Bitcoin Forum
November 05, 2024, 12:58:57 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: BitCoin mining virus  (Read 20552 times)
BitCoinDream (OP)
Legendary
*
Offline Offline

Activity: 2394
Merit: 1216

The revolution will be digital


View Profile
December 22, 2013, 09:24:32 AM
 #1

I heard a Bitcoin mining virus is on round, that once installed in your machine, doing no harm, except taking your CPU power to mine for others. - True ?

BadBear
v2.0
Legendary
*
Offline Offline

Activity: 1652
Merit: 1128



View Profile WWW
December 22, 2013, 09:33:40 AM
 #2

Yes, called silent miners.

1Kz25jm6pjNTaz8bFezEYUeBYfEtpjuKRG | PGP: B5797C4F

Tired of annoying signature ads? Ad block for signatures
BitShiva
Newbie
*
Offline Offline

Activity: 4
Merit: 0


View Profile
December 22, 2013, 09:56:42 AM
 #3

Is there any way to detect this virus? One of the computers at my job suddenly has the CPU light on all day and is very slow. It's probably something else, but if there's a common way to check for this virus I'd like to know.
mprep
Global Moderator
Legendary
*
Offline Offline

Activity: 3794
Merit: 2612


In a world of peaches, don't ask for apple sauce


View Profile WWW
December 22, 2013, 10:32:09 AM
 #4

Is there any way to detect this virus? One of the computers at my job suddenly has the CPU light on all day and is very slow. It's probably something else, but if there's a common way to check for this virus I'd like to know.
Well, a scan with an antivirus won't do any harm.

sampathneo
Full Member
***
Offline Offline

Activity: 173
Merit: 100



View Profile
December 22, 2013, 12:05:26 PM
 #5

yes it is, use the malwarebytes, some virus can rob your bitcoins too  Shocked
BitCoinDream (OP)
Legendary
*
Offline Offline

Activity: 2394
Merit: 1216

The revolution will be digital


View Profile
December 22, 2013, 12:58:47 PM
 #6

Is there any way to detect this virus? One of the computers at my job suddenly has the CPU light on all day and is very slow. It's probably something else, but if there's a common way to check for this virus I'd like to know.
Well, a scan with an antivirus won't do any harm.

I think as it is not doing any direct harm, it is probably not updated in all virus definition for anti-virus companies. Hence it is not even detected always through anti-virus scam. Someone told me that he detected it by checking current running processes on his CPU.

btcrich
Sr. Member
****
Offline Offline

Activity: 302
Merit: 250


View Profile
December 22, 2013, 01:12:44 PM
 #7

You may find it in your process manager.  Look for any process that is using up the bulk of your processing power.  Sometimes they're named to look like a legitimate system process.

They are not always detected by anti-malware.  They can also be persistent, meaning even if you kill the program, it will just come back.

Typically, silent miners are installed on systems by botnet operators only after infecting your system with a herding application.  So if you find that your system has in fact been mining coins without your knowledge, there is a high probability that your system has already been totally compromised.  If so, you'll also probably find any wallets on your system to already be emptied as well.
juggalodarkclow
Legendary
*
Offline Offline

Activity: 980
Merit: 1000



View Profile
December 22, 2013, 01:45:13 PM
 #8

I found a process running on my kids computer that was called CPUMiner. AVG didn't pick up on it but MalwareBytes did.

meade16
Full Member
***
Offline Offline

Activity: 182
Merit: 100


View Profile
December 22, 2013, 02:11:22 PM
 #9

Try a scan using ESET online scanner

http://www.eset.com/int/home//products/online-scanner/
mprep
Global Moderator
Legendary
*
Offline Offline

Activity: 3794
Merit: 2612


In a world of peaches, don't ask for apple sauce


View Profile WWW
December 22, 2013, 02:34:57 PM
 #10

Is there any way to detect this virus? One of the computers at my job suddenly has the CPU light on all day and is very slow. It's probably something else, but if there's a common way to check for this virus I'd like to know.
Well, a scan with an antivirus won't do any harm.

