New Skype Malware Uses Victims' Machines To Mine Bitcoins

An anonymous reader writes "A new piece of malware propagating across Skype has been discovered that tries to convince the recipient to click on a link. What makes this particular threat different is that it drops a Bitcoin miner application to make the malware author money. While malware has both spread on Skype and mined Bitcoins before, putting the two together could be an effective new strategy."

frist!

i win !

Re:frist!

True, but more importantly, which OS does this exploit work on?

I'm worried.

Re:frist!

[noh8rz10]

no need to worry as long as you have HOSTS.

SKYPE !! SOUNDS LIKE IT RIPS SOMEONE OFF !!

What a name !!

Nerdcoin Apologists

I wonder how they are going to spin this one. *munches popcorn*

Re:Nerdcoin Apologists

[Joce640k]

Dunno, but I've been waiting for this to happen. It's an obvious step for botnet owners.

Re:Nerdcoin Apologists

[dj245]

Dunno, but I've been waiting for this to happen. It's an obvious step for botnet owners.

It would be an obvious step a couple years ago. Bitcoin mining with CPUs is so pointless that they removed the function from the software. Most computers likely to be infected likely won't have a powerful GPU, and GPU mining will become pointless pretty soon regardless.

Re:Nerdcoin Apologists

[Joce640k]

Bitcoin mining with CPUs is so pointless .

Only if you're paying for the electricity yourself.

If somebody else is paying ... hey, why not?

Re:Nerdcoin Apologists

If you have enough squirrels you can move the world.

If you had the choice between one AISC or 400 thousand 3GHz x86 CPU which one do you think will find a bitcoin first?

Re:Nerdcoin Apologists

[dj245]

Bitcoin mining with CPUs is pointless .

Only if you're paying for the electricity yourself.

If somebody else is paying ... hey, why not?

There are better and more lucrative things to do with botnets. If you have a botnet and can't think of anything better to do with it, you can lease it out or sell it. The tiny amount of money bitcoin on commodity hardware would bring in pales in comparison to selling bank accounts, sending spam, renting out attacks, etc. Keep in mind that as a zombie computer becomes more "obvious"- computer is slower, fan runs at 100% all the time, etc, the more likely that the malware will be noticed and removed.

Re:Nerdcoin Apologists

[Joce640k]

Keep in mind that as a zombie computer becomes more "obvious"- computer is slower, fan runs at 100% all the time, etc, the more likely that the malware will be noticed and removed.

Typical geek thinking.

So what if it gets removed? If it ran for a week on 100,000 machines with somebody else paying for the electricity then it was totally worth it.

Re:Nerdcoin Apologists

[petermgreen]

Butterflylabs offer ASIC miners in configurations from 5 GH/s to 1500GH/s. Lets assume that the difference is the number of ASICs inside and that a single ASIC represents 5 GH/s.

According to the bitcoin wiki mining hardware comparison a 3.0 GHz core 2 duo E8400 gives 6.9MH/s so 400 thousand of them would give 2760 GH/s

Plus in a real botnet some of your zombies would also have GPUs.

Re:Nerdcoin Apologists

[Zadaz]

If you have a botnet and can't think of anything better to do with it, you can lease it out or sell it.

Except dealing with any third-parties increases your risk. Which one of them has loose lips, poor security, is a snitch or an undercover officer? Even criminals don't want to hang out with other criminals more than they have to.

Keep in mind that as a zombie computer becomes more "obvious"- computer is slower, fan runs at 100% all the time, etc, the more likely that the malware will be noticed and removed.

I don't think you're around the typical computer user much, or their computers. You describe at least 60% of the non-technical people's computers that I know. They shrug it off. Computers suck and they'll never understand why. Eventually it will straight up die and they'll have another frustrating and expensive experience with Geek Squad. Rinse, repeat.

Re:Nerdcoin Apologists

[__aaltlg1547]

Dunno, but I've been waiting for this to happen. It's an obvious step for botnet owners.

It has been going on since 2011.

Re:Nerdcoin Apologists

[mattventura]

No, because the opportunity cost is what matters. If I had 100,000 machines for a week, then instead of slowly mining bitcoins I could instead rent the botnet to spammers, DDoSers, etc and make more money.

Re:Nerdcoin Apologists

Or you could do all of the above. Many DDoS uses reflection amplification and do not require a lot of cpu time and aren't running 24/7. Spamming is similar in that it is limited by the bandwidth. In fact, most of the nefarious things I can think of are limited by network, not anything else. Mining, on the other hand, does not really use networking and can use all the cpu and gpu they have to spare.

Re:Nerdcoin Apologists

Bitcoin don't kill people, people do!

Re:Nerdcoin Apologists

If you have 100000 machine hashing at 0.1MH per second your making about 7 dollars per hour.
If the machines are a bit faster on average (desktops) you could be making maybe 70 dollars per hour.
I'm not sure what a botnet goes for, but that seems pretty good to me.

Re:Nerdcoin Apologists

a single person mining "coins" on a single computer.. sure, cpu is pointless, gpu is so much more powerful for this particular task....

HOWEVER...

a botnet with potentially 10s of millions of computers? it's all about scale.

Re:Nerdcoin Apologists

[MrL0G1C]

Butterflylabs offer ASIC miners

They offer them, but they don't ever seem to ship them, and if they did ship all of the orders, the difficulty rate would go 4 to 16 times harder because of the sudden massive increase in mining.

Re:Nerdcoin Apologists

[camperdave]

There are better and more lucrative things to do with botnets.

The two are not mutually exclusive.

Re:Nerdcoin Apologists

[Exitar]

Thank you for letting us know that the average /. poster knows more about ways to make money with bots than people that actually write and use them.

Re:Nerdcoin Apologists

[Zontar+The+Mindless]

Yes, but you assume that

{Slashdotters} != {botnet devs}

Which IMO is not the most reasonable assumption to make. :)

Re:Nerdcoin Apologists

[WhackAttack]

Keep in mind that as a zombie computer becomes more "obvious"- computer is slower, fan runs at 100% all the time, etc, the more likely that the malware will be noticed and removed.

I was mining Litecoins this morning and even though my computer was relatively quiet (mining with GPU) compared to fans at 100%, etc, it was still painfully slow. When I hovered over a link it would take a second to change colors. Literally a second. The user would probably notice that too. Though it wasn't laggy when I was mining Bitcoins so...who knows.

Re:Nerdcoin Apologists

[dbIII]

But then that's moving from a shady pyramid scheme baited for geek into stuff that even the naive can see as being some sort of crime!

Keep in mind that as a zombie computer becomes more "obvious"

It's depressing how many people miss the obvious - two problems fixed by plugging in cables on Friday was a bit of a reminder for me on that one.

Re:Nerdcoin Apologists

[UCFFool]

Litecoin is CPU based and 4x's the total released blocks. Just sayin'.

Re:Nerdcoin Apologists

[Jedi+Alec]

The average /. poster knows more about anything than anyone. That's why everytime there's a scientific article there's people popping out of the woodwork going: "Aha! Bet they didn't think of that, did they?".

Preferably without actually reading the article that adresses that very point ;-)

Re:Nerdcoin Apologists

Thank you for letting us know that the average /. poster knows more about ways to make money with bots than people that actually write and use them.

I think you are unclear on the concept of how crowdsourced intelligence works. Replace the notion of "average /. poster" with "the handful of people among a hundred thousand who knows the most about the particular topic being discussed" and go from there. If you're not looking for posts from that handful, you are wasting your time at slashdot.

Re:Nerdcoin Apologists

[Anne+Thwacks]

The average windows machine would take 10 minutes to update because of all the malware. Making that 10 into 11 would go unnoticed.

Surely, if you mine bitcoins, then you have to put the mined bitcoins somewhere. One small hack to replace the coins with bogus ones would make the whole botnet glow like a firefly?

Re:Nerdcoin Apologists

[TheRaven64]

I'm by no means a bitcoin apologist, but I it's not really different from using the same stolen cycles for any other commercial purpose, such as sending spam, hosting phishing sites, launching DDoS attacks, and so on. I wouldn't be surprised if there are cloud providers that run customers' jobs on botnets.

The interesting thing would be if the botnet is sufficiently large that it passes the magical 50% mark required to take control of the entire network.

Re:Nerdcoin Apologists

[leonbev]

Yeah... if you're going to try mining with a botnet, it would make a lot more sense to mine Litecoins instead. The Litecoin mining software still works relatively well with CPU miners, and there is a better chance that the currency is going to appreciate in value.

Re:Nerdcoin Apologists

[peawormsworth]

...making about 7 dollars per hour...maybe 70 dollars per hour...that seems pretty good to me.

Your hourly rate for federal crime is very reasonable. I will contact you, should I need ur services

Re:Nerdcoin Apologists

Interestingly, I think I may be infected. My first hint was slower response to some websites. It's very intermittent though. AVG said I was clean. Malwarebytes found one thing (C:\end). I have no idea where that came from and I removed that..

    I try not to be stupid, but I might not be that smart.

    I don't run as admin and I don't click on executables or strange links in e-mails. It's Win7. Is my ISP just having a few bad days? Seems okay right now. Flame away if you must or ignore me, but any useful advice would be appreciated.

I don't want to be a bot and you don't want me to be a bot. I have a hammer. Should I use that?

Skype is broken

I received a message from a random user last week with an image to click on to download an important security update for Skype. I can see how people would fall for it, since I have messages from unknown users blocked, and the message looked legit (only thing is, the message was a lossy JPG image). Yet somehow, the spammer was able to broadcast his message through Skype's message filtering.

Skype has been terrible the past two or three years. Receiving this message forced me to disable Skype at startup, which is unfortunate because now people have to call me on the phone to make sure I'm available for chat (which defeats the purpose -- we're already chatting on the phone!). Still looking for a replacement (preferably cross-platform), and even then, I have to convince my family and friends to migrate over. And no, I'm not fond of that little Google video chat thing that requires you to have a GMail and talk through a web-browser.

Re:Skype is broken

That's really funny. I'm not a fond of installing an apparently malware ridden application (skype) that wants to load on startup and make my machine vulnerable and chat using a Microsoft account. Teh Google FTW.

Re:Skype is broken

[SternisheFan]

I've a relative who works for the DOJ, and they refuse to use Skype to videochat, citing security reasons.

Good to see how secure bitcoins are though. (cough, cough)

Re:Skype is broken

If you have Chrome and a twitter account, you could try twelephone.com. It uses WebRTC and could eventually prove to be a Skype killer. Firefox should work as well pretty soon, and IE around v13 or so (in 5 years).

Posting AC to preserve mods. I do know the owner of the site, but am not affiliated in any way.

Re:Skype is broken

[Zontar+The+Mindless]

And I worked for years with this site's original webmaster.

So what exactly does this pseudo-name-dropping have to do with the price of tea in China, anyway?

Too little, too late?

[bmxeroh]

This seems a few years late. It's so ungodly difficult to mine now that average Joe's infected computer just isn't going to manage to mine anything. Sure you may get lucky and get this installed on a few super high end machines, but last I heard it's getting hard to even do it with high end gpu's. Now, had this happened at the beginning of bitcoin (and I'm sure it did), the author would have actually stood a chance to make some money here.

Re:Too little, too late?

Enough inefficient machine will still be profitable if sharing work in a pool. The botnet operator would certainly get back more than he was paying for the electricity to mine.

Re:Too little, too late?

[leathered]

That was exactly my thoughts when I first saw the headline. A top-end core i7 can manage a mere 20 Mhashs/s, while a GPU can do 2000 MH/s. The professional miners have moved on from GPUs to custom ASICs that can churn out as much 50GH/s.

The only way the malware purveyors are going to get anything of value out of this is if they get lucky and infect a number of high-end gaming rigs.

Re:Too little, too late?

[dermoth666]

Indeed - from experience an average computer with standard GPU will do between 2 and 20 Mhash/s (not all GPUs will be usable, and most computers around with usable GPUs will have low-end ones). The best GPU's will make a whooping 600 to 900 Mhash/s, and even with that it'll be pretty hard to compete against the ASIC rigs - there's already devices making 60 Ghash/s (60,000 Mhash/s), and the upcoming rigs will do up to 1,500 Ghash/s (that's 1,500,000 Mhash/s!). In a few months the network difficulty will be so high even the best GPU's won't earn anything from mining....

They might make a little bit of cash now if they can infect a lot of computers, but it won't last for long...

Re:Too little, too late?

[ceoyoyo]

A few hundred thousand or a million CPUs with someone else paying the electricity bill can still mine a few bitcoins. A $1500 ASIC setup does 40 or 50 thousand Mhash/s. If the average botnet machine does 50 Mhash/s on it's CPU/GPU you need a thousand infected machines to match that $1500 ASIC. If your botnet goes big and you get a hundred thousand machines, you've got a pretty nice mining setup.

Re:Too little, too late?

