Yahoo Ad Malware Was An Attempt To Build A Secret Bitcoin Mining Botnet
from the bitcoin-mining-scams-on-the-rise dept
A decade ago, it was actually fairly common to see various "distributed computing" projects seek to put a variety of people's computers to use to tackle tough problems -- and sometimes those distributed efforts involved clearly revealed and transparent code within other applications. A couple years ago, just as Bitcoin was first starting to get attention, I remember hearing from someone who was talking about trying to build a media player that would look to offer licensed/authorized content in exchange for quietly being a part of a Bitcoin mining effort. Nowadays, it appears that this idea of creating secret distributed Bitcoin mining is taking on a somewhat more questionable reputation. A gaming software company was whacked with a $1 million fine after (the company claims) a "rogue employee" included some Bitcoin mining hidden within their app. There have been accusations that a number of other apps out there are also secretly mining bitcoin.Just recently, we noted that Yahoo users in Europe were exposed to malicious ads that were downloading malware. It's now come out that the malware was... Bitcoin mining software, which sought to use some of everyone's excess computing resources to hunt for more Bitcoin. As "malware" goes, this is actually a lot less damaging than some other stuff out there (keyloggers designed to steal bank info, for example). It likely would bump up electricity bills slightly for some users, and basic PC mining is pretty ineffective, but it's interesting to see that malware folks are taking such extreme steps to try to build secret Bitcoin mining networks.
Of course, it still seems like doing this kind of thing in an upfront way might be an interesting business model: offer some useful software for free, telling folks very clearly that the "payment" is that they'll be using some of your spare cycles for mining. Of course, it might be better if this was done for cryptocurrencies that weren't so damn inefficient with electricity -- something like Peercoin instead of Bitcoin, for example. I imagine it's really only a matter of time. Imagine a Netflix/Hulu competitor that offered you the content for free, in exchange for distributed computing power, paying the licenses out of the proceeds from the mining. It's not that crazy when you think about it...
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: ads, bitcoin mining, business models, malware
Companies: yahoo
Reader Comments
Subscribe: RSS
View by: Time | Thread
Of course, it might be better if this was done for cryptocurrencies that weren't so damn inefficient with electricity -- something like Peercoin instead of Bitcoin, for example.
On a side note, not as related, how many of those digital cryptocurrencies are out there? For the more initiated in economics, isn't it bad to have a fragmented market?
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
However...
[ link to this | view in chronology ]
Re: However...
[ link to this | view in chronology ]
Even then, it's quite interesting that the profitability of Bitcoin mining is causing it to displace more dangerous malware.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
And yes, even scrypt based mining on CPU is pretty much useless, unless your entire point is to mine at a loss.
So these people had way too much expectations out of their "hidden" miner.
[ link to this | view in chronology ]
Re:
What loss? Because the people behind it would not be spending a penny to mine, even if it is hellish inefficient.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Not a bad idea
Some are more direct than others, botnets have been created to spam or do to DDoS attacks for a price, and the encode the files on your hard drive ransom ware is just a more direct version.
This bitcoin malware isn't unique, it's just that someone figured out that there was a hole to be filled. if you can get a few million computers working for you, even if they aren't very effecient, and you can mine some decent numbers. With bitcoins at $1000 a pop these days, it could become very profitable.
I wonder if the next one will look for existing mining rigs, mining software, or the like and subvert it? Perhaps looking for bitcoin account numbers to try to transfer funds out of the account.
... and the AC is right, if your system is sensitive to heat, running it really hard for an extended period could harm it, so this isn't malware without cost or potential pain.
[ link to this | view in chronology ]
BOINC
[ link to this | view in chronology ]
Re: BOINC
Wait a minute, finger touching counts as talking, no?
[ link to this | view in chronology ]
Re: BOINC
/pedant
[ link to this | view in chronology ]
FarmVille
That's the point when BTC jumps the shark.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Bitcoin HYIP - Double Your Bitcoin
Invest 1 btc Return $3 btc in 48 hours
http://www.bitcoinhyip.org
[ link to this | view in chronology ]