I think as it is not doing any direct harm, it is probably not updated in all virus definition for anti-virus companies. Hence it is not even detected always through anti-virus scam. Someone told me that he detected it by checking current running processes on his CPU.
Some software might pick it up.

ebildude123
Full Member
***
Offline Offline

Activity: 223
Merit: 100


View Profile
December 23, 2013, 02:08:35 AM
 #11

Is there any way to detect this virus? One of the computers at my job suddenly has the CPU light on all day and is very slow. It's probably something else, but if there's a common way to check for this virus I'd like to know.
Check the task manager for high CPU usage. If its poorly made it'll be there.
Also check the startup folder and the run registry keys, make sure nothing suspicious is there.
Scan with malwarebytes, should pick anything you can't catch up Smiley
Xtrata
Hero Member
*****
Offline Offline

Activity: 616
Merit: 500


View Profile
December 24, 2013, 09:46:06 PM
 #12

Try to use Adaware, usually block most of the crap you get.
repindose
Newbie
*
Offline Offline

Activity: 1
Merit: 0


View Profile
February 03, 2014, 01:15:19 PM
 #13

Get information about antivirus (100% free) to address the problems of viruses. The last few months I'm testing some software Bitcoin miners, turned out to contain computer viruses that make us so slow. Luckily I was able to use antivirus mendeksi various viruses. I use antivirus memoirs updated every 15 days.
Source of Information "Powerful Antivirus Plus 2014 Able to Fix OS" = http://www.repindose.com/2014/01/antivirus-ampuh-2014.html.
steve15
Member
**
Offline Offline

Activity: 70
Merit: 10


View Profile
February 03, 2014, 03:42:16 PM
 #14

Well i created a special tool to scan your network to see if your miners are being exploited remotely or not. This was build as proof of concept tool to show a huge miner exploit.

Because of some script kiddies reverse engineering and decompiling the tool, and posting it on topic with a fake antivirus link, linking to a Java drive by exploit, i locked the topic and asked a admin to remove it.

You can still search the topic in the 'mining' section, called "KnC Miner : Security hacked - UPDATE with TOOL"

On topic:

The main problem is these viruses are NOT detected by your AV because they are crypted to be, what's called, FUD (Fully Undetectable).

They pay big bucs for those crypters to keep them always FUD. Never ever will an AV or malwarebytes pick up a virus that has been 100% FUD crypted.

It takes you only to click a stupid link, like the one user ici_lemmy posted in my topic, to get infected. You can only know if you are infected or not by scanning if your miners are being remotely viewed, or, an instance of cgminer/bfgminer is running silent full hidden on your system.

Never be fooled by thinking "I have a good AV scanner, i'm safe", because you are NOT and never will be.

There are thousands of computers hooked up in botnets to mine without the users knowing it.

The world's most secured bitcoin wallet | http://tinyurl.com/btcwallet | Armory
minifrij
Legendary
*
Offline Offline

Activity: 2352
Merit: 1268


In Memory of Zepher


View Profile WWW
February 03, 2014, 04:23:19 PM
 #15

Malware Bytes picks up every Bitcoin Miner I download, even though they are legitimate. I'm sure that it will pick up silent miners as well. Granted that they could have what was mentioned above, but AVs can pick stuff up and add it to the databases pretty fast.
steve15
Member
**
Offline Offline

Activity: 70
Merit: 10


View Profile
February 03, 2014, 04:40:24 PM
 #16

Malware Bytes picks up every Bitcoin Miner I download, even though they are legitimate. I'm sure that it will pick up silent miners as well. Granted that they could have what was mentioned above, but AVs can pick stuff up and add it to the databases pretty fast.

Yes, because it is well known.

FUD crypters are using unique stubs, there are no two equal. Therefore, they are FUD.
You dont have to believe me, just google FUD crypters and virus. You'll see.

It's this kind of thinking that gets people hacked in the first place.

It's as foolish as thinking you need no AV on a Mac or Linux.