[istartedi]

That depends on whether or not they effectively parallelized the algorithm. One Joe can't do it, but if you command a million Joe-bots it might be worth it. Maybe you don't even have to chop up work units. Maybe it's just a question of having enough "tickets" for the odds of one being a winner to go up. Since the tickets cost nothing there's no reason not to play except the possibility of getting caught. Since they're criminals already, "fear of getting caught" is a sunk cost.

Re:Too little, too late?

[pla]

Getting good performance out of a GPU miner takes some tweaking, and very few average home PCs even have GPUs worth mining on anyway (most IGPs and consumer-grade NVidia cards barely count as one more CPU-class device on which to mine, if even possible).

So that really only leaves CPU mining as the no-fuss option. And a typical modern machine will do 3-6 MH/s per core, so figure 24MH/s as an upper limit for any fairly new high-end OEM machine. For comparison, the BitForce Jalapeno - If it ever ships - Will do 5GH/s and costs less than a low-end PC... Or roughly the equivalent of 200 enslaved high-end PCs (or, more realistically, 500-1000 of last year's middle-of-the-road OEM crap Dells/HPs/Lenovos).

That said, you have it somewhat correct - If you can enslave a few thousand halfway decent machines, with someone else footing the electric bill, it might make it financially worth the effort. For the level of legal risk (just talking about running a botnet here, not the risk of some government eventually cracking down on such a convenient currency) vs the cost of buying an ASIC mining rig, however, it doesn't really seem like a worthwhile trade-off.

Re:Too little, too late?

[fuzzyfuzzyfungus]

That was exactly my thoughts when I first saw the headline. A top-end core i7 can manage a mere 20 Mhashs/s, while a GPU can do 2000 MH/s. The professional miners have moved on from GPUs to custom ASICs that can churn out as much 50GH/s.

The only way the malware purveyors are going to get anything of value out of this is if they get lucky and infect a number of high-end gaming rigs.

What I find a bit surprising is that doing something so relatively overt would still be a viable use of a botnet. Running the CPU full tilt, especially given how many computers are ill-cooled and battery powered these days, is something that even a total non-techie is relatively likely to notice. I'm amazed that any bot-herder decided that the increased attrition from being noticed would be less expensive than CPU-mining bitcoins would be valuable(especially when alternatives like keylogging for bank and other valuable logins exist and don't make the fans howl like a legion of the damned).

Re:Too little, too late?

[ceoyoyo]

I'm pretty sure if I were into botnets I'd rather spend a weekend writing something to infect 20,000 machines than spend $15,000 on ASIC miners. That's using your numbers. Plus if someone comes along with a spam or DDOS job for you, you can switch to that, then back to mining when you're done.

If you've got a botnet lying around you might as well use it's off time.

Re:Too little, too late?

[TheRealMindChild]

For mining with the GPU, this requires OpenCL/CUDA SDKs to be installed. If this came packaged with those, it would be the biggest bit of malware I've ever seen (well over 100MB).

That leads the logical conclusion that these will be mining on the CPU.

Re:Too little, too late?

[sourcerror]

Try going to the police with "Somebody is using my computer to mine bitcoins" vs "someone stole money from my bank account".

Re:Too little, too late?

[camperdave]

That was exactly my thoughts when I first saw the headline. A top-end core i7 can manage a mere 20 Mhashs/s, while a GPU can do 2000 MH/s. The professional miners have moved on from GPUs to custom ASICs that can churn out as much 50GH/s.

The only way the malware purveyors are going to get anything of value out of this is if they get lucky and infect a number of high-end gaming rigs.

A 10,000 machine bot running on machines that average 2Mhashes/sec is ten times as effective as your 2000MH/s GPU. It's not the speed of the machines, but the size of the botnet.

Re:Too little, too late?

[dbIII]

They got sucked into the bitcoin scam and you are expecting them to apply reason?

Points at Skype

Hideki!

What happens to those mined bitcoins?

[Freddybear]

So when the user detects and presumably removes the malware, what happens to those mined bitcoins? Do they disappear? Are they still in the malefactor's account? Lastly, is there any chance of tracing and impounding the bitcoin account so that the bad guy doesn't profit?

Re:What happens to those mined bitcoins?

[PRMan]

If a coin were to be successfully mined by grandma's computer (unlikely anyway these, but possible if you have 1 million of them), then I am certain they would immediately transfer it to their bitcoin account using a bitcoin address.

Re:What happens to those mined bitcoins?

[EmperorArthur]

From what I understand, the trick is each miner goes through a search space. If it doesn't find anything, it requests another search space from the control server. If it does, it tells the control server about it. The control server then tells the rest of the world that it found this new bitcoin. If you shut down a machine during a search the control server eventually sees this and has another machine look through the same search space. This is basic parallel programming using a scatter-gather approach with a little bit of management on the server side.

As for the bitcoin itself. There's nothing anyone can do. There is no mechanism within the bitcoin system to declare a bitcoin to have been produced illegally. If the command and control server is shut down then the bitcoin wallet might very well be lost. In that case, the bitcoin is lost forever. See this CCC video about bitcoin loss, deflation, and why that's a bad thing. https://www.youtube.com/watch?feature=player_detailpage&v=-FaQNPCqG58#t=1137s As cool as bitcoin is, it has serious problems which will keep it from being used in day to day life. Hyped Example: http://www.newstatesman.com/economics/2013/04/bitcoin-hyperdeflation

The idea behind this malware is kind of neat though. It's not stealing log in credentials, so it doesn't need to do browser interception and then have the hacker physically dealing with banks. It doesn't preform ddos attacks or send spam, so it doesn't use any network resources except for talking to the command and control server. If it's written correctly, it should run at low priority with a small memory footprint. It might be using 100% CPU, but on a desktop machine, the user would probably never even know its there.

Re:What happens to those mined bitcoins?

So when the user detects and presumably removes the malware, what happens to those mined bitcoins? Do they disappear?Are they still in the malefactor's account?

I would doubt the keys for the address the bitcoins end up in are stored on the infected machine.

Lastly, is there any chance of tracing and impounding the bitcoin account so that the bad guy doesn't profit?

No, Bitcoin was designed intentionally to not allow that sort of thing. Not so much to protect bad guys, of course, but to protect someone like a political dissenter from the government seizing/freezing their funds to silence them. Unfortunately you can't have one without the other.

Re:What happens to those mined bitcoins?

[DanielRavenNest]

Miners are looking for the lottery number (nonce) such that it plus a set of new bitcoin transactions and the hash of the previous block generates a new hash with a lot of leading zeros. The exact number the new hash has to be below is set by the total hashing power of the network. Thus the difficulty of the lottery is adjusted so that a new block is found every 10 minutes. If you win the lottery, you get to include 25 newly created bitcoins addressed to your own account, plus any transaction fees. At the moment this is worth $3500 or so per block.

Any hash calculation which does not result in a new block gets nothing. It is a losing lottery ticket, and the unwilling botnet victim just wasted electricity. The botnet operator only makes anything if they discover a winning number and publishes the new block. The combined hashing power of the network is 5 times the 120 Petaflops of the Top500 list of supercomputers *combined*. So unless the botnet operator has an asounding number of bots, odds are he hasn't earned anything.

The nature of the bitcoin network is there is no way to tell a botnet from a fast but legitimate mining rig *within the network*. If you submit a correctly formed block, it gets accepted by the other nodes in the network and added to the permanent transaction history (block chain). You might be able to match IP address of the botnet controller to the bitcoin node address, but I assume anyone smart enough to run a botnet knows how to use proxies to mask their location.

By design, transactions are irreversible, and accounts cannot be impounded by anyone, because accounts exist in a distributed form on multiple copies of the block chain (every node has a full copy). As a user, you have a private key to sign new transactions, which proves you own the account. The most you could do is seize the private key if you can find the perpetrator, and then take their balance from them. If they had already spent their balance on sex, drugs, and rock-n-roll, though, the money is gone, because *transactions are irreversible*.

Although this allows evil botnet operators to function, the tamper-resistance of bitcoin also prevents governments from seizing accounts or taxing them without first finding the owners. This is not easy, because although the transaction history is public, owner names are not part of the history, just account numbers and how many bitcoins to transfer.

Re:What happens to those mined bitcoins?

[IamTheRealMike]

As cool as bitcoin is, it has serious problems which will keep it from being used in day to day life.

Bitcoin does indeed have problems that make it hard to use in daily life, but "deflation" is not one of them. BitPay has reported that when the value of a Bitcoin rises their transaction rate goes up not down, as macro-economists would predict. Perhaps because holders of coins feel rich and start to splash out. This should not surprise us. The consumer electronics industry has been in a permanent state of economy-destroying inflation since pretty much forever yet even better and cheaper smartphones/mp3 players/etc continue to fly off the shelves. And in case you'd like observations more rigorous, there is no empirical evidence of a link between deflation and depression.

Anyway, obviously the goal is that nobody loses Bitcoins through carelessness - there are many strategies to help people back up their keys, and over time they will become widely implemented and used.

Re:What happens to those mined bitcoins?

[Erk2]

Good luck, if someone is smart enough to write this kins of malware then they are going to be smart enough to move the coins, especially if the wallet IP is in the mountains of China or similar.

Re:What happens to those mined bitcoins?

[Jeremi]

It might be using 100% CPU, but on a desktop machine, the user would probably never even know its there.

Is there a way to keep your program's CPU usage from showing up in Task Manager (etc)? If so, then the only other thing you'd need is a way to keep the computer's fans at their nominal levels so that the extra noise wouldn't tip the user off, and you're golden (at least until the computer catches fire).

Re:What happens to those mined bitcoins?

[Jeremi]

If you win the lottery, you get to include 25 newly created bitcoins addressed to your own account, plus any transaction fees. At the moment this is worth $3500 or so per block.

Hmm, for $3500 per block, I wonder if anyone has set up a "miner parasite" malware -- it would infect as many legitimate BitCoin-mining machines as possible, then do nothing until a mining machine discovered a winning hash. At that point it would intercept the miner's announcement of the winning hash code at the network level, so that instead of the announcement going out to the BitCoin network, it would go out to the malware creator's machine instead. The malware creator would then cash in on the new blocks at his leisure.

Easy profit, right? Much simpler than buying and setting your own mining hardware or running a massive botnet... :)

Re:What happens to those mined bitcoins?

[EmperorArthur]

For 99% of users it doesn't matter. Computers are the magic black boxes that either work or they don't.

While it might be fun to write a program that disables all thermal protections and stops the fans, it's quite a different challenge than a simple bitcoin miner.

I have enough trouble trying to set things using the officially provided drivers. Controlling hardware on an unknown machine... Anyone who could do that shouldn't have any trouble making quite a bit of money.

Re:What happens to those mined bitcoins?

[Chuckstar]

If they are mining in a pool, then it doesn't matter if they find the block. The more computation you contribute to the pool, the bigger % you get of the 25 BTC if the pool as a whole wins the lottery. It means there's a much higher probability of the botnet controller making money than the way you are describing.

Re:What happens to those mined bitcoins?

[jones_supa]

While it might be fun to write a program that disables all thermal protections and stops the fans, it's quite a different challenge than a simple bitcoin miner.

Of course you wouldn't disable thermal measures but instead add little moments of idle to the loop to keep the CPU utilization down.

Re:What happens to those mined bitcoins?

[Sigma+7]

If you have the malware that can detect a "winning block" being sent from a computer, then you can also extract the private key from said miner (and pull the coin out from under the worker.)

Re:What happens to those mined bitcoins?

[TheRaven64]

BitPay has reported that when the value of a Bitcoin rises their transaction rate goes up not down, as macro-economists would predict

You're confusing long and short-term trends. If there is a consistent long-term trend upwards, then economics predicts that people will hold, because it's the rational thing to do. If there is a lot of volatility, then it predicts that people will sell when the value goes up and buy when it goes down. This means that you'd expect a lot of high-frequency trades when the value spikes, as people cash out. They'll then buy slowly at the bottom (so as not to push the price up too fast) and then sell again at the top.

Re:What happens to those mined bitcoins?

Is there a way to keep your program's CPU usage from showing up in Task Manager (etc)?

There are two ways to achieve this. Either through a rootkit or by exploiting imperfections in the accounting.

A rootkit means you need to acquire privileges which allows you to modify the kernel. And if you mess up and do something incompatible with that particular kernel version, it can get very visible (like crashing the system).

The other method of exploiting the accounting means that if the algorithms, the kernel uses to calculate how much CPU time a process has spend, are a bit too naive, then you can trick them into miscalculating the CPU time spend.

In typical usage scenarios once a process has been given the CPU it either uses its entire time slice, or it gives up the CPU after using only a fraction of the time slice. Because of that you can get fairly accurate accounting by simply taking not of which process got interrupted by the timer tick.

But this naive algorithm breaks down for some real legitimate applications as well as if it is being actively abused. A legitimate application showing this behaviour could be observed years back, when playing an MP3 file actually took a significant fraction of CPU time. During a time slice a certain number of samples needs to be played, and decoding those samples takes some CPU time, but less than a full time slice. So an MP3 player would rarely use a full time slice, and thus appear to be using almost no CPU time.

