Bitcoin Forum
December 08, 2016, 12:16:23 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 [3]  All
  Print  
Author Topic: Botnet - can we stop this madness?  (Read 6377 times)
anatolikostis
Legendary
*
Offline Offline

Activity: 1736



View Profile
July 01, 2011, 11:25:02 AM
 #41

So, we have Trojan.NSIS.Miner.a now
Are you protected? Wink
http://www.securelist.com/en/blog/208188132/Gold_rush
1481199383
Hero Member
*
Offline Offline

Posts: 1481199383

View Profile Personal Message (Offline)

Ignore
1481199383
Reply with quote  #2

1481199383
Report to moderator
1481199383
Hero Member
*
Offline Offline

Posts: 1481199383

View Profile Personal Message (Offline)

Ignore
1481199383
Reply with quote  #2

1481199383
Report to moderator
"In a nutshell, the network works like a distributed timestamp server, stamping the first transaction to spend a coin. It takes advantage of the nature of information being easy to spread but hard to stifle." -- Satoshi
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481199383
Hero Member
*
Offline Offline

Posts: 1481199383

View Profile Personal Message (Offline)

Ignore
1481199383
Reply with quote  #2

1481199383
Report to moderator
1481199383
Hero Member
*
Offline Offline

Posts: 1481199383

View Profile Personal Message (Offline)

Ignore
1481199383
Reply with quote  #2

1481199383
Report to moderator
markm
Legendary
*
Offline Offline

Activity: 1792



View Profile WWW
July 01, 2011, 12:03:17 PM
 #42

That is crazy. You have a nice anonymising currency that can stash your bot-gotten gains on the blockchain to collect at your liesure and instead you direct your bots to contact your friendly neighborhood miner-man?

Sheesh. Who did they hire to craft this brilliant trojan for them?

-MarkM-

Browser-launched Crossfire client now online (select CrossCiv server for Galactic  Milieu)
Free website hosting with PHP, MySQL etc: http://hosting.knotwork.com/
anatolikostis
Legendary
*
Offline Offline

Activity: 1736



View Profile
July 01, 2011, 12:15:06 PM
 #43

That is crazy. You have a nice anonymising currency that can stash your bot-gotten gains on the blockchain to collect at your liesure and instead you direct your bots to contact your friendly neighborhood miner-man?

Sheesh. Who did they hire to craft this brilliant trojan for them?

-MarkM-

this trojan was written by russian user and this signature is blocked by the most of AV-soft now...
but if the creator of TDL-4 will implement this experience ... Cry Cry Cry
BkkCoins
Hero Member
*****
Offline Offline

Activity: 784


firstbits:1MinerQ


View Profile WWW
July 01, 2011, 12:19:26 PM
 #44

It won't take long for the next one to figure out that it needs to go thru a proxy, and probably some kind of shifting one that makes use of the infected systems themselves.
Nonetheless I'm glad to see that deepbit at least does a manual check when many IPs are detected.

KnuttyD
Member
**
Offline Offline

Activity: 110



View Profile
July 01, 2011, 07:39:12 PM
 #45

It won't take long for the next one to figure out that it needs to go thru a proxy, and probably some kind of shifting one that makes use of the infected systems themselves.
Nonetheless I'm glad to see that deepbit at least does a manual check when many IPs are detected.
i think your talking about Fast Flux

If I helped you in some way, and you feel obligated to do so, you can tip me some coin!
1KVadqbELY3KuJhkm9rDtcwxZknhRsfPHY
syb3ria
Jr. Member
*
Offline Offline

Activity: 56


'buntusiast


View Profile
July 01, 2011, 09:48:13 PM
 #46

It was a matter of time for a trojan like Trojan.NSIS.Miner.a to appear. I already said like 2 weeks ago this would happen...
ukbitco.in
Jr. Member
*
Offline Offline

Activity: 30


View Profile
July 01, 2011, 10:46:44 PM
 #47

Botnet mining is absolutely going to be a problem. As many have pointed out already, a large botnet could take 50% of market share almost overnight. Imagine a botnet of 1 million PC's (quite common), the cpu's running at half intensity would absolutely destroy profitability for "honest" miners. Now lets imagine that 10% of these computers have descent GPU's or that just 1% have some of the top of the line ATI GPU's. You can now see the problem. BTW The idea that botnet operators would have to choose between running, say a spam network and a bitcoin mining operation is false, what is to stop them doing both? The incentive's for these guys are enormous. Bitcoin mining over the botnet paradigm provides a direct route to quick cash.

