discovered a new spam message campaign being transmitted via Skype contains malware capable of using an infected computer to mine for Bitcoins. The malware, identified as Trojan.Win32.Jorik.IRCbot.xkt.
Bitcoin is a non-governmental, fully-digital currency based on an open-source and peer-to-peer internet protocol. Cybercriminals have figured out that distributed Bitcoin mining is a perfect task for botnets and have started developing malware that can abuse the CPUs and GPUs of infected computers to generate Bitcoins.
"Bitcoin mining is the process of making computer hardware do mathematical calculations for the Bitcoin network to confirm transactions and increase security,"
Victims are encouraged to install malware file that is included with messages like "this my favourite picture of you". Those who click the links, infected with a virus dropper downloaded from a server in India. If the malicious file is installed, one of its features is to turn the machine into a Bitcoin mining slave.
Turning unwitting PCs into Bitcoin slaves is the latest attack to hit Bitcoin and Bitcoin-related services. Most anti-malware programs cannot detect the malware. The malware has the fingerprints of script kids, rather than sophisticated hackers.
According to Kaspersky Lab, the average click rate for the rogue URL is high, at over 2,000 clicks per hour. "Most of potential victims live in Italy then Russia, Poland, Costa Rica, Spain, Germany, Ukraine and others,"
About the author