New Skype Malware Uses Victims' Machines To Mine Bitcoins

An anonymous reader writes "A new piece of malware propagating across Skype has been discovered that tries to convince the recipient to click on a link. What makes this particular threat different is that it drops a Bitcoin miner application to make the malware author money. While malware has both spread on Skype and mined Bitcoins before, putting the two together could be an effective new strategy."

What happens to those mined bitcoins?

[Freddybear]

So when the user detects and presumably removes the malware, what happens to those mined bitcoins? Do they disappear? Are they still in the malefactor's account? Lastly, is there any chance of tracing and impounding the bitcoin account so that the bad guy doesn't profit?

Re:What happens to those mined bitcoins?

[EmperorArthur]

From what I understand, the trick is each miner goes through a search space. If it doesn't find anything, it requests another search space from the control server. If it does, it tells the control server about it. The control server then tells the rest of the world that it found this new bitcoin. If you shut down a machine during a search the control server eventually sees this and has another machine look through the same search space. This is basic parallel programming using a scatter-gather approach with a little bit of management on the server side.

As for the bitcoin itself. There's nothing anyone can do. There is no mechanism within the bitcoin system to declare a bitcoin to have been produced illegally. If the command and control server is shut down then the bitcoin wallet might very well be lost. In that case, the bitcoin is lost forever. See this CCC video about bitcoin loss, deflation, and why that's a bad thing. https://www.youtube.com/watch?feature=player_detailpage&v=-FaQNPCqG58#t=1137s As cool as bitcoin is, it has serious problems which will keep it from being used in day to day life. Hyped Example: http://www.newstatesman.com/economics/2013/04/bitcoin-hyperdeflation

The idea behind this malware is kind of neat though. It's not stealing log in credentials, so it doesn't need to do browser interception and then have the hacker physically dealing with banks. It doesn't preform ddos attacks or send spam, so it doesn't use any network resources except for talking to the command and control server. If it's written correctly, it should run at low priority with a small memory footprint. It might be using 100% CPU, but on a desktop machine, the user would probably never even know its there.

Re:What happens to those mined bitcoins?

[IamTheRealMike]

As cool as bitcoin is, it has serious problems which will keep it from being used in day to day life.

Bitcoin does indeed have problems that make it hard to use in daily life, but "deflation" is not one of them. BitPay has reported that when the value of a Bitcoin rises their transaction rate goes up not down, as macro-economists would predict. Perhaps because holders of coins feel rich and start to splash out. This should not surprise us. The consumer electronics industry has been in a permanent state of economy-destroying inflation since pretty much forever yet even better and cheaper smartphones/mp3 players/etc continue to fly off the shelves. And in case you'd like observations more rigorous, there is no empirical evidence of a link between deflation and depression.

Anyway, obviously the goal is that nobody loses Bitcoins through carelessness - there are many strategies to help people back up their keys, and over time they will become widely implemented and used.

CPU Bitcoin Mining still makes sense for Botnets

[mathimus1863]

To the people that are saying it's not worth it for malware or botnets to mine coins with CPUs... a single CPU does about 4 MH/s. If 250,000 computers all over the world are affected, that's 1 TH/s, which is about 67 BTC/day at the current difficulty. About $1,000/day, or $30,000/month. Scale appropriately for how many computers are affected.

Yes, it's a waste of time and electricity for an individual to mine Bitcoins with their CPU, but if you have access to 100,000+ machines doing it, and you're not paying for the electricity, it's obviously worth it.

Re:Mining for bitcoin, undermines bitcoin

[pla]

This idea that you can 'mine' for bitcoins is what makes me not take it seriously. It seems so arbitrary and ridiculous.

I know, right? Like those lumps of yellow metal or shiny hunks of clear carbon we mine from the Earth. Entirely arbitrary and ridiculous to assign any value to them. ;)

If it makes more sense to you, it may help to stop thinking of it as "mining", and instead consider it as pay for doing the work necessary to add transactions to the blockchain.

Re:Nerdcoin Apologists

[Joce640k]

Keep in mind that as a zombie computer becomes more "obvious"- computer is slower, fan runs at 100% all the time, etc, the more likely that the malware will be noticed and removed.

Typical geek thinking.

So what if it gets removed? If it ran for a week on 100,000 machines with somebody else paying for the electricity then it was totally worth it.

Re:Mining for bitcoin, undermines bitcoin

[icebraining]

You should read up on the Bitcoin protocol/architecture. "Mining" isn't arbitrary, it's how the system verifies transactions and prevents double spending - you need mining for the whole system to work.

The fact that new coins can be gain from mining is not arbitrary either: first, it encourages people to mine, and therefore strengthens the network. Second, a big part of the Bitcoin appeal is that nobody can just inflate away the value of the coins one owns.

You may disagree with it, but it's definitively not arbitrary.