Bitcoin mining malware spreading on Skype, researcher says

A new Skype spam campaign directs users to malware that uses the computer's CPU to mine Bitcoins, according Kaspersky Lab researchers

By Lucian Constantin, IDG News Service |  Security

Security researchers from Kaspersky Lab have identified a spam message campaign on Skype that spreads a piece of malware with Bitcoin mining capabilities.

Bitcoin (BTC) is a decentralized digital currency that has seen a surge in popularity since the beginning of the year and is currently trading at over US$130 per unit making it an attractive investment for legitimate currency traders, but also cybercriminals.

BTCs are generated according to a special algorithm on computers using their CPU and GPU resources. This operation is called Bitcoin mining and is usually performed by users who operate multi-GPU computer rigs. However, mining efforts can also be pooled for better results.

Cybercriminals have figured out that distributed Bitcoin mining is a perfect task for botnets and have started developing malware that can abuse the CPUs and GPUs of infected computers to generate Bitcoins.

A new spam campaign spotted Thursday on Skype tricks users into visiting a rogue bit.ly URL by using messages like "this is my favorite picture of you" as bait, Dmitry Bestuzhev, a malware researcher at Kaspersky Lab, said in a blog post.

Visiting the rogue URL prompts users to download a file called skype-img-04_04-2013.exe that's a malware installer with a low antivirus detection rate, he said.

According to Bestuzhev, the average click rate for the rogue URL is high, at over 2,000 clicks per hour. "Most of potential victims live in Italy then Russia, Poland, Costa Rica, Spain, Germany, Ukraine and others," he said.

The malware dropper connects to a command and control server in Germany and downloads additional pieces of malware. The malware does many things, but the most interesting one is to run a bitcoin mining application on the machine, the researcher said.

Users affected by this malware will experience abnormally high CPU usage on their computers as a result of the infection. "The campaign is quite active," Bestuzhev said. "If you see your machine is working hard, using all available CPU resources, you may be infected."

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Spotlight on ...
Online Training

    Upgrade your skills and earn higher pay

    Readers to share their best tips for maximizing training dollars and getting the most out self-directed learning. Here’s what they said.

     

    Learn more

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness