Hacker News new | past | comments | ask | show | jobs | submit login
New Skype malware spreading at 2,000 clicks per hour to mine Bitcoins (thenextweb.com)
73 points by knappster on April 6, 2013 | hide | past | favorite | 47 comments



Malware Bitcoin-miners, hmm? I don't like Skype as a vector... what if you could put it in the browser instead? Which leads me to a less malware-y idea: write a JavaScript/Flash/similar component that mines bitcoins in a web browser. Put it on your site instead of ads. Has anyone beat me to it?


Mining bitcoin on a CPU these days is like digging for gold with a garden shovel. Once upon a time it may have worked, but today it's basically useless (even if you do it on a million computers at once).


WebGL FTW!

:)


Wouldn't work. The right API calls aren't exposed. You would need something like webCL.


A long time ago I did some proof of concept work to do GPGPU operations in the browser with regular webGL, it kind of worked: http://learningwebgl.com/blog/?p=1828#comments

I did look into using the same technique to implement bitcoin mining in glsl. My opinion is that it is possible, but not straight forward and probably not worth it, but still a pretty f'ing cool concept.


All you need are shaders to do gpu computation.


People did GPGPU before the likes of OpenCL and CUDA.


well yes... just not from a browser.


Has anyone beat me to it?

Where BitCoin is concerned, the answer is always "yes".


That idea came, and went, two years back.

https://bitcointalk.org/index.php?topic=9042.0



That'd be an interesting advertising alternative that could be good for both parties. In exchange for content, you give the website X CPU cycles (or GPU I guess). It could be built into the browser so that you'd have really efficient mining techniques. Clients (with beefier computers) could choose to give more cycles to their favorite sites.

I'm not sure if you could provide comparable amounts of revenue. I guess time-spent-on-site would be the most important factor. At the current cost and difficulty of Bitcoins, you'd need 1,000 concurrent users on average all day all running at 10mhps to just make $92 per day. 10mhps seems like it's asking a lot, it'd probably drain a lot of batteries.


What if you were, say, Facebook, and had lots of visitors, good time-on-site metrics and you were still searching for ways to grow revenue? Might it make sense? Seems like their entire userbase could combine to mine quite a few bitcoins.. But I'm not a miner, so perhaps I'm wrong? A quick search turned up a Fast Company article that claims (http://www.fastcompany.com/3005269/facebooks-daily-mobile-us...) 618 million daily users. Assuming that most of those folks aren't logged on all day and many (more than half!) are logging on via mobile, you'd probably only be able to convert a fraction of those to effective miners, but even still it sounds like a lot of bitcoins per day. Perhaps they might offer users the option in exchange for better privacy controls and/or an ad-free experience?


Remember that the bitcoin network adjusts itself to try to only have about 25 bitcoin per 10 minutes mined. So if you were to jump into the pool with loads of cpu power you'd get a few bitcoin for a whole, then it'd adjust to be harder, raise the bar, and you're back with the same generation rate


Yes, but you'd be getting more of the pie. The pie remains the same size, granted, but you can still make quite a lot from owning a significant portion of the processing power.


A ton of companies have tried to monetize spare cpu cycles. The problem is that you can't do anything valuable with them. Most problems aren't trivially scalable, you have to assume malicious users so that means you need to essentially double efforts, and third parties aren't comfortable sending data through the system.



Once upon a time, when java applets were exciting, fresh, and new, I wrote an applet which calculated digits of PI and used CGI to post them to my server.

Visitors would watch animations, whilst I "stole" their CPU time.

That must have been 96/97 or so.


Yes, I think so, but it would probably be pointless by now, and many would notice.


Why do you think the browser would be a better vector than Skype?


I didn't say it's better. I just like it more.


plura?


Plura Processing pays affiliates up to $2.60 per full month of computing time provided(when they have customers).

I don't think it competes well with advertising.


http://www.bitcoinplus.com/miner/embeddable

I don't see how this is any worse.