The world's most secured bitcoin wallet | http://tinyurl.com/btcwallet | Armory
Mivexil
Member
**
Offline Offline

Activity: 112
Merit: 10


View Profile
February 03, 2014, 04:46:44 PM
 #17

Is there any way to detect this virus? One of the computers at my job suddenly has the CPU light on all day and is very slow. It's probably something else, but if there's a common way to check for this virus I'd like to know.
Check the task manager for high CPU usage. If its poorly made it'll be there.
Also check the startup folder and the run registry keys, make sure nothing suspicious is there.
Scan with malwarebytes, should pick anything you can't catch up Smiley

Hardly needs to be poorly made - it's not easy to fake the CPU usage, unless you install a rootkit. And even then the sound of your fans blazing is pretty much a dead giveaway.
steve15
Member
**
Offline Offline

Activity: 70
Merit: 10


View Profile
February 03, 2014, 04:56:03 PM
 #18

Is there any way to detect this virus? One of the computers at my job suddenly has the CPU light on all day and is very slow. It's probably something else, but if there's a common way to check for this virus I'd like to know.
Check the task manager for high CPU usage. If its poorly made it'll be there.
Also check the startup folder and the run registry keys, make sure nothing suspicious is there.
Scan with malwarebytes, should pick anything you can't catch up Smiley

Hardly needs to be poorly made - it's not easy to fake the CPU usage, unless you install a rootkit. And even then the sound of your fans blazing is pretty much a dead giveaway.

https://www.google.be/search?q=silent+miner&ie=utf-8&oe=utf-8&rls=org.mozilla:nl:official&client=firefox-a&gws_rd=cr&ei=zcnvUrDkDenV4wTXq4GYAg#q=FUD+silent+miner&rls=org.mozilla:nl:official

There you go. Undetectable silent miners.

Blazing fans? In your dreams. A silent miner takes about 30% of your CPU usage.
Then again, with ten thousands silent miners within a simple botnet, no need for maximum CPU usage Smiley

The world's most secured bitcoin wallet | http://tinyurl.com/btcwallet | Armory
Mivexil
Member
**
Offline Offline

Activity: 112
Merit: 10


View Profile
February 03, 2014, 05:27:39 PM
 #19

Is there any way to detect this virus? One of the computers at my job suddenly has the CPU light on all day and is very slow. It's probably something else, but if there's a common way to check for this virus I'd like to know.
Check the task manager for high CPU usage. If its poorly made it'll be there.
Also check the startup folder and the run registry keys, make sure nothing suspicious is there.
Scan with malwarebytes, should pick anything you can't catch up Smiley

Hardly needs to be poorly made - it's not easy to fake the CPU usage, unless you install a rootkit. And even then the sound of your fans blazing is pretty much a dead giveaway.

https://www.google.be/search?q=silent+miner&ie=utf-8&oe=utf-8&rls=org.mozilla:nl:official&client=firefox-a&gws_rd=cr&ei=zcnvUrDkDenV4wTXq4GYAg#q=FUD+silent+miner&rls=org.mozilla:nl:official

There you go. Undetectable silent miners.

Blazing fans? In your dreams. A silent miner takes about 30% of your CPU usage.
Then again, with ten thousands silent miners within a simple botnet, no need for maximum CPU usage Smiley

Can't see any that would be "undetectable" in that it wouldn't show up in Task Manager. You'd still need a rootkit for that - doable, but probably above the level of most script kiddies.

Of course you can throttle the usage down, but then you'd need 3 times more PCs to accomplish the same task (and in case of mining Bitcoin with CPUs scenario, that'd make your venture even more worthless).

And it's probably still detectable via a benchmark.
Come-from-Beyond
Legendary
*
Offline Offline

Activity: 2142
Merit: 1010

Newbie


View Profile
February 03, 2014, 05:31:07 PM
 #20

I heard a Bitcoin mining virus is on round, that once installed in your machine, doing no harm, except taking your CPU power to mine for others. - True ?

Not 100% true. It attacks brain of people and makes them to mine proof-of-work currencies. It's easily detectable though, just ask opinion of these people about any proof-of-stake coin. Asking about Nxt, which is 100% PoS, gives the best level of detection.
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!