Gold rush
Aleks - Kaspersky Lab Expert
Posted June 28, 13:20 GMT
The recent online hysteria over the BitCoin virtual money system has attracted the attention not only of those who dream of making money out of thin air but also of cybercriminals who, as usual, want to steal anything they can get their hands on.
A few days ago our colleagues at F-Secure wrote that they had detected a primitive Trojan that steals e-wallets from the computers of BitCoin users.
However, some cybercriminals seem to think that it’s more profitable to steal computer resources rather than e-wallets.
Today our analysts detected a new threat spreading in the Russian sector of the Internet – Trojan.NSIS.Miner.a. This Trojan has two components – the legitimate bcm.exe file BitCoin Miner (not-a-virus:RiskTool.Win32.BitCoinMiner.a), and a malicious module that installs bcm without the user’s knowledge and adds it to the autorun registry. The infected computer then starts to generate bit-coins for the Trojan’s author.
[continues on to show screenshots of the deepbit mining account and others]
http://www.securelist.com/en/blog/208188132/Gold_rush