One is malware, the other isn't. When I open their "Generate Bitcoin" page it won't run because I don't have Java, not JS, in my browser. If I did it would ask me for permission to run and if I said yes it wouldn't be persistent.

The Skype malware is classed as a malicious IRC-bot so unless it's very specialized it's safe to assume it includes other features as well, like DDoSing, searching and mass uploading of files ("wallet.dat"?), mass downloading and running of files (so the backdoor could be extended at any time), login form reporting and what have you.


Yah I remember seeing that and thinking it was extremely scummy. No one else was complaining though...


A new market for malware opens. This is even better than spam.


Actually it is better, isn't it. If malware starts working to keep the bitcoin transaction network operational as opposed to spamming or stealing webbanking keys ... then it's actually doing something that's either neutral or useful. Useful if you like bitcoin.

That'd be a great step forward. I doubt it's worth the effort though.


Shouldn't it also be more noticeable? Quiet spyware can go undetected, but something that's eating up loads of CPU cycles is less likely to do so. That's a good thing.


Evil...and yet I'm a bit disappointed it doesn't try to use the computers GPU instead of CPU.

(and yes I'm aware this wouldn't work in all cases).


Why does Skype even have any clickable links in it at all if Microsoft can't be bothered to keep the obvious malware out?


Don't miss the forest for the trees. If it wasn't skype, it'd be some other channel. The point here is that mining malware is a rather new and troubling phenomenon.


And of limited real value. A CPU only miner would yield about 10 MHash/s or less on standard hardware, and a malware/junkware loaded PC will do even less.


I recently came across a very naive-looking sample of a pooled GPU-miner being distributed via a purported crack for a certain EA game.

It's ridiculously easy to implement GPU mining if you have any remote execution on a machine.


Isn't the total hash rate the sum of the hash rates of all infected machines (i.e: 10MH/s * 2000 infected machines = 20GH/s)?


Far less than that. My shiny quad core i7 gets 4MH, and I doubt most consumer desktop computers would manage that. You're probably looking at 0.5-2 at a maximum.


There will always be ways to monetize malware. I'd rather they monetize it by mining Bitcoins than by doing something more destructive.


honeypot anyone... create the appears of a hacked machine that is successfully mining... keep'em busy for a few weeks ...


It's surely automated, in which case, there's nothing to "keep busy" like a human manually hacking into the average lousy computer one by one.


Is it also stealing people's local wallets too?


Does all the computing power put towards Bitcoin mining strike anyone else as an extreme waste of electricity?


A keylogger would be more lucrative than a bitcoin miner.


[IANAL] A bitcoin miner sidesteps "unauthorized access to information", taking advantage only of the the compute resources. I'm not sure if that makes any real difference in the eyes of the law, though.


A bitcoin miner is much safer and requires much less time commitment.


Re the conclusion: to protect yourself, don't run an OS that will silently install software just because you clicked on a blue link in a program published by the OS vendor.

Steve Ballmer should be jailed as an accessory for allowing this.


With a malware name like "Trojan.Win32.Jorik.IRCbot.xkt" - implying a Windows vector - I can't see why someone would downvote you for that comment.

I've got Skype on my *nix box, so do the downvoters assume that my system is also vulnerable to this malware?


There's no indication anywhere in the descriptions of this malware - on Kaspersky's blog or elsewhere - that it is exploiting any new or unique Windows-specific vulnerabilities. It could easily just be a downloadable executable that people are stupid enough to run. Social engineering works great. If your goal is simply to get a malicious executable onto as many machines as possible, Win32 is the obvious target to choose.

You've got Skype on your *nix box: Are you certain it's NOT vulnerable to malware? Obviously a Win32 executable isn't going to run on Linux, but if there's a hole in Skype what's stopping the bug responsible for that hole from causing a similar problem on Linux or OS X?

At this point no facts have been published to describe the nature of the malware in depth, so it's stupid to assume that it's dependent on some platform-specific exploit. On the other hand, it relies on clicking a link, so hopefully you're smart enough not to click shortened URLs sent by friends on Skype, no matter what OS you're running!




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: