Bitcoin GPU Miner
Security researchers have spotted a new strain of malware that targets Bitcoin, the peer-to-peer virtual currency that exploded onto the tech scene earlier this year. In a report issued last week, Symantec researchers described a Trojan that uses the user's computer to mine Bitcoins on behalf of the intruder. They estimate that, at current exchange rates, a fast computer could generate as much as $150 worth of Bitcoins per month.
This is not the first Bitcoin-related malware spotted in the wild. In June, security researchers discovered malware that acts as a virtual pickpocket, scanning an infected computer for Bitcoin wallets and sending their contents to the attacker. There have also been of Bitcoin-mining malware, but estimates had suggested that most botnet owners would make more money renting their machines out for other uses.
In contrast, the newest Bitcoin malware takes full advantage of the computing power on each compromised machine—including its GPU. The parallel computing capabilities of modern GPUs means that they can perform certain specialized computing tasks much more quickly than traditional CPUs. And Bitcoin mining, which involves computing trillions of hashes, happens to be one such task. Symantec estimates that GPUs can compute hashes up to 750 times as quickly as a typical CPU. This means that while CPU-based mining can be expected to generate less than a dollar per month in Bitcoin profits, Badminer can generate as much as $150 per month.
Does this new breed of malware represent a new threat to the credibility of Bitcoin? Actually, the answer is probably no. As we described in our original Bitcoin feature, "mining" is the Bitcoin network's method of clearing transactions. At the end of each 10-minute round, one of the participating nodes is effectively chosen at random to get 50 newly created Bitcoins as a reward for participating.
Having thousands of botnet computers join the mining process will reduce the average profits of other miners, but it won't harm those who are merely using the network to make transactions. For ordinary users, the big danger continues to be old-fashioned Bitcoin-stealing malware.
Bitcoin is a digital version of cash. This has some important advantages; payments can be made with no intermediaries and no transaction fees. But Bitcoin also has most of the disadvantages of cash: if someone takes your cash, it's almost impossible to get back. Likewise, there's no way to reverse Bitcoin transactions once they've been accepted by the network, and it's relatively easy for the bad guys to cover their tracks.
The Bitcoin/malware nexus is a troubling development for the broader society. As botnets become more profitable to own, the bad guys will devote more resources to compromising our computers so they can add them to their herds. At the margin, more botnet profits—either from stealing Bitcoins or mining them—means more machines getting owned.
The lure of stolen Bitcoins depends on how much Bitcoins are worth, and the value of a Bitcoin has taken a wild ride in recent months. It peaked at $32 in June, then fell below $7 earlier this month before rising to the current price of around $11.