I have observed that sort of miscalculation on Linux at the time. But since this is an artefact of the simplest possible way to compute CPU usage, it is quite likely other systems have made the same mistake. I don't know if there are still systems vulnerable to this.

If you ran a CPU intensive application at the same time, it would get all CPU time left over by the MP3 player. If the MP3 player spend the first 10% of the time slice, the CPU intensive application could get the rest. At the timer tick, the CPU intensive application would be active, and thus accounting would show it had used that time slice. Effectively the CPU intensive application would get 90% of the CPU time, but would show up as getting 100%. You could only observe the difference from the CPU intensive application being slowed down, as it wasn't really getting 100%. And as the MP3 player appeared to be using hardly any CPU time, it would keep being prioritized and thus allowed to go first in the time slice.

A nefarious process with a bit of knowledge about how accounting works, could check the TSC after each hash calculation. With that information it could go to sleep just before accounting kicks in. Then it can get immediately woken up by the timer tick, and the kernel may assume it had been sleeping most of the time.

A nefarious process getting this trick wrong would show up as consuming a lot of CPU, but it wouldn't be any more visible than it would have been, had it not attempted this trick in the first place.

This trick can be defeated by more accurate accounting. For example the kernel could use the TSC to calculate the exact fraction of the time slice, which the process has actually spend. This is only slightly more complicated than the naive accounting method. On another architecture with no TSC or anything like it, the accounting can treat time slices differently depending on whether they were consumed by a single process or if they were being shared among multiple processes.

Re:What happens to those mined bitcoins?

At that point it would intercept the miner's announcement of the winning hash code at the network level, so that instead of the announcement going out to the BitCoin network, it would go out to the malware creator's machine instead.

If bitcoin is properly designed, the input for the hash function contains the public key of the account as well, such that at that point it is not possible to transfer the block payment to another account. Of course it could be transferred using the corresponding secret key, but of course that secret key doesn't have to be on the machine doing the mining.

But a trojan could of course still steal mined bitcoins by using a different public key in the first place. If you want to run such a thing without being detected, you need to figure out what percentage of the money you can take without being noticed. If that percentage was for example 50%, you could alternate between the legitimate public key and your own public key.

Re:What happens to those mined bitcoins?

[Rich0]

The idea behind this malware is kind of neat though. It's not stealing log in credentials, so it doesn't need to do browser interception and then have the hacker physically dealing with banks. It doesn't preform ddos attacks or send spam, so it doesn't use any network resources except for talking to the command and control server. If it's written correctly, it should run at low priority with a small memory footprint. It might be using 100% CPU, but on a desktop machine, the user would probably never even know its there.

Indeed, it doesn't even need to have an exploit. If you implemented a miner in Javascript you could just stick it in an advertisement and have it crunch away in a sandbox. Granted, you couldn't keep it running when the tab is closed and it would be slow in Javascript, but it would work just fine.

Even if mining on non-specialized hardware is inefficient it doesn't cost the operator anything, and it greatly reduces their risk of being caught, assuming they don't use the stolen bitcoins in any traceable transactions (the bitcoins are always traceable, but to be caught you have to use them in some transaction that can link them up with your real-world identity).

Re:What happens to those mined bitcoins?

[dkf]

Even if mining on non-specialized hardware is inefficient it doesn't cost the operator anything, and it greatly reduces their risk of being caught, assuming they don't use the stolen bitcoins in any traceable transactions (the bitcoins are always traceable, but to be caught you have to use them in some transaction that can link them up with your real-world identity).

The bitcoins would look entirely legit, as they wouldn't need to be actually minted on the zombie; the distributed client could just report the key information back to the C&C server which would then do the actual minting (very easy, as there would be no search required). From the outside world's perspective, it would look just like the C&C server has lots of kick-ass hardware to do the searching.

Re:What happens to those mined bitcoins?

[IamTheRealMike]

But the long term trend with Bitcoin has been upwards in both value and transaction volume. So what economics predicts simply doesn't line up with reality, no matter which way you slice the data.

Re:What happens to those mined bitcoins?

[uninformedLuddite]

there is no empirical evidence of a link between deflation and depression.

never had to take Viagra have you?

Re:What happens to those mined bitcoins?

[uninformedLuddite]

Lots of people leave their computers on 24/7. Just run the miner while it is idle.

Re:What happens to those mined bitcoins?

[TheRaven64]

No, economics predicts that two factors will affect the transactions. One is that, as a commodity with a long-term trend that goes upwards, the rational strategy is to hold. The other is that, as a highly volatile commodity, it is possible to make a lot of money by buying at the peaks and selling at the troughs. Currently, Bitcoin is sufficiently volatile that the effects of the latter outweigh the effects of the former: it is possible to make a lot more money from the noise than from the growth. The same is true of any highly volatile stock with a long-term growth trend, for example Apple stocks over much of the last decade.

Re:What happens to those mined bitcoins?

[Rich0]

Good point - wasn't really thinking of that but it would be hard to ID the bitcoins that used the botnet for aid.

Mining for bitcoin, undermines bitcoin

[Qwavel]

This idea that you can 'mine' for bitcoins is what makes me not take it seriously. It seems so arbitrary and ridiculous.

In the future, if they want to issue more bitcoin, I hope they will instead allow people to exchange other currencies for bitcoin, and setup a foundation (or something like that) which will use the currency that is raised to further the interests of the bitcoin ecosystem.

Re:Mining for bitcoin, undermines bitcoin

hmm I don't think you get it.

Mining for bitcoin is the same process as maintaining the bitcoin network.

They are in effect being paid to run the bitcoin network.
Given the author of bitcoin is anonymous, it's unlikely he/she/it would be able to setup a foundation anonymously.
And even if they did, it would reduce bitcoin to nothing more than any of the numerous pre-existing failed e-currencies.

You can trust a open source piece of software run on millions of computers more than you can trust a foundation.

Re:Mining for bitcoin, undermines bitcoin

You can trust a open source piece of software run on millions of computers more than you can trust a foundation.

I have no idea how to compare trust of the two. But widely used open source have been proven before to have serious vulnerabilities overlooked for years and years - like fx Sendmail.

Re:Mining for bitcoin, undermines bitcoin

[pla]

This idea that you can 'mine' for bitcoins is what makes me not take it seriously. It seems so arbitrary and ridiculous.

