The first week of August brought under our scope a miner Trojan identified by Bitdefender as Trojan.Antiminer.A, that highjacks compromised machines with the purpose of creating a botnet of infected PCs and uses their resources to produce virtual money. The Trojan silently deploys a legit Bitcoin miner that uses the GPU of the machine to compute virtual currency.
Inspired by the fact that the Bitcoin (BTC) parity is one to 15 US dollars, the crooks have laid eyes on computer systems with powerful GPUs to make easy money. The gaming community is therefore highly exposed since the modern games on the market require powerful GPUs to support the latest developments in the visual effects industry.
“If you happen to download cracked games via Torrent or other P2P sharing services, chances are that you may become a victim of this lucrative Trojan bundled with a genuine GPU miner. We advise you to start checking your system for signs of infection, especially if you are constantly losing frames-per-second,” advises Catalin Cosoi, head of BitDefender Threats Lab. “The Trojan’s mission is dramatically facilitated by the fact that hardcore gamers do not run antivirus solutions as these are traditionally perceived as bottlenecks on high-performance computers,” he continued.
It may be true that a single miner – be it powered by the most advanced GPU on the market – calculates a limited number of Bitcoins per day. That is why the masterminds behind this operation target a large number of compromised computers that act like an extensive capable of processing large amount of hashes that are transformed into Bitcoins. It is obvious that more computers produce more virtual money while, at the same time, increasing statistically the chances of getting the randomly-awarded bounty of 50 coins for participation in the pool’s effort.
If the Bitcoin system needs any clarification at all, then you should know that it is a cryptographic virtual currency meant to help people make transactions over the Internet while keeping the utmost privacy of their identity. These trades can be made under the mask of anonymity, where there’s no real identity associated to the online persona. Plus there is no bank or state authority to govern over the production or use of this digital cash either.
This attack is just one take at the big pot of money that revolves around Bitcoin. There have been a series of incidents in which cyber-criminals tried to tamper with the system to their own advantage and we expect to see increased malicious activity related to Bitcoin mining on the computing resources of unwary users.
All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.