Skip to content
Bitcoins have been around since 2008 but have only began gaining attention in September 2011. This increasing public attention did not go unnoticed by cybercriminals who have began unleashing Bitcoin-mining malware. The term "Bitcoin-mining malware" is used to refer to malware that cybercriminals use to install Bitcoin miners in users' systems. These allow cybercriminals to utilize systems' computing resources for their own gain.
What is a Bitcoin and how is it created?
Bitcoin is a form of electronic currency that uses peer-to-peer (P2P) networks to track and verify transactions. The Bitcoin system does not make use of financial institutions so no central authority is necessary to control this currency. Bitcoins can be used to pay for various online services like Web hosting, mobile app development, and cloud file storage. They can also be used to pay for products like games, music, gift cards, and books. Bitcoin use is not limited to online transactions, as some real-world establishments accept Bitcoins as payment for various goods. These can also be traded for traditional currency via sites that offer most international currencies in exchange.
Bitcoins are generated or “mined” after processing a so-called “block” of data. A Bitcoin block is a cryptographic problem one’s system solves with the aid of great computing power.
How do Bitcoin miners get into users' system?
Most Bitcoin-mining malware arrive via malicious downloads or through social media. Exploitation of system and/or application vulnerabilities may also lead to infection.
What happens to Bitcoin-mining-infected systems?
Bitcoin-mining malware primarily aim to force systems to generate Bitcoins for cybercriminals’ use.
How do Bitcoin-mining malware infections affect users?
The Bitcoin mining process eats up a system's computing power. As such, infected systems sustain increased wear and tear from processing Bitcoin blocks. Infected systems work abnormally slow.
Even though Bitcoin-mining malware do not appear to target specific individuals, cybercriminals may choose to infect systems with highly capable graphic processing units (GPUs) or video cards, as these process Bitcoins faster. As such, gamers and other users of graphics-intensive applications may be especially favored targets.
What drives the proliferation of Bitcoin-mining malware?
Cybercriminals always try to find new ways to monetize their malicious activities. Bitcoin generation allows them to do just that. Infecting others’ systems with Bitcoin-mining malware allows cybercriminals to make money without exerting as much effort. The fact that Bitcoin is slowly being recognized as a legitimate currency and that it has real-world value seems to be spurring greater cybercriminal interest.
What makes Bitcoin-mining malware attacks noteworthy?
Among the Bitcoin-mining-related malware we have seen so far, WORM_OTORUN.ASH is particularly noteworthy. The inclusion of Bitcoin-mining code may mean that cybercriminals are considering making Bitcoin mining a regular payload.
Do Trend Micro products protect users from Bitcoin-mining malware?
Yes, Trend Micro products protect users from the malware mentioned in this article. Backed by the Trend Micro™ Smart Protection Network™ infrastructure, Web reputation technology blocks users access to all of the related malicious URLs. File reputation technology, meanwhile, detects and deletes all known malware associated with involuntary Bitcoin mining.
What can users do to prevent Bitcoin-mining malware from infecting their systems?
Safe computing habits can help prevent system infection and involuntary Bitcoin mining:
“Cybercriminals will continue to find ways to monetize their malicious activities. Bitcoin-mining malware attacks are just another means for them to do so. Bitcoin mining may have earned cybercriminal attention due to the fact that it represents a direct source of income.”
—Roland Dela Paz, Trend Micro threat response engineer
“In the early part of September, a Bitcoin was worth more than US$8. Should the value of Bitcoins rise, the number of Bitcoin-mining malware will also increase.”
—Karl Dominguez, Trend Micro threat response engineer
Connect with us on