Bitcoin Forum

Just look at the graph - network total  changes every morning at europe time...

increase is about of 20%...

if this continues we will get the 60% estimated difficulty every time...

this is so bad... :'( :'( :'(

Botnet attaks the bitcoin net!
What can we do?

read this - http://www.guardian.co.uk/technology/2011/jun/22/lulzsec-rogue-suspected-of-bitcoin-hack

How is that an 'attack'? Isn't it basically just someone mining a lot of coins?

???
it`s an attack against all honest miners! >:(

Not precisely, it's an attack against the owners of the infected machines.

Eventually price will go up since your mining will take longer.
Mining will always be profitable.
The only that is still a issue is the 2 week reset lag it has.

if you have near the 600 Mhash...so, may be you wil be glad to see day`s earning in 6USD...at least the next 6-8 days...
but if you have only 300... just think about long term - 15-30 days...

if the botnet goes on you will be pushed to get rid of your rig
I'm not going to continue to mine with my 2Ghash rig for 0.5-0.8btc per day in a 15 days - it`s not profitable!
but if we have 30USD per 1BTC... ::) ::) ::)

Yeah, what I meant was "How is that an attack on 'the bitcoin net'"? It's not.

Exactly...

Not much.

Botnets are like mosquitoes. They are irritating parasites, but they're not going to kill or seriously harm anybody. No matter how many you kill, more of them will just keep coming. Eventually you just learn to live with them.

there are a lot more annoying things a botnet can be used for, if every single botnet in the world would only be used for mining the world would be a better place!

In theory, if a single botnet/coalition of botnets gained over 50% of the network, they could start double spending.

Otherwise, they are just hardening the block chain.

So, it seems the first registred botnet-virus has appeared  ::)
It has been detected by russian user...Here you can read more if you speak russian - http://forums.overclockers.ru/viewtopic.php?f=10&t=395932&start=17220
Read the posts of member reesol
In a few words: AVIRA has detected this virus body, reesol has detected settings of botnet miner and reached to deppbit account with....35GHash mining power... :o :o :o

I've expected this a while earlier, to be honest.

An attack against "honest miners"? Is that you FDR?
It's competition in the free market, it forces efficiency and lowers prices. Fighting it with anything other than innovation is neither fair nor honest.

There's a little differance though as running a Botnet is against the will of the PC owners and probably also against law of most countries :)

True it's a millionth of a taste though of what compition in the future will be like :-)

We know botnets can get really big if they're run by clever people.  The question I have is, if someone creates a clever botnet and turns it on once mining has become unattractive financially to those who pay their own electric bills, isn't getting over 50% pretty feasible?

Great journalism, indeed!  ::)

They are fearmongers, not journalists.


If a botnet guy would get over 50% network power (which I found unfeasible since machines with decent GPU performance are usually not in the hands of computer illiterate people), they would already make so much money off it that they wouldn't even need to cheat. 1000 btc roughly every 2 weeks, that's between 10k - 20k USD depending on how the price will move after mtgox reopens.

Lots of Dells and Apples and HP's used by average Joe's have Radeon 5xxx and 6xxx cards in them, but I think you missed my point.  I'm thinking of 6 months from now when, if BTC doesn't appreciate significantly, mining won't pay for the electricity required to do it.  At that point, if the computational growth from legitimate miners slows or goes negative, and mining becomes mostly a botnet business, those same folks will have the power to turn BTC upside down at will.  I'm not saying that they're want to or that they could profit from it, but it's a real possibility.

I agree.  If the difficulty level is adjusted to keep an average rate of 1 block every 10 minutes then the number of blocks created is 144 blocks/day regardless of the number of miners.  At $20/BTC and 50 BTC/block, that's $144,000/day.  That is then split among the total number of miners relative to the amount of processing each does.  With perfect information and perfect competition, equilibrium is when the costs of GPU and electricity are equal to revenue from Bitcoins.

With a botnet this breaks down completely.  The cost of GPU's and electricity to the herder is zero, so the number of miners from botnets will continue to increase without bound (economically).  As the number of botnet miners increases or the value of a Bitcoin decreases the number of legitimate miners will decrease to maintain equilibrium.  Botnets could conceivably have incredible amount of power.

BTW.  This also implies a minimum transaction cost that must be maintained when Bitcoins are no longer created.

has anyone ever considered that bitcoin pretty much is a botnet itself?
I mean, really, people, you are all doing distributed work which is controlled by a piece of software over the network.

To translate from the german wikipedia entry for botnet:

One other from the english wiki page:

Anyone hearing a bell ringing? The only difference is that most Bitcoiners run the software willingly.

That's just plain wrong. Please inform yourself before posting nonsense.

BTC itself is a Peer-to-Peer network. A Botnet is a network of infected computers, controlled by one or a few persons remotely.



No, because this is stupid, see above.


Peer to Peer != Botnet!

I can only repeat: Inform yourself before posting.



And that's a huge differance. A differance between 10 years of jail vs a well-used open source project, for starters.


It's hilarious how you're even quoting wikipedia twice, but fail to read (or understand) the very first sentence:


http://en.wikipedia.org/wiki/Botnet (http://en.wikipedia.org/wiki/Botnet)

The same possibility exists concerning pool operators, right now. Slush + Deepbit have more than 50% of the computing power. BTCGuild is also huge. They wouldn't have much trouble to coordinate some attack, if they wanted to. But if even them, which only get a small share of what is mined under their pool, don't have an incentive to double-spend, imagine a botnet owner who would get 100% of the mining returns if doing it honestly?

Double-spending through a >50% attack is not cost effective. The incentives to be an honest miner are much stronger.

If we should worry with a >50% attack, that would be a politically-motivated one, with the intend to pause the network for as long as they can at the expense of some taxvictims. And even that is not very likely either.

It would be interesting to end up with a totally legitimate project, that due to factors not under its own control, is completely facilitated through infected computers. What's more sci-fi than a peer to peer crypto currency that is mined and verified by the computers of people who have never even heard of it?

Most of the large pools have a tremendous amount of CPU miners -- those are almost certainly 90%+ botnet.

But, yes, between botnets, people running server farms at home or school, etc, I think mining will be unprofitable for most people - even taking into account only electricity, not even hardware depreciation, within a few months.

I was wondering why on deepbit they don't show stats of what users are doing how much MH/s. At least I couldn't find it and most pools show that info.

I am convinced that Botnets will destroy mining by conventional means.  Innovation, (though illegal) will kill conventional miners.  The incentives are just too high.  1,000,000 infected computers (not hard to achieve at all with a Botnet, in reality the more successful Botnets have 10 million or more) will drive the difficulty through the roof!!!

Botnets to Bitcoin is what GPU's were to Bitcoin 9 months ago (less the illegal part).  The smart ones are packing their gear and selling off now.  I just shut down a 26gh network and now with the help of friends we are packing it up and preparing it for shipping, for sale.

While Botnets are illegal as all hell, that will not stop people.  Again all you need it 20-50 successful Botnets running to shut down the miners of today.  So that’s 20-50 people WORLDWIDE operating their individual Botnets.  Do you really believe that there are not 50 people on the planet that have the know how to do it, and would not do it.  Do the math people.

So why hasn't it happened yet? The clever controllers of botnets surely have heard about bitcoin by now?

Actually if a botnet had a million PC's, you wouldn't need 20-50, you'd only need one to exceed the hashing power of the network. The fact that it hasn't been done yet means it's not easy - that's unlikely to change, so I'm confident that it won't be.

That is silly. Just because there are time delays in terms of deploying the necessary software and/or infecting new machines with the necessary software doesn't mean that it won't happen. It is actually perversely good for bitcoin in a way, if those that have large numbers of machines at their disposal have an economic incentive to strengthen the network, rather than attack/undermine it.

Exactly, even if this did happen it would hardly be a catastrophe. All that would happen is the hash-rate spikes and difficulty goes up.

And a lot of miners would have sad puppy dog faces

One positive side effect of all these botnet operators starting to mine bitcoin is that it might lead to a massive reduction in spam.

If you were a botnet operator, why would you continue renting your botnet to spammers, when it's so much more lucrative to mine bitcoins? Spam has extremely low returns per infected computer. Think about it...

Yet another spin on the "mining will be unprofitable because difficulty will skyrocket and the price is staying at $xx", except this time its not ASICs/FPGAs, subsidized gamers, or other invested miners that are the threat, but botnets.

Botnet operators have many different choices of monetizing the machines they control, from click fraud to credit card fraud to DDoS attacks and spam.  Sometimes they just sell the botnet outright.  You might be able find where they sell them and look at  prices.  If a very large botnet is not hard to achieve then they shouldn't be very expensive (in truth it isn't easy to infect many machines, so large ones are expensive). 

Profits from credit card and banking fraud set the base cost of a botnet.  Do you think monetizing by mining (which will mainly be CPU power not GPU) will be more profitable than credit card and banking fraud?  If anything, botnet operators will probably be looking to capture bank logins to buy bitcoins.

Miners who sell their coins high and buy back in cheap will be the ones making the most profit.  Miners who sell their coins continuously at the going rate will be the ones who regret it.

Great discussion.  I would also like to point out that if a computer is mining, esp ordinary machines, this will tie up all processes and make the machine very slow.  I'm sure most owners will notice and do something about it, i.e. reformat

You are correct.  Click fraud and stealing credit card information would be more profitable... with that being said, mining for bitcoins is more legit at this point.

It's a tug-a-war game.  Haa....

Mining difficulty don't mean sh*t for BTC pricing, only real demand (speculation or not) determines BTC price. Mining difficulty simply lag the price for a few weeks, though it will FOLLOW the price, not the other way around. Price will not follow mining difficulty.

