BitCoinDream (OP)
Legendary
Offline
Activity: 2394
Merit: 1216
The revolution will be digital
|
|
December 22, 2013, 09:24:32 AM |
|
I heard a Bitcoin mining virus is on round, that once installed in your machine, doing no harm, except taking your CPU power to mine for others. - True ?
|
|
|
|
BadBear
v2.0
Legendary
Offline
Activity: 1652
Merit: 1128
|
|
December 22, 2013, 09:33:40 AM |
|
Yes, called silent miners.
|
|
|
|
BitShiva
Newbie
Offline
Activity: 4
Merit: 0
|
|
December 22, 2013, 09:56:42 AM |
|
Is there any way to detect this virus? One of the computers at my job suddenly has the CPU light on all day and is very slow. It's probably something else, but if there's a common way to check for this virus I'd like to know.
|
|
|
|
mprep
Global Moderator
Legendary
Offline
Activity: 3794
Merit: 2612
In a world of peaches, don't ask for apple sauce
|
|
December 22, 2013, 10:32:09 AM |
|
Is there any way to detect this virus? One of the computers at my job suddenly has the CPU light on all day and is very slow. It's probably something else, but if there's a common way to check for this virus I'd like to know.
Well, a scan with an antivirus won't do any harm.
|
|
|
|
sampathneo
|
|
December 22, 2013, 12:05:26 PM |
|
yes it is, use the malwarebytes, some virus can rob your bitcoins too
|
|
|
|
BitCoinDream (OP)
Legendary
Offline
Activity: 2394
Merit: 1216
The revolution will be digital
|
|
December 22, 2013, 12:58:47 PM |
|
Is there any way to detect this virus? One of the computers at my job suddenly has the CPU light on all day and is very slow. It's probably something else, but if there's a common way to check for this virus I'd like to know.
Well, a scan with an antivirus won't do any harm. I think as it is not doing any direct harm, it is probably not updated in all virus definition for anti-virus companies. Hence it is not even detected always through anti-virus scam. Someone told me that he detected it by checking current running processes on his CPU.
|
|
|
|
btcrich
|
|
December 22, 2013, 01:12:44 PM |
|
You may find it in your process manager. Look for any process that is using up the bulk of your processing power. Sometimes they're named to look like a legitimate system process.
They are not always detected by anti-malware. They can also be persistent, meaning even if you kill the program, it will just come back.
Typically, silent miners are installed on systems by botnet operators only after infecting your system with a herding application. So if you find that your system has in fact been mining coins without your knowledge, there is a high probability that your system has already been totally compromised. If so, you'll also probably find any wallets on your system to already be emptied as well.
|
|
|
|
juggalodarkclow
Legendary
Offline
Activity: 980
Merit: 1000
|
|
December 22, 2013, 01:45:13 PM |
|
I found a process running on my kids computer that was called CPUMiner. AVG didn't pick up on it but MalwareBytes did.
|
|
|
|
meade16
|
|
December 22, 2013, 02:11:22 PM |
|
|
|
|
|
mprep
Global Moderator
Legendary
Offline
Activity: 3794
Merit: 2612
In a world of peaches, don't ask for apple sauce
|
|
December 22, 2013, 02:34:57 PM |
|
Is there any way to detect this virus? One of the computers at my job suddenly has the CPU light on all day and is very slow. It's probably something else, but if there's a common way to check for this virus I'd like to know.
Well, a scan with an antivirus won't do any harm. I think as it is not doing any direct harm, it is probably not updated in all virus definition for anti-virus companies. Hence it is not even detected always through anti-virus scam. Someone told me that he detected it by checking current running processes on his CPU. Some software might pick it up.
|
|
|
|
ebildude123
|
|
December 23, 2013, 02:08:35 AM |
|
Is there any way to detect this virus? One of the computers at my job suddenly has the CPU light on all day and is very slow. It's probably something else, but if there's a common way to check for this virus I'd like to know.
Check the task manager for high CPU usage. If its poorly made it'll be there. Also check the startup folder and the run registry keys, make sure nothing suspicious is there. Scan with malwarebytes, should pick anything you can't catch up
|
|
|
|
Xtrata
|
|
December 24, 2013, 09:46:06 PM |
|
Try to use Adaware, usually block most of the crap you get.
|
|
|
|
repindose
Newbie
Offline
Activity: 1
Merit: 0
|
|
February 03, 2014, 01:15:19 PM |
|
Get information about antivirus (100% free) to address the problems of viruses. The last few months I'm testing some software Bitcoin miners, turned out to contain computer viruses that make us so slow. Luckily I was able to use antivirus mendeksi various viruses. I use antivirus memoirs updated every 15 days. Source of Information "Powerful Antivirus Plus 2014 Able to Fix OS" = http://www.repindose.com/2014/01/antivirus-ampuh-2014.html.
|
|
|
|
steve15
Member
Offline
Activity: 70
Merit: 10
|
|
February 03, 2014, 03:42:16 PM |
|
Well i created a special tool to scan your network to see if your miners are being exploited remotely or not. This was build as proof of concept tool to show a huge miner exploit.
Because of some script kiddies reverse engineering and decompiling the tool, and posting it on topic with a fake antivirus link, linking to a Java drive by exploit, i locked the topic and asked a admin to remove it.
You can still search the topic in the 'mining' section, called "KnC Miner : Security hacked - UPDATE with TOOL"
On topic:
The main problem is these viruses are NOT detected by your AV because they are crypted to be, what's called, FUD (Fully Undetectable).
