Bitcoin Forum
December 04, 2016, 12:11:27 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: New bitcoin trojan installs miner, joins pool  (Read 1470 times)
finack
Jr. Member
*
Offline Offline

Activity: 56


View Profile
June 28, 2011, 01:41:55 PM
 #1

Gold rush
Aleks - Kaspersky Lab Expert
Posted June 28, 13:20  GMT

The recent online hysteria over the BitCoin virtual money system has attracted the attention not only of those who dream of making money out of thin air but also of cybercriminals who, as usual, want to steal anything they can get their hands on.

A few days ago our colleagues at F-Secure wrote that they had detected a primitive Trojan that steals e-wallets from the computers of BitCoin users.

However, some cybercriminals seem to think that it’s more profitable to steal computer resources rather than e-wallets.

Today our analysts detected a new threat spreading in the Russian sector of the Internet – Trojan.NSIS.Miner.a. This Trojan has two components – the legitimate bcm.exe file BitCoin Miner (not-a-virus:RiskTool.Win32.BitCoinMiner.a), and a malicious module that installs bcm without the user’s knowledge and adds it to the autorun registry. The infected computer then starts to generate bit-coins for the Trojan’s author.

[continues on to show screenshots of the deepbit mining account and others]

http://www.securelist.com/en/blog/208188132/Gold_rush
1480810287
Hero Member
*
Offline Offline

Posts: 1480810287

View Profile Personal Message (Offline)

Ignore
1480810287
Reply with quote  #2

1480810287
Report to moderator
1480810287
Hero Member
*
Offline Offline

Posts: 1480810287

View Profile Personal Message (Offline)

Ignore
1480810287
Reply with quote  #2

1480810287
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480810287
Hero Member
*
Offline Offline

Posts: 1480810287

View Profile Personal Message (Offline)

Ignore
1480810287
Reply with quote  #2

1480810287
Report to moderator
1480810287
Hero Member
*
Offline Offline

Posts: 1480810287

View Profile Personal Message (Offline)

Ignore
1480810287
Reply with quote  #2

1480810287
Report to moderator
1480810287
Hero Member
*
Offline Offline

Posts: 1480810287

View Profile Personal Message (Offline)

Ignore
1480810287
Reply with quote  #2

1480810287
Report to moderator
Jack of Diamonds
Sr. Member
****
Offline Offline

Activity: 252



View Profile
June 28, 2011, 02:03:41 PM
 #2

That's a pretty pathetic botnet. As you can see from the mhash/s he likely harvested a ton of old CPU's.

1f3gHNoBodYw1LLs3ndY0UanYB1tC0lnsBec4USeYoU9AREaCH34PBeGgAR67fx
DamienBlack
Jr. Member
*
Offline Offline

Activity: 56


View Profile
June 28, 2011, 02:10:44 PM
 #3

Yeah, even if this infected 10,000 computers, I would only expect a handful of them to have a decent graphics card. I you imagine that you could expect an average of 5 mh/s or so from each computer, and each computer would probably only be up and running about 30% of the time.

In the end you'd get 10,000 * 5 * .3 = 15,000 mh/s. That is about 10 BTC/day at the current difficulty, or $170. I'm sure you could earn more doing something mundane like delivering ads.

I trade bitcoin options at https://bitoption.org/ ... Join me.
I play poker at https://betco.in/ ... Join me.
Support the bitcoin economy, what do you do?
Tips: 1NfXhiTFEdKQTdLy49s6DYAP1K7MeFWyao
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!