It doesn't impact performance at all if the thread runs at idle priority, or if it only runs when the computer is idle.

Just hilarious that it happens when Europe wakes .... "ah, feels like a good day to get up and mine some bitcoins bot-net, let's roll!"

Wonder if it is on that 35 hour socialistic work week they got over there in euroland?

Another small, but very important difference: No C&C Server, meaning no herder.

... and the big difference is the miners get paid for work performed voluntarily ... the bot machine is a slave to someone else's control that has been stolen through force and coercion ... in fact, bitcoin net is the anti-botnet ... how long until these schmuck's with the compromised windoze shitboxes wake up to how much they are getting stolen from them ???

ffs ... fools and their money.

So, we have Trojan.NSIS.Miner.a now
Are you protected? ;)
http://www.securelist.com/en/blog/208188132/Gold_rush

That is crazy. You have a nice anonymising currency that can stash your bot-gotten gains on the blockchain to collect at your liesure and instead you direct your bots to contact your friendly neighborhood miner-man?

Sheesh. Who did they hire to craft this brilliant trojan for them?

-MarkM-

this trojan was written by russian user and this signature is blocked by the most of AV-soft now...
but if the creator of TDL-4 will implement this experience ... :'( :'( :'(

It won't take long for the next one to figure out that it needs to go thru a proxy, and probably some kind of shifting one that makes use of the infected systems themselves.
Nonetheless I'm glad to see that deepbit at least does a manual check when many IPs are detected.

i think your talking about Fast Flux

It was a matter of time for a trojan like Trojan.NSIS.Miner.a to appear. I already said like 2 weeks ago this would happen...

Botnet mining is absolutely going to be a problem. As many have pointed out already, a large botnet could take 50% of market share almost overnight. Imagine a botnet of 1 million PC's (quite common), the cpu's running at half intensity would absolutely destroy profitability for "honest" miners. Now lets imagine that 10% of these computers have descent GPU's or that just 1% have some of the top of the line ATI GPU's. You can now see the problem. BTW The idea that botnet operators would have to choose between running, say a spam network and a bitcoin mining operation is false, what is to stop them doing both? The incentive's for these guys are enormous. Bitcoin mining over the botnet paradigm provides a direct route to quick cash.

There are however, some technical problems for the botnet operators to overcome, e.g. collecting the mined coins, preventing user detection.... but i can't see anything that won't be solved by clever code. Can we as a community come up with some method to prevent this from happening? Almost certainly not unless we can find a way to force some kind of user interaction into the mining process. I can't imagine how? Would we could at least do is ask the pools to come up with some security measures to prevent obvious use of botnets in their systems, but that would be require an incentive to do so, whilst yet right now they will be earning lot's of fee's by ignoring the problem.

Will bitcoin become associated with hackers looking for cheap bucks? I think so. Maybe we can persuade the big exchanges, the community and the pools to watch out for botnet behaviour (it should be fairly obvious) and thus attempt to make it difficult for these guys to cash out easily. Perhaps in the end the backbone of the bitcoin mining network will be controlled by botnet's, it may be an inevitability we have to accept.

botnetters running on the bitcoin network is not without risk.

The controlling node runs a much greater chance of being tracked and found when they try to bitcoin mine than when they are spamming because of the volume of similar traffic that is continuously going from the hub to the nodes.

Ok, I have few words and opinion on topic.

1. As long as botnet is running legit miner software, the blocks are just fine and will benefit the Bitcoin network as far as hashing power is expected. Running disruptive software and hurting Bitcoin network is not profitable for owner. It can only make short term lulz.

2. Most infected machines are low-end ones, with Intel crap cards and very few high-end ATI cards. Probably the most likely user getting infected is noob beginner or office computer. They predominantly are Celeron/Sempron/i3 and similar low spec machines. High-end rigs usually is controlled by smarter people, and infestation is more likely to be detected and removed.

3. Running CPU miner can lead to detection and is unprofitable by itself. You more likely will get your botnet reduced in size because people reinstall they computers than get more profit than sending emails or DDoSing.

Here is what i think...
+1. Most likely they (botnet ops), will create private pools, concentrating all the mining power they have on there.
There are lot of "noobs" out there. There are office computers too, there are older people who don't have deep understandng of computers. Even if most of the computers have low end CPU's, infecting great amount of computers will give great speed.
Not necessary. CPU mining can be done when computer is idle and noone is going to notice. For example, how often do you check what computer do when is idle? This is the smartest choice assuming great amount of PC's are not being turned of at the end of shift, etc. making detection even more difficult. There isn't even need to bother infecting cumputers. Take some fancy screensaver (most of the modern can use GPU power), include the miner in it's code, and upload it on multiple sites. Ah... too bad i'm not a programmer myself :D But this is scenario that is most likely to happen.