I know, right? Like those lumps of yellow metal or shiny hunks of clear carbon we mine from the Earth. Entirely arbitrary and ridiculous to assign any value to them. ;)

If it makes more sense to you, it may help to stop thinking of it as "mining", and instead consider it as pay for doing the work necessary to add transactions to the blockchain.

Re:Mining for bitcoin, undermines bitcoin

Do some reading honey. The mining is what Bitcoin does...

Re:Mining for bitcoin, undermines bitcoin

cept those lumps of metal are physical items that can be used for more than money, bitcoin is imaginary and doesnt even act as a good currency let alone anything else

Re:Mining for bitcoin, undermines bitcoin

maybe Bitcoin was commissioned by computer hardware providers that wanted to give the processor market a boost when the Credit Crunch was at its worst.

Re:Mining for bitcoin, undermines bitcoin

[icebraining]

You should read up on the Bitcoin protocol/architecture. "Mining" isn't arbitrary, it's how the system verifies transactions and prevents double spending - you need mining for the whole system to work.

The fact that new coins can be gain from mining is not arbitrary either: first, it encourages people to mine, and therefore strengthens the network. Second, a big part of the Bitcoin appeal is that nobody can just inflate away the value of the coins one owns.

You may disagree with it, but it's definitively not arbitrary.

Re:Mining for bitcoin, undermines bitcoin

Mining is a HUGE waste of electricity.

Absolutely futile

[Khyber]

Had this been done with litecoin or namecoin, I could see some profit. Bitcoin? Sorry, difficulty rating is too high and just keeps going up.

On top of that, the type of people likely to click on this are also already likely exploited and running with limited system resources as-is.

Even the entire skype userbase couldn't stand up to the raw power behind half of the mining farms already out there.

What a stupid malware author.

Re:Absolutely futile

[dbIII]

What a stupid malware author.

They got sucked in by the bitcoin scam, but are using somebody else's electricity so they sound a bit less stupid than the usual mark for the bitcoin scam.

Re:Microsoft Apologists

I wonder how they are going to spin this one. *munches popcorn*

Oh wait, you've just shown us....

CPU Bitcoin Mining still makes sense for Botnets

[mathimus1863]

To the people that are saying it's not worth it for malware or botnets to mine coins with CPUs... a single CPU does about 4 MH/s. If 250,000 computers all over the world are affected, that's 1 TH/s, which is about 67 BTC/day at the current difficulty. About $1,000/day, or $30,000/month. Scale appropriately for how many computers are affected.

Yes, it's a waste of time and electricity for an individual to mine Bitcoins with their CPU, but if you have access to 100,000+ machines doing it, and you're not paying for the electricity, it's obviously worth it.

Re:CPU Bitcoin Mining still makes sense for Botnet

To the people that are saying it's not worth it for malware or botnets to mine coins with CPUs... a single CPU does about 4 MH/s. If 250,000 computers all over the world are affected, that's 1 TH/s, which is about 67 BTC/day at the current difficulty. About $1,000/day, or $30,000/month. Scale appropriately for how many computers are affected. Yes, it's a waste of time and electricity for an individual to mine Bitcoins with their CPU, but if you have access to 100,000+ machines doing it, and you're not paying for the electricity, it's obviously worth it.

Skype has 280 million active (monthly) users. Let's say the upper limit for something really virulent is infecting 5% of user base (Mac Flashback infected 1% of Internet connected Macs). That is 14 million machines. Using you calculation, that would generate $56.000/day or $1.7 million/month (but at this scale it would change the difficulty, but still generate very very significant money).

Re:SKYPE !! SOUNDS LIKE IT RIPS SOMEONE OFF !!

Which part of "Microsoft product" did you not understand?

Re:CPU Bitcoin Mining still makes sense for Botnet

[Smerta]

...about 67 BTC/day at the current difficulty. About $1,000/day, or $30,000/month.

WUT?

67 BTC/day == $1,000/day? In other words - $16/BTC?

I thought it was more like $140 or so?

Maybe just add another zero in there...

Interesting . . .

[Kimomaru]

"To avoid this threat and others like it, don’t click on random links you receive on Skype. You’ll be doing yourself a favor, helping stop the spread of malware, and ensuring criminals get a smaller pay day." Or don't use Skype at all, problem solved. A dead giveaway that a product is no good is whether it's owned by Microsoft.

Ahh yes Bitcoin

[Dunbal]

The virtual currency that is "safe", despite numerous examples of exchange hacks and theft. The virtual currency that is "better than cash", but fluctuates in value up to 10% in a matter of hours. And the virtual currency that is experiencing record hyperinflation over the past few days. I wonder what happens when buyers realize that they will be paying "double the price in dollars" for their purchase between the time they enter an order and they receive their purchase. Wouldn't it make sense to hold off on your purchase if tomorrow your current bitcoin wallet can get you more? When we reach this stage of equilibrium between the massive inflating bubble that is Bitcoin and the deflationary drag on the actual bitcoin economy, people will suddenly realize how useless it is as a currency, vendors will stop accepting it, and the whole damned bubble will crash leaving a lot of hopefuls bereft of their life's savings (because look at that graph, we'll be filthy rich!), and a few Russian crime-lords much, much richer.

Re:Ahh yes Bitcoin

When we reach this stage of equilibrium between the massive inflating bubble that is Bitcoin and the deflationary drag on the actual bitcoin economy, people will suddenly realize how useless it is as a currency, vendors will stop accepting it, and the whole damned bubble will crash leaving a lot of hopefuls bereft of their life's savings (because look at that graph, we'll be filthy rich!), and a few Russian crime-lords much, much richer.

Okay, so how come none of that has happened yet even after multiple high-profile hacks and price crashes over the last several years? Each time something like that happens, plenty of people repeat every point you just made and insist that Bitcoin is going away this time for sure. But it only seems to get more popular over time. Please explain that.

And no, I don't own any Bitcoins or have any particular investment in its success (beyond academic interest), so please don't deflect the question with accusations of such.

Re:Ahh yes Bitcoin

[Dunbal]

Tulips got real popular at one time, too. Bitcoin is now trading at $140+/per unit, and the curve is very sharply up. In fact anyone who knows anything about markets will tell you, it's not sustainable. When Bitcoin is at a few thousand dollars a unit - next week or so at this rate - and people start getting REALLY greedy, that's when the fun will begin. Demand has to be based at least partly on something other than human greed. But yeah go take out a second mortgage and put it all in bitcoin. You could be rich within a couple weeks. Or more likely, you'll have to pay off a second mortgage the hard way...

