According to a post on Securelist by Kaspersky Lab’s Dmitri Bestuzhev, a new malware attack first spotted in Venezuela is using a Skype vulnerability to take over computers.
That’s nothing new. It’s what the malware does with the infected machines that makes this campaign so interesting: it uses their processing power to generate Bitcoin, the booming virtual currency that recently hit a record high of $147.
Once relegated to the dark corners of the Internet, Bitcoin is a difficult-to-trace currency that is quickly gaining favor internationally, due in part to Cyprus’s banking emergency and its inclusion in the American financial regulatory framework. It’s valuable, if volatile.
And the creators of this malware are trying to get their hands on some of it by “[abusing] the CPU of infected machine[s] to mine Bitcoins for the criminal,” Bestuzhev explained. “(I)t turns the infected machine to a slave of the bitcoin generator.”
Bitcoin mining is the process of dedicating computer processing power to a set of instructions that slowly create new bitcoins. Some have even created special computers called mining rigs solely designed for mining—though mining technology has evolved from there, leading to the use of special microchips devoted to the process.
With a big enough botnet—a network of infected “slave” computers—a criminal could bypass all that expensive technology altogether and do the heavy lifting with other people’s CPUs.
Regardless of how you do it, it requires a lot of processing power to gain the rewards of introducing new bitcoins into the ecosystem. The difficulty of mining new bitcoins, combined with the currency’s high exchange rates, has clearly made mining something worth a malware campaign.