While distributed denial of service and spam sending are still some of the most effective ways of monetizing a large-scale Botnet, cyber-criminal gangs have also turned their attention towards the increasingly popular peer-to-peer currency system known as Bitcoin.
SYDNEY & AUCKLAND – 19 August, 2011 – BitDefender has identified a miner Trojan, Trojan.Antiminer.A, that hijacks compromised machines with the purpose of creating a botnet of infected PCs and uses their resources to produce virtual money. The Trojan silently deploys a legit Bitcoin miner that uses the GPU of the machine to compute virtual currency.
Inspired by the fact that the Bitcoin (BTC) parity is one to 15 US dollars, the crooks have laid eyes on computer systems with powerful GPUs to make easy money. The gaming community is therefore highly exposed since the modern games on the market require powerful GPUs to support the latest developments in the visual effects industry.
“If you happen to download cracked games via Torrent or other P2P sharing services, chances are that you may become a victim of this lucrative Trojan bundled with a genuine GPU miner. We advise you to start checking your system for signs of infection, especially if you are constantly losing frames-per-second,” advises Catalin Cosoi, head of BitDefender Threats Lab. “The Trojan’s mission is dramatically facilitated by the fact that hardcore gamers do not run antivirus solutions as these are traditionally perceived as bottlenecks on high-performance computers,” he continued.
It may be true that a single miner – be it powered by the most advanced GPU on the market – calculates a limited number of Bitcoins per day. That is why the masterminds behind this operation target a large number of compromised computers that act like an extensive capable of processing large amount of hashes that are transformed into Bitcoins. It is obvious that more computers produce more virtual money while, at the same time, increasing statistically the chances of getting the randomly-awarded bounty of 50 coins for participation in the pool’s effort.
If the Bitcoin system needs any clarification at all, then you should know that it is a cryptographic virtual currency meant to help people make transactions over the Internet while keeping the utmost privacy of their identity. These trades can be made under the mask of anonymity, where there’s no real identity associated to the online persona. Plus there is no bank or state authority to govern over the production or use of this digital cash either.
“This attack is just one take at the big pot of money that revolves around Bitcoin. There have been a series of incidents in which cyber-criminals tried to tamper with the system to their own advantage and we expect to see increased malicious activity related to Bitcoin mining on the computing resources of unwary users,” Cosoi warns.
*All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.
Download now the removal tool for Trojan.Antiminer.A!.
BitDefender is the creator of one of the industry's fastest and most effective lines of internationally certified internet security software. Since 2001, BitDefender has been an industry pioneer, introducing and developing award-winning protection technologies. Every day, BitDefender secures the digital experience of tens of millions of home and corporate users across the globe. BitDefender solutions are distributed by a global network of value-added distribution and reseller partners in countries across the world.
Recently, the company has won a range of key independent recommendations in the US, UK and across Europe, including ConsumerSearch, Which?, Stiftung Warentest and Taenk. BitDefender antivirus technology has also finished top in leading industry tests from both AV Test and AV-Comparatives. More information about BitDefender and its products is available from the company’s security solutions pressroom. Additionally, BitDefender publishes Malware City providing the latest updates on security threats and helping users stay informed in the everyday battle against malware.
P: 028281 3802