Re:Ahh yes Bitcoin

You didn't explain anything, you just repeated your assertion that it's all going to come crashing down Real Soon Now, Just You Wait. And your requisite tulip reference does not account for how that bubble expanded and popped in a matter of months . If Bitcoin were truly analogous to tulip-mania, it would have collapsed and faded away entirely by 2011 or so.

So I'll ask again: Please explain why Bitcoin has become more popular over time in spite of high-profile events that prompted predictions like the one you made, and why your prediction is more credible than its predecessors.

Re:Ahh yes Bitcoin

[icebraining]

The virtual currency that is "safe", despite numerous examples of exchange hacks and theft.

What one has in an exchange isn't bitcoins, it's credit which they promise to exchange for bitcoins. It's bank money.

Wouldn't it make sense to hold off on your purchase if tomorrow your current bitcoin wallet can get you more?

It depends; the utility of having the item now may be greater than the gain by waiting. Otherwise, nobody would ever by phones, computers, cars, etc, since by waiting people could always get something better. Yet, these markets have a very high amount of sales.

Note: I don't own any Bitcoins; I think for now they're nothing but a speculator's toy. But I'm not writing them off just yet.

Re:Ahh yes Bitcoin

[Dunbal]

I can't "explain" an event that hasn't happened yet, except point out similarities to past events that this one so far is matching pretty well. But I'll just let this graph stand as an example of the past few days. Zoom out a little, say to the "D3" three day chart. If I was a retailer selling a $10 item and accepting bitcoin, I would currently have to be adjusting the price every minute. Does this make sense for a currency? Absolutely not. Better yet, when more money piles into bitcoin and prices elevate higher, a minor 0.1% fluctuation in bitcoin price could, as a vendor, represent my profit margin.

You cannot build a medium of exchange that lacks one of the basic components of accepted mediums of exchange: stability. A chicken is a chicken is a chicken. An ounce of gold is an ounce of gold. A US dollar, while not stable, degrades relatively slowly over time. Bitcoin? Let's not speculate. Look at the chart. Absolutely unusable as it stands, other than a medium of speculation. The long term prognosis is even worse if more greed and more money piles into the system. But hey, whatever man.

Re:Ahh yes Bitcoin

[Zontar+The+Mindless]

Personally I think it'd be easier to talk to a Catholic about the illogic of transubstantiation, but you go right ahead.

Re:Ahh yes Bitcoin

I can't "explain" an event that hasn't happened yet

I'm not asking you to explain a future event. I'm asking you to explain past and current ones. Bitcoin has had multiple high-profile thefts and prices crashes that, according to the reasoning you outlined in your OP, should have resulted in Bitcoin being completely abandoned in short order. But it didn't happen. I'm asking you to explain why not, and why your prediction is valid in light of that.

except point out similarities to past events that this one so far is matching pretty well.

But you haven't done that. The only past event you've compared Bitcoin to was the Dutch tulip bubble, and I already showed you a dissimilarity that invalidates that particular comparison.

If I was a retailer selling a $10 item and accepting bitcoin, I would currently have to be adjusting the price every minute. Does this make sense for a currency? Absolutely not. Better yet, when more money piles into bitcoin and prices elevate higher, a minor 0.1% fluctuation in bitcoin price could, as a vendor, represent my profit margin.

And yet, there are retailers who do accept Bitcoin, and that number is growing, not shrinking. And unless you have evidence to the contrary, I think it is safe to assume that those retailers don't adjust their prices "every minute", even with that understood as a hyperbolic figure. Please explain that.

Again, I'm not invested in Bitcoin in any way. It could disappear from the face of the earth tomorrow, and I wouldn't give a damn. But I can't help but notice that predictions of its imminent doom like yours have been thrown at it since its inception, and that each and every one of those predictions has been wrong.

Re:Ahh yes Bitcoin

[servognome]

Okay, so how come none of that has happened yet even after multiple high-profile hacks and price crashes over the last several years? Each time something like that happens, plenty of people repeat every point you just made and insist that Bitcoin is going away this time for sure. But it only seems to get more popular over time.

I remember that arguement in the late 90's. "Netscape missed its earnings target, but it's getting more popular so buy buy!" or "The whole industry is overvalued, but that's not a problem because it's a new economy. Just look at how stock prices are going up"

Re:Ahh yes Bitcoin

I agree. I like bitcoins, but the reason why their price is skyrocketing is not that people are finding them useful as a currency. It is because they expect the price to increase even more in the future. I.e. this is a bubble driven entierly by speculation, just like the Tulip bubble (which is just the first of many such bubbles in history). By idling in #bitcoin on freenet, I've also seen that people were excited about bitcoins as a means of investment, not because of the stuff they could directly use it for, confirming the speculation interpretation.

Re:Ahh yes Bitcoin

[Dunbal]

You haven't even looked at the graph, have you? Yeah there are vendors that do accept BitCoin. Say you want to buy, er, a "t-shirt" on silk road. Your 1 Bitcoin t-shirt last week still costs 1 Bitcoin today. Except 1 Bitcoin was $30 last week, now it's $150+ (as of this morning). Still going to buy that t-shirt? Didn't think so. So the vendor has to drop his price to 0.20 Bitcoin today for the same tshirt, or he isn't going to sell any. Just stop being so damned dense and look at the graph. You cannot have a medium of exchange that is changing in value 500% a couple weeks.

Re:Microsoft Apologists

Dumb as it is, how did your parent comment come off as "Microsoft apologist"?

The only possible answer is that it didn't, and that you're engaging in the same type of intellectually lazy dishonesty as the person you think you're mocking.

Nice Messenger migration welcome

[vlueboy]

In case you have not heard, Hotmail's PC chat application, Messenger, is two days from being sunset in favor of Skype. That will be causing a massive migration from users who ignored repeated upgrade emails from the MS team.
Just when I thought it was hard to convince my long-term guests that they should ignore the Messenger Icon, forcing themselves to learn the freshly installed Skype forced down our throats, I have to worry about their malware risks from a new vector of attack.
I very sparingly use the hotmail/live/OUTLOOK/identityCrisisNameDUJOUR account, and would have uninstalled it if I didn't have said friends from a land where people KNOW nothing else*. The loss of Hotmail integration, loss of social media-ish features, and bold GUI design choices to force you to try their $$$ calling plans really is making me consider shutting the doors on the account.

*We stay off FB. They know OF Yahoo Messenger which I never use. My GTalk is unknown to them and all this stinks of network effects.

who really didn't see this coming??

