piece of trojan as an entrant for the title of the world's least subtle
malware. Security researchers at Symantec Corp. (SYMC) have discovered a
trojan, which they've dubbed "Trojan.badminer" [database entry], that exhibits a highly unusual attack
The trojan targets users’ GPUs and CPUs, using them in a botnet scheme.
But rather than simply sending
spam, like your average botnet, the attacker uses the infected machines as
brute-force tools to mine for Bitcoins.
Bitcoins, a crypto-currency that's growing
in popularity are currently in the process of being "seeded"
-- a way of establish an initial amount of circulation. Miners can set
their hardware to work trying to solve difficult cryptographic problems.
Occasionally, if their hardware is powerful enough, they will obtain
proof of work for a problem, which leads to a reward of 50 new Bitcoins, according
to the current scheme embraced by Bitcoins international proponents. At
today's market value, that's a reward of almost $544 USD.
Symantec researcher Poul Jensen describes how the new Trojan abuses the
mining process, writing, "With the advent
of Trojan.Badminer and common usage of fast graphics cards, it may well begin
to make economic sense to rent botnets in order to carry out distributed Bitcoin
mining and run the process on an industrial scale."
Peter Coogan, another Symantec researcher, turned heads in June when he suggested that cyber-criminals could use
a Bitcoin botnet of 100,000 machines to make $97,000 USD a month. At that
rate, Bitcoin mining becomes in close contention with other botnet profiteering
schemes like spamming.
Just because you don't have a top-of-the-line gaming GPU doesn't mean your home
computer is safe from "badminer". While a GPU can crunch hashes
750 times faster than a CPU, or more, the trojan will put CPUs to work on the
task as well.
The malware is the latest setback to Bitcoin, which has recently experienced massive
swings in market value and a major security breach
at its biggest currency exchange -- Mt. Gox.
As for the new virus, it seems that the threat on the GPU side may be a bit
overstated. Bitcoin clients heavily tax GPUs, meaning that they will be
very noisy when the client is running. So the next time your GPU is
inexplicably screaming like a wailing banshee, you might want to do a malware
scan -- you may be infected with a Bitcoin trojan.
(Of course CPU infections would likely be more subtle.)
quote: Really? You mean to tell me that malware coders are targeting 85% of the market instead of 10%? That's a truly staggering insight, thanks so much for sharing!