Криптотрактор предлагает вам самую актуальную информацию о криптовалютах. Только современные и модные способы заработка, никакой воды и сомнительных методов. Научись зарабатывать на блокчейне и стань миллионером!
Bitcoin Mining by Botnet An increasing number of malware samples in the wild are using host systems to secretly mine bitcoins.
The FeodalCash bitcoin mining affiliate program. Bitcoin is a decentralized, virtual currency, and bitcoins are created by large numbers of CPU-intensive cryptographic calculations.
In addition to archiving transactions, each new ledger update creates some newly minted bitcoins. Earlier this week, I learned of a Russian-language affiliate program called FeodalCash which pays its members to distribute a bitcoin mining bot that forces host PCs to process bitcoin transactions hat tip to security researcher Xylitol.
Because services like Virustotal share information about new malware samples with all participating antivirus vendors, scanning the installer will make it more likely that antivirus products on host PCs will flag the program as malicious. Rather, the administrator urged users who want to check the files for antivirus detection to use a criminal friendly service like scan4u[dot]net or chk4me[dot]com, which likewise scan submitted files with dozens of different antivirus tools but block those tools from reporting home about new and unidentified malware variants.
This Google-translated version of the site shows the builder for the installer. I gained access to an affiliate account and was able to grab a copy of the mining program. I promptly submitted the file to Virustotal and found it was flagged as a trojan horse program by at least two antivirus products. This analysis at automated malware scanning site malwr. It also indicates that the program beacons out to pastebin.
Also, the administrator demands that new users demonstrate the ability to garner hundreds to thousands of installs per day. This is a rather high install rate, and it appears many if not all affiliates are installing the mining program by bundling it with other executable programs distributed by so-called pay-per-install PPI programs.
So far, FeodalCash has managed to attract at least 238 working affiliates. Here is a copy of the affiliate list , complete with their corresponding bitcoin wallets. According to Xylitol, the host PCs that currently have this botcoin mining malware installed are doing their slavish work at the Eligius bitcoin mining pool. According to the FeodalCash administrative panel, the infected machines have mined only about 140 bitcoins.
The current bitcoin generation rate is about 4. It appears to be the work of two guys from Ukraine, who apparently are named Igor and Andrei.
Then I noticed that listed on one of the FeodalCash user pages is a notice that the affiliate program is having a user meeting tonight July 18 at Beerlin, a German-styled pub in Kharkov, Ukraine! The affiliate panel also helpfully included a map of downtown Kharkov to assist those planning to attend. Directions to the affiliate meting on July 18, 2013, at Beerlin in Kharkov, Ukraine. Beerlin , Bitcoin , bitcoin mining , botcoin , Eligius bitcoin mining pool , FeodalCash , malwr.
You can follow any comments to this entry through the RSS 2. Both comments and pings are currently closed.