drawback is that the amount of work that must be done for one bitcoin is currently over 500,000 times more than the amount of work at which the first bitcoins were going. As more people join, and also because of a reward function that halves the number of rewarded bitcoins every so many blocks, it becomes harder to generate bitcoins over time, using the same computing power. Because early adopters now have a disproportionate amount of Bitcoins compared to newcomers and that newcomers will never have a chance to "catch up", the current hype being generated by proponents has also been labeled by critics as a pump and dump scheme by early adopters looking to cash in on their large Bitcoin collections.