They pay big bucs for those crypters to keep them always FUD. Never ever will an AV or malwarebytes pick up a virus that has been 100% FUD crypted.
It takes you only to click a stupid link, like the one user ici_lemmy posted in my topic, to get infected. You can only know if you are infected or not by scanning if your miners are being remotely viewed, or, an instance of cgminer/bfgminer is running silent full hidden on your system.
Never be fooled by thinking "I have a good AV scanner, i'm safe", because you are NOT and never will be.
There are thousands of computers hooked up in botnets to mine without the users knowing it.
|
|
|
|
minifrij
Legendary
Offline
Activity: 2352
Merit: 1268
In Memory of Zepher
|
|
February 03, 2014, 04:23:19 PM |
|
Malware Bytes picks up every Bitcoin Miner I download, even though they are legitimate. I'm sure that it will pick up silent miners as well. Granted that they could have what was mentioned above, but AVs can pick stuff up and add it to the databases pretty fast.
|
|
|
|
steve15
Member
Offline
Activity: 70
Merit: 10
|
|
February 03, 2014, 04:40:24 PM |
|
Malware Bytes picks up every Bitcoin Miner I download, even though they are legitimate. I'm sure that it will pick up silent miners as well. Granted that they could have what was mentioned above, but AVs can pick stuff up and add it to the databases pretty fast.
Yes, because it is well known. FUD crypters are using unique stubs, there are no two equal. Therefore, they are FUD. You dont have to believe me, just google FUD crypters and virus. You'll see. It's this kind of thinking that gets people hacked in the first place. It's as foolish as thinking you need no AV on a Mac or Linux.
|
|
|
|
Mivexil
Member
Offline
Activity: 112
Merit: 10
|
|
February 03, 2014, 04:46:44 PM |
|
Is there any way to detect this virus? One of the computers at my job suddenly has the CPU light on all day and is very slow. It's probably something else, but if there's a common way to check for this virus I'd like to know.
Check the task manager for high CPU usage. If its poorly made it'll be there. Also check the startup folder and the run registry keys, make sure nothing suspicious is there. Scan with malwarebytes, should pick anything you can't catch up Hardly needs to be poorly made - it's not easy to fake the CPU usage, unless you install a rootkit. And even then the sound of your fans blazing is pretty much a dead giveaway.
|
|
|
|
steve15
Member
Offline
Activity: 70
Merit: 10
|
|
February 03, 2014, 04:56:03 PM |
|
Is there any way to detect this virus? One of the computers at my job suddenly has the CPU light on all day and is very slow. It's probably something else, but if there's a common way to check for this virus I'd like to know.
Check the task manager for high CPU usage. If its poorly made it'll be there. Also check the startup folder and the run registry keys, make sure nothing suspicious is there. Scan with malwarebytes, should pick anything you can't catch up Hardly needs to be poorly made - it's not easy to fake the CPU usage, unless you install a rootkit. And even then the sound of your fans blazing is pretty much a dead giveaway. https://www.google.be/search?q=silent+miner&ie=utf-8&oe=utf-8&rls=org.mozilla:nl:official&client=firefox-a&gws_rd=cr&ei=zcnvUrDkDenV4wTXq4GYAg#q=FUD+silent+miner&rls=org.mozilla:nl:officialThere you go. Undetectable silent miners. Blazing fans? In your dreams. A silent miner takes about 30% of your CPU usage. Then again, with ten thousands silent miners within a simple botnet, no need for maximum CPU usage
|
|
|
|
Mivexil
Member
Offline
Activity: 112
Merit: 10
|
|
February 03, 2014, 05:27:39 PM |
|
Is there any way to detect this virus? One of the computers at my job suddenly has the CPU light on all day and is very slow. It's probably something else, but if there's a common way to check for this virus I'd like to know.
Check the task manager for high CPU usage. If its poorly made it'll be there. Also check the startup folder and the run registry keys, make sure nothing suspicious is there. Scan with malwarebytes, should pick anything you can't catch up Hardly needs to be poorly made - it's not easy to fake the CPU usage, unless you install a rootkit. And even then the sound of your fans blazing is pretty much a dead giveaway. https://www.google.be/search?q=silent+miner&ie=utf-8&oe=utf-8&rls=org.mozilla:nl:official&client=firefox-a&gws_rd=cr&ei=zcnvUrDkDenV4wTXq4GYAg#q=FUD+silent+miner&rls=org.mozilla:nl:officialThere you go. Undetectable silent miners. Blazing fans? In your dreams. A silent miner takes about 30% of your CPU usage. Then again, with ten thousands silent miners within a simple botnet, no need for maximum CPU usage Can't see any that would be "undetectable" in that it wouldn't show up in Task Manager. You'd still need a rootkit for that - doable, but probably above the level of most script kiddies. Of course you can throttle the usage down, but then you'd need 3 times more PCs to accomplish the same task (and in case of mining Bitcoin with CPUs scenario, that'd make your venture even more worthless). And it's probably still detectable via a benchmark.
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
February 03, 2014, 05:31:07 PM |
|
I heard a Bitcoin mining virus is on round, that once installed in your machine, doing no harm, except taking your CPU power to mine for others. - True ?
Not 100% true. It attacks brain of people and makes them to mine proof-of-work currencies. It's easily detectable though, just ask opinion of these people about any proof-of-stake coin. Asking about Nxt, which is 100% PoS, gives the best level of detection.
|
|
|
|
|