Yahoo Ad Malware Was An Attempt To Build A Secret Bitcoin Mining Botnet

from the bitcoin-mining-scams-on-the-rise dept

Thu, Jan 9th 2014 3:43am — Mike Masnick

A decade ago, it was actually fairly common to see various "distributed computing" projects seek to put a variety of people's computers to use to tackle tough problems -- and sometimes those distributed efforts involved clearly revealed and transparent code within other applications. A couple years ago, just as Bitcoin was first starting to get attention, I remember hearing from someone who was talking about trying to build a media player that would look to offer licensed/authorized content in exchange for quietly being a part of a Bitcoin mining effort. Nowadays, it appears that this idea of creating secret distributed Bitcoin mining is taking on a somewhat more questionable reputation. A gaming software company was whacked with a $1 million fine after (the company claims) a "rogue employee" included some Bitcoin mining hidden within their app. There have been accusations that a number of other apps out there are also secretly mining bitcoin.

Just recently, we noted that Yahoo users in Europe were exposed to malicious ads that were downloading malware. It's now come out that the malware was... Bitcoin mining software, which sought to use some of everyone's excess computing resources to hunt for more Bitcoin. As "malware" goes, this is actually a lot less damaging than some other stuff out there (keyloggers designed to steal bank info, for example). It likely would bump up electricity bills slightly for some users, and basic PC mining is pretty ineffective, but it's interesting to see that malware folks are taking such extreme steps to try to build secret Bitcoin mining networks.

Of course, it still seems like doing this kind of thing in an upfront way might be an interesting business model: offer some useful software for free, telling folks very clearly that the "payment" is that they'll be using some of your spare cycles for mining. Of course, it might be better if this was done for cryptocurrencies that weren't so damn inefficient with electricity -- something like Peercoin instead of Bitcoin, for example. I imagine it's really only a matter of time. Imagine a Netflix/Hulu competitor that offered you the content for free, in exchange for distributed computing power, paying the licenses out of the proceeds from the mining. It's not that crazy when you think about it...

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: ads, bitcoin mining, business models, malware
Companies: yahoo

17 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Ninja (profile), 9 Jan 2014 @ 2:41am

Well, it was a matter of time I guess. I wonder if antivirus software are already adding such things to their lists? The PUP detection abilities are already there for a while now.

Of course, it might be better if this was done for cryptocurrencies that weren't so damn inefficient with electricity -- something like Peercoin instead of Bitcoin, for example.

On a side note, not as related, how many of those digital cryptocurrencies are out there? For the more initiated in economics, isn't it bad to have a fragmented market?
[ link to this | view in chronology ]
- Lazere, 9 Jan 2014 @ 8:40am
  
  Re:
  I can tell you that Malwarebytes detects at least some mining software as PUP. It detected the one I was intentionally playing with (can't remember which of the top of my head) just yesterday.
  [ link to this | view in chronology ]
JCHP (profile), 9 Jan 2014 @ 3:50am

However...
If the Netflix/Hulu/Random Media Player started giving away free stuff in exchange for cryptocurrency mining, then the **AA and co. would start asking for a tax on those "coins", wouldn't they?
[ link to this | view in chronology ]
- Anonymous Coward, 9 Jan 2014 @ 4:08am
  
  Re: However...
  They already claim more missed income than there is wealth in the universe, so oh well...
  [ link to this | view in chronology ]
Anonymous Coward, 9 Jan 2014 @ 4:22am

Bitcoin mining malware isn't completely inoffensive: if your cooling is marginal, it can cause the hardware to overheat and fail.

