Yahoo Ad Malware Was An Attempt To Build A Secret Bitcoin Mining Botnet

from the bitcoin-mining-scams-on-the-rise dept

A decade ago, it was actually fairly common to see various "distributed computing" projects seek to put a variety of people's computers to use to tackle tough problems -- and sometimes those distributed efforts involved clearly revealed and transparent code within other applications. A couple years ago, just as Bitcoin was first starting to get attention, I remember hearing from someone who was talking about trying to build a media player that would look to offer licensed/authorized content in exchange for quietly being a part of a Bitcoin mining effort. Nowadays, it appears that this idea of creating secret distributed Bitcoin mining is taking on a somewhat more questionable reputation. A gaming software company was whacked with a $1 million fine after (the company claims) a "rogue employee" included some Bitcoin mining hidden within their app. There have been accusations that a number of other apps out there are also secretly mining bitcoin.

Just recently, we noted that Yahoo users in Europe were exposed to malicious ads that were downloading malware. It's now come out that the malware was... Bitcoin mining software, which sought to use some of everyone's excess computing resources to hunt for more Bitcoin. As "malware" goes, this is actually a lot less damaging than some other stuff out there (keyloggers designed to steal bank info, for example). It likely would bump up electricity bills slightly for some users, and basic PC mining is pretty ineffective, but it's interesting to see that malware folks are taking such extreme steps to try to build secret Bitcoin mining networks.

Of course, it still seems like doing this kind of thing in an upfront way might be an interesting business model: offer some useful software for free, telling folks very clearly that the "payment" is that they'll be using some of your spare cycles for mining. Of course, it might be better if this was done for cryptocurrencies that weren't so damn inefficient with electricity -- something like Peercoin instead of Bitcoin, for example. I imagine it's really only a matter of time. Imagine a Netflix/Hulu competitor that offered you the content for free, in exchange for distributed computing power, paying the licenses out of the proceeds from the mining. It's not that crazy when you think about it...


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    icon
    Ninja (profile), Jan 9th, 2014 @ 2:41am

    Well, it was a matter of time I guess. I wonder if antivirus software are already adding such things to their lists? The PUP detection abilities are already there for a while now.

    Of course, it might be better if this was done for cryptocurrencies that weren't so damn inefficient with electricity -- something like Peercoin instead of Bitcoin, for example.

    On a side note, not as related, how many of those digital cryptocurrencies are out there? For the more initiated in economics, isn't it bad to have a fragmented market?

     

    reply to this | link to this | view in thread ]

  2.  
    icon
    JCHP (profile), Jan 9th, 2014 @ 3:50am

    However...

    If the Netflix/Hulu/Random Media Player started giving away free stuff in exchange for cryptocurrency mining, then the **AA and co. would start asking for a tax on those "coins", wouldn't they?

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Anonymous Coward, Jan 9th, 2014 @ 4:08am

    Re: However...

    They already claim more missed income than there is wealth in the universe, so oh well...

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Anonymous Coward, Jan 9th, 2014 @ 4:22am

    Bitcoin mining malware isn't completely inoffensive: if your cooling is marginal, it can cause the hardware to overheat and fail.

    Even then, it's quite interesting that the profitability of Bitcoin mining is causing it to displace more dangerous malware.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Anonymous Coward, Jan 9th, 2014 @ 5:05am

    What a useless concept. It would have been cool years ago but now for any SHA256-based currency this is useless, you can't compete with ASIC miners. Especially since you need the user to have decent hardware and be physically logged in locally for mining to work decently, otherwise you're stuck using CPU mining which is even more ridiculous for SHA256. You'd literally need millions of computers to compete against a single 1000$ unit... and guess how many of those are out there now.

    And yes, even scrypt based mining on CPU is pretty much useless, unless your entire point is to mine at a loss.

    So these people had way too much expectations out of their "hidden" miner.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Just Sayin', Jan 9th, 2014 @ 5:14am

    Not a bad idea

    Actually, these guys are onto something. Almost all malware is directed towards accomplishing a secondary goal these days, it's rarely about just screwing up a computer because you can.

    Some are more direct than others, botnets have been created to spam or do to DDoS attacks for a price, and the encode the files on your hard drive ransom ware is just a more direct version.

    This bitcoin malware isn't unique, it's just that someone figured out that there was a hole to be filled. if you can get a few million computers working for you, even if they aren't very effecient, and you can mine some decent numbers. With bitcoins at $1000 a pop these days, it could become very profitable.

    I wonder if the next one will look for existing mining rigs, mining software, or the like and subvert it? Perhaps looking for bitcoin account numbers to try to transfer funds out of the account.

    ... and the AC is right, if your system is sensitive to heat, running it really hard for an extended period could harm it, so this isn't malware without cost or potential pain.

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Me, Jan 9th, 2014 @ 5:34am

    BOINC

    I still would be peeved at this bitcoin mining "malware" since that means my excess computing resources are no longer searching for pulsars or extraterrestrials. If I missed talking to ET because someone else wanted 0.00000000000000000000000001 bitcoin, the whole world suffers.

     

    reply to this | link to this | view in thread ]

  8.  
    icon
    Ninja (profile), Jan 9th, 2014 @ 5:38am

    Re:

    unless your entire point is to mine at a loss.

    What loss? Because the people behind it would not be spending a penny to mine, even if it is hellish inefficient.

     

    reply to this | link to this | view in thread ]

  9.  
    icon
    Ninja (profile), Jan 9th, 2014 @ 5:49am

    Re: BOINC

    No need to waste your resources, it has been done before 673582b9aaf9a804754affe5288ae625639f4c69 if you are cheap or 4aa34c333a36d1bd7b41dcf6e59ab65bc36b59f3 for high def ET talking ;)

    Wait a minute, finger touching counts as talking, no?

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Anonymous Coward, Jan 9th, 2014 @ 6:01am

    Re:

    I don't see the displacement. You can have both mining and more dangerous malwares installed.

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    Anonymous Coward, Jan 9th, 2014 @ 6:14am

    Re: Re:

    Any extra malware increases the chance that the whole set is discovered, which reduces the return from the bitcoin mining part. If the mining is profitable enough, it is rational to install only it, to lessen the chance of either discovery or (with more aggressive kinds of malware) actually damaging the system it's running on.

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    Anonymous Coward, Jan 9th, 2014 @ 7:22am

    Re: Re:

    He is probably counting the "development cost" of the malware and the costs associated with distributing it.

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    Lazere, Jan 9th, 2014 @ 8:40am

    Re:

    I can tell you that Malwarebytes detects at least some mining software as PUP. It detected the one I was intentionally playing with (can't remember which of the top of my head) just yesterday.

     

    reply to this | link to this | view in thread ]

  14.  
    icon
    beltorak (profile), Jan 9th, 2014 @ 11:08am

    Re: BOINC

    technically, a bitcoin is (currently) only divisible to 8 decimal places (0.00000001 - or, 1 "satoshi").

    /pedant

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Anonymous Coward, Jan 9th, 2014 @ 3:47pm

    FarmVille

    It's only a matter of time before someone releases a FarmVille-like game, wherein the player work needed to generate the in-game currency is tied to generation of a BTC-like "real" currency, for the benefit of the game's producers.

    That's the point when BTC jumps the shark.

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    Anonymous Coward, Jan 10th, 2014 @ 7:31am

    Outside the box thinking........i like it

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This