There are however, some technical problems for the botnet operators to overcome, e.g. collecting the mined coins, preventing user detection.... but i can't see anything that won't be solved by clever code. Can we as a community come up with some method to prevent this from happening? Almost certainly not unless we can find a way to force some kind of user interaction into the mining process. I can't imagine how? Would we could at least do is ask the pools to come up with some security measures to prevent obvious use of botnets in their systems, but that would be require an incentive to do so, whilst yet right now they will be earning lot's of fee's by ignoring the problem.

Will bitcoin become associated with hackers looking for cheap bucks? I think so. Maybe we can persuade the big exchanges, the community and the pools to watch out for botnet behaviour (it should be fairly obvious) and thus attempt to make it difficult for these guys to cash out easily. Perhaps in the end the backbone of the bitcoin mining network will be controlled by botnet's, it may be an inevitability we have to accept.

marcus_of_augustus
Legendary
*
Offline Offline

Activity: 2100



View Profile
July 01, 2011, 11:57:18 PM
 #48


botnetters running on the bitcoin network is not without risk.

The controlling node runs a much greater chance of being tracked and found when they try to bitcoin mine than when they are spamming because of the volume of similar traffic that is continuously going from the hub to the nodes.

MysteryMiner
Legendary
*
Offline Offline

Activity: 910



View Profile
July 02, 2011, 08:41:39 PM
 #49

Ok, I have few words and opinion on topic.

1. As long as botnet is running legit miner software, the blocks are just fine and will benefit the Bitcoin network as far as hashing power is expected. Running disruptive software and hurting Bitcoin network is not profitable for owner. It can only make short term lulz.

2. Most infected machines are low-end ones, with Intel crap cards and very few high-end ATI cards. Probably the most likely user getting infected is noob beginner or office computer. They predominantly are Celeron/Sempron/i3 and similar low spec machines. High-end rigs usually is controlled by smarter people, and infestation is more likely to be detected and removed.

3. Running CPU miner can lead to detection and is unprofitable by itself. You more likely will get your botnet reduced in size because people reinstall they computers than get more profit than sending emails or DDoSing.

1LEaxxAh1LKFUvDKYVhiMEVAHRM7K5o7cF
syb3ria
Jr. Member
*
Offline Offline

Activity: 56


'buntusiast


View Profile
July 04, 2011, 07:41:32 AM
 #50

Here is what i think...
Quote
1. As long as botnet is running legit miner software, the blocks are just fine and will benefit the Bitcoin network as far as hashing power is expected. Running disruptive software and hurting Bitcoin network is not profitable for owner. It can only make short term lulz.
+1. Most likely they (botnet ops), will create private pools, concentrating all the mining power they have on there.
Quote
2. Most infected machines are low-end ones, with Intel crap cards and very few high-end ATI cards. Probably the most likely user getting infected is noob beginner or office computer. They predominantly are Celeron/Sempron/i3 and similar low spec machines. High-end rigs usually is controlled by smarter people, and infestation is more likely to be detected and removed.
There are lot of "noobs" out there. There are office computers too, there are older people who don't have deep understandng of computers. Even if most of the computers have low end CPU's, infecting great amount of computers will give great speed.
Quote
3. Running CPU miner can lead to detection and is unprofitable by itself. You more likely will get your botnet reduced in size because people reinstall they computers than get more profit than sending emails or DDoSing.
Not necessary. CPU mining can be done when computer is idle and noone is going to notice. For example, how often do you check what computer do when is idle? This is the smartest choice assuming great amount of PC's are not being turned of at the end of shift, etc. making detection even more difficult. There isn't even need to bother infecting cumputers. Take some fancy screensaver (most of the modern can use GPU power), include the miner in it's code, and upload it on multiple sites. Ah... too bad i'm not a programmer myself Cheesy But this is scenario that is most likely to happen.
Pages: « 1 2 [3]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!