Even then, it's quite interesting that the profitability of Bitcoin mining is causing it to displace more dangerous malware.
[ link to this | view in chronology ]
- Anonymous Coward, 9 Jan 2014 @ 6:01am
  
  Re:
  I don't see the displacement. You can have both mining and more dangerous malwares installed.
  [ link to this | view in chronology ]
  - Anonymous Coward, 9 Jan 2014 @ 6:14am
    
    Re: Re:
    Any extra malware increases the chance that the whole set is discovered, which reduces the return from the bitcoin mining part. If the mining is profitable enough, it is rational to install only it, to lessen the chance of either discovery or (with more aggressive kinds of malware) actually damaging the system it's running on.
    [ link to this | view in chronology ]
Anonymous Coward, 9 Jan 2014 @ 5:05am

What a useless concept. It would have been cool years ago but now for any SHA256-based currency this is useless, you can't compete with ASIC miners. Especially since you need the user to have decent hardware and be physically logged in locally for mining to work decently, otherwise you're stuck using CPU mining which is even more ridiculous for SHA256. You'd literally need millions of computers to compete against a single 1000$ unit... and guess how many of those are out there now.

And yes, even scrypt based mining on CPU is pretty much useless, unless your entire point is to mine at a loss.

So these people had way too much expectations out of their "hidden" miner.
[ link to this | view in chronology ]
- Ninja (profile), 9 Jan 2014 @ 5:38am
  
  Re:
  unless your entire point is to mine at a loss.
  
  What loss? Because the people behind it would not be spending a penny to mine, even if it is hellish inefficient.
  [ link to this | view in chronology ]
  - Anonymous Coward, 9 Jan 2014 @ 7:22am
    
    Re: Re:
    He is probably counting the "development cost" of the malware and the costs associated with distributing it.
    [ link to this | view in chronology ]
Just Sayin', 9 Jan 2014 @ 5:14am

Not a bad idea
Actually, these guys are onto something. Almost all malware is directed towards accomplishing a secondary goal these days, it's rarely about just screwing up a computer because you can.

Some are more direct than others, botnets have been created to spam or do to DDoS attacks for a price, and the encode the files on your hard drive ransom ware is just a more direct version.

This bitcoin malware isn't unique, it's just that someone figured out that there was a hole to be filled. if you can get a few million computers working for you, even if they aren't very effecient, and you can mine some decent numbers. With bitcoins at $1000 a pop these days, it could become very profitable.

I wonder if the next one will look for existing mining rigs, mining software, or the like and subvert it? Perhaps looking for bitcoin account numbers to try to transfer funds out of the account.

... and the AC is right, if your system is sensitive to heat, running it really hard for an extended period could harm it, so this isn't malware without cost or potential pain.
[ link to this | view in chronology ]
Me, 9 Jan 2014 @ 5:34am

BOINC
I still would be peeved at this bitcoin mining "malware" since that means my excess computing resources are no longer searching for pulsars or extraterrestrials. If I missed talking to ET because someone else wanted 0.00000000000000000000000001 bitcoin, the whole world suffers.
[ link to this | view in chronology ]
- Ninja (profile), 9 Jan 2014 @ 5:49am
  
  Re: BOINC
  No need to waste your resources, it has been done before 673582b9aaf9a804754affe5288ae625639f4c69 if you are cheap or 4aa34c333a36d1bd7b41dcf6e59ab65bc36b59f3 for high def ET talking ;)
  
  Wait a minute, finger touching counts as talking, no?
  [ link to this | view in chronology ]
- beltorak (profile), 9 Jan 2014 @ 11:08am
  
  Re: BOINC
  technically, a bitcoin is (currently) only divisible to 8 decimal places (0.00000001 - or, 1 "satoshi").
  
  /pedant
  [ link to this | view in chronology ]
Anonymous Coward, 9 Jan 2014 @ 3:47pm

FarmVille
It's only a matter of time before someone releases a FarmVille-like game, wherein the player work needed to generate the in-game currency is tied to generation of a BTC-like "real" currency, for the benefit of the game's producers.

That's the point when BTC jumps the shark.
[ link to this | view in chronology ]
Anonymous Coward, 10 Jan 2014 @ 7:31am

Outside the box thinking........i like it
[ link to this | view in chronology ]
dfaojg, 29 Aug 2014 @ 5:55am

Bitcoin HYIP - Double Your Bitcoin
Bitcoin HYIP - Double Your Bitcoin
Invest 1 btc Return $3 btc in 48 hours
http://www.bitcoinhyip.org
[ link to this | view in chronology ]