- Spotify will soon let you block R. Kelly Monday 6:01 PM
- New Click to Pray app lets you pray with Pope Francis Monday 5:30 PM
- Social media influencer known for hiking in bikinis dead at 36 Monday 4:54 PM
- Trump posts altered pics on social media to make fingers look longer, report Monday 3:20 PM
- Twitch user banned after telling woman to ‘kill yourself’ during stream Monday 3:06 PM
- Facebook introduces ‘Community Actions’ tool to petition the government Monday 2:04 PM
- Sarah Sanders, NRA deliver truly misguided MLK tributes today Monday 12:58 PM
- MAGA teen who confronted Native elder says he ‘respects all races’ Monday 12:57 PM
- Popular YouTube channel in danger of disappearing because of copyright claims Monday 12:24 PM
- The Krassensteins’ Reddit AMA gets trolled off the internet Monday 12:08 PM
- No, Trump didn’t break open the Pizzagate scandal in 2011 Monday 11:23 AM
- Producer of anti-abortion film says Facebook refuses to run his ads Monday 10:58 AM
- Ja Rule thinks he was also a victim of Fyre Fest Monday 10:21 AM
- YouTube beef between RiceGum and H3H3 gets ugly—and personal Monday 10:02 AM
- ‘Fox & Friends’ accidentally airs obituary graphic for Ruth Bader Ginsburg Monday 9:40 AM
While dedicating a portion of the power of a typical home computer to the task would only generate the equivalent of a few pennies per year, installing the malware on millions of computers would produce some serious money.
Hackers who used vulnerabilities on Yahoo’s website to install viruses on millions of computers last week likely used the infected systems to mine Bitcoin.
Giora Engel, founder of cybersecurity firm Light Cyber told the BBC that the compromised machines were used to effectively manufacture a network with massive amounts of computing power for the purpose of creating new units of the virtual currency, which went directly into the perpetrators’ pockets. “The malware writers put a lot of effort into making it as efficient as possible to utilise the computing power in the best way,” Engel explained.
Unlike traditional currencies, which are issued by governments, there is no centralized authority minting bitcoins. Instead, they are created through a process called mining, where computers connected to the global Bitcoin network attempt to solve increasingly complicated mathematical equations whose solutions function as a record of recent Bitcoin transactions. These transactions are then entered into the public record, and the miners are rewarded with new bitcoins.
However, as more people have gotten into Bitcoin mining, it has become increasingly difficult to gain a share of the new bitcoins, which are created at a predetermined set rate. Hence, an arms race has developed, with miners devoting ever more resources toward creating new bitcoins in hopes to grow the size of their haul.
Enterprising hackers, such as the ones who perpetrated the Yahoo attack, have turned to installing software on the systems of the unwitting victims—who then have some of their computing power secretly devoted to mining. While dedicating a portion of the power of a typical home computer to the task would only generate the equivalent of a few pennies per year, installing the malware on millions of computers would produce some serious money.
As the price of Bitcoin has soared, so has the prevalence of this type of Bitcoin mining botnet. Last year, an eSports gaming services company was caught covertly installing Bitcoin mining software on its users’ computers.
The attack on Yahoo.com, currently the fourth-most-visited website on the planet, worked by infiltrating site’s ad network. The hackers made it so ads displayed on the site would direct users to an online location that installed malware on their computers.
Details of the hack were first made public in a blog post by Dutch security consulting firm Fox-IT. In the post, Fox-IT estimated the site was spreading malware to users at a rate of 27,000 per hour, with the majority of infections occurring in France, Great Britain, and Romania.
“Users in North America, Asia Pacific and Latin America were not served these advertisements and were not affected,” a Yahoo spokesperson said in a statement that noted the site was spreading malware during a period stretching from Dec. 31, 2013, to Jan. 3 of this year. “Additionally, users using Macs and mobile devices were not affected.”
The company has not publicly released how many computers were infected, but some reports have speculated it was as many as 2 million.
Photo by fdcomite/Flickr
Aaron Sankin is a former Senior Staff Writer at the Daily Dot who covered the intersection of politics, technology, online privacy, Twitter bots, and the role of dank memes in popular culture. He lives in Seattle, Washington. He joined the Center for Investigative Reporting in 2016.