But its needed. There's the greater fool running by the dozens into this virtual currency, which "can't" be manipulated. My ass. This is a prime example of just one of the many downfalls of it. I won't go into others to stay on topic. And to think this hasn't already been common practice... well - if you think that, you might want to check for a miner running on your system right now.

Honeypot possible

[Animats]

Someone might modify the malware to still generate Bitcoins, but to record the coins generated. Then watch the blockchain to see who spends them. Bitcoins aren't anonymous. Mt. Gox has on at least one occasion frozen an account due to possession of "tainted" coins.

Bitcoin isn't as distributed as many enthusiasts think. 80% of transactions go through Mt. Gox, a/k/a Magic, the Gathering Online Exchange.

Re:Honeypot possible

Bitcoin isn't as distributed as many enthusiasts think. 80% of transactions go through Mt. Gox, a/k/a Magic, the Gathering Online Exchange.

Really? Isn't it more like 50% of external currency transactions nowadays, and less than that when counting internal bitcoin transactions?

Re:CPU Bitcoin Mining still makes sense for Botnet

[IamTheRealMike]

A 250,000 machine botnet is extremely large, that puts you up in the worlds largest active botnets. Building and maintaining such a thing is not easy at all. To mine off that, you need to run a pool server that those machines can all get work from (as the existing pools will all ban you), which is a rather complex scaling problem all by itself, and then you have the fact that it's all a time limited technique. ASIC hardware has, from what I understand, finally started to ship in significant numbers from the Avalon guy and people will be wiring them in and starting them up over the next few months, which will shortly make just 1 terahash/sec not very much at all.

All things considered, whilst botnet mining can make sense today (especially with gpu miners), the perps know that it won't last.

Windows malware propagating across Skype?

[dgharmon]

`A new piece of [Windows] malware propagating across Skype has been discovered that tries to convince the recipient to click on a link. What makes this particular threat different is that it drops a Bitcoin miner application to make the malware author money. While malware has both spread on Skype and mined Bitcoins before, putting the two together could be an effective new strategy.`

Turning in my nerd card.

Posting AC because of the shame... While on vacation, I passed by to visit one of my grandmothers, whose computer I built 4 years ago was acting up... (note her last computer had a lot of malware on it, and was sooo slow). I used a slim mATX case, and the ram I got wouldn't fit in two of the slots' space... so she had 2GB of ram. While there, she again had a lot of crap and was likely infected. I cleaned off as much as I could, disabled all the browser plugins, updated the AV. I still didn't trust it and was going to do a clean install of Ubuntu instead of windows, to keep her safer (she had half a dozen of the drive by "ur system is slow, scan now?" type crap)... In any case, I went to Best Buy to get a usb drive to put the installer on, and grabbed 4GB of DDR2 as well (way overpriced). I ran into issues getting Ubuntu's install to even recognize the drive for partitioning, funny that it could read the hdd... I decided to leave Windows in place and with the extra ram it ran a lot better...

I was only there for one night, and just didn't have the time. It's really a shameful thing to me. It probably would have taken some time to make sure her eReader would be working anyhow.. I did de-DRM her eBooks, and back up her stuff... but just really wish I had another day to get it all done.

Re:Turning in my nerd card.

[noh8rz10]

what the hell are you talking about??!?! what does this have to do with the thread!?!?!

Re:Turning in my nerd card.

Cool story.

Re:Turning in my nerd card.

[Zontar+The+Mindless]

It did not turn into one of those cacophagy or homos-in-the-hayloft trolls.

Be content.

Re:Turning in my nerd card.

[retchdog]

coprophagy.

cacophagy isn't typically considered a word, but read in greek it would mean "eating of evil".

Re:Turning in my nerd card.

[Zontar+The+Mindless]

THINGS NOT TO DO BEFORE MORNING COFFEE ( updated ):

1. ...
2. ...
3. ...
4. Operate heavy equipment.
5. Juggle Greek prefixes without exercising the utmost care.

Thanks.

Re:CPU Bitcoin Mining still makes sense for Botnet

"(as the existing pools will all ban you),"

What basis do you have for this?

Games

Better yet spread them on massive game networks that way you know they have a better GPU. Lol

Re:CPU Bitcoin Mining still makes sense for Botnet

[IamTheRealMike]

They've been doing it a long time. That's why the ZeroAccess guys run their own pool (or tried to at least).

idiotic

[slashmydots]

The new mid-level BFL mining chip can perform 60,000MH/s at 80 watts. My i5-2400K can do 14MH/s, my Nvidia GTS450 can do about 40MH/s, and my Radeon 5830 would have been able to do about 220MH/s under ideal circumstances and maxed out. So, this is so far into the not worth it category, it's comical.

Re:idiotic

[gweihir]

Well, criminals are typically idiots. Otherwise they would go into accepted work for amoral characters, like banking, insurance or politics.

Re:idiotic

If your nodes aren't doing anything else, they might as well some default activity to fall back on.

Re:idiotic

[UpnAtom]

I believe the current difficulty of mining bitcoins is fixed until it becomes impossible. As they're currently going at an astonishing $145 (quadrupled over a month), it's extremely profitable to mine on ATI card. However, the FPGA will flood the market with Bitcoins and we willl see the price dropping, maybe crashing.

Re:idiotic

[uninformedLuddite]

As a criminal I resent that. Many criminals have standards and would not touch banking, insurance or politics as a career. Stealing from any of those three is quite acceptable.

Re:CPU Bitcoin Mining still makes sense for Botnet

Not to mention that at least some of those machines might have GPUs

First example of stealing clock cycles?

This is the first I have ever heard of a virus that is effectively stealing compute power is this the first documented case or have there been many before?

Re:First example of stealing clock cycles?

Huh? ALL malware steals computing power in one way or another.

Re:CPU Bitcoin Mining still makes sense for Botnet

"They've been doing it a long time."
What basis do you have for this?

Re:CPU Bitcoin Mining still makes sense for Botnet

[UCFFool]

My 6 year old computer with a slightly upgraded processor (Athlon X2 5200+) is ~ 3MH/s as a reference point.

This is not malware,

This is a new revenue stream developed by Microsoft.

Acronym proposal

For tagging purposes: Not Another Bitcoin Article (NABA)

Only important question ... OS dependencies?

[RockDoctor]

There's only one interesting question about this : what OS does it run on, or what other platform (JS, Java, whatever)?

Security firm Kaspersky discovered the threat, which it names Trojan.Win32.Jorik.IRCbot.xkt,

Assuming that Kaspersky are not complete and utter idiots, and that the Win32 element of the name means what it normally means, I have no further interest in the story.

Bye.