Trojan Turns Computers Into Bitcoin Mining Machines

It has long been known that Bitcoin—the crypto-currency offering users almost completely anonymous transactions online—is the favored currency for the underworld. It is so popular, in fact, that hackers are going out of their way to turn mundane objects connected to the Internet—objects like thermostats, scales and refrigerators—into Bitcoin mining machines in an effort to create more of this precious virtual currency.

Though they exist entirely in the ether, bitcoins don’t appear out of thin air. Rather, they are created through a process called “mining,” requiring a user to purchase special hardware and dedicate a part, or all, of their computer to solving complex mathematical problems in order to “mint” a bitcoin. These problems get more complicated as more bitcoins are created, making it harder to mine the currency. Hackers, however, have found a solution: distribute the mining of bitcoins to multiple machines by hijacking computers into a network working towards a single goal—creating bitcoins.

To some, it may seem like a harmless exploit to create a currency that may or may not survive the year. But to others, namely those who create malicious software, a widespread Bitcoin mining Trojan—a malicious program that disguises itself as something else—could be a means to a different end.

For example, consider the latest Bitcoin miner Trojan to hit the Internet. Spread through Facebook, this Trojan compromises victims through a little tactic we in the security world refer to as “social engineering.”

Social engineering is the basic principal behind all hacking. It exploits relationships to compromise accounts, computers and networks. The social aspect of the compromise can manifest in a few ways: through the collection of publicly available information available both online and off; through deceit, by impersonating a trusted friend online; by posing as a vendor or support agent; or by simply leaving a USB stick behind in the hopes that people’s nosy nature will lead them to inserting it into their own computer.

This particular Trojan tricks victims into thinking their friends are sharing a photo with them via a private chat in Facebook. In truth, the file contains a disguised program built to hijack a small part of your computer for Bitcoin mining. After it installs itself, the Trojan sends data back to the main server.

Mining, it appears, is this program’s purpose. But the infection also happens to install a backdoor—one which allows the hackers in control of the Trojan to install additional malware on your computer.

That’s worrisome.

So how can you protect your devices from being hijacked for nefarious purposes? Well, there are a few things you can do:

  • Don’t download suspicious files. The Internet is a useful tool to send and receive messages that improve our daily lives. But unsolicited programs, third party apps and data files that arrive as attachments or links should raise your suspicion, as clicking and downloading them could unintentionally compromise your devices.
  • Be wary of unsolicited messages. Social engineering attacks can be hard to avoid because they prey on the nature of trusting relationships. But crude attempts can be detected. For example, the nameless Trojan mentioned in this post spread by sending messages saying “hahaha” with a file attached. You can avoid being compromised by simply ignoring the message or by asking if the sender meant to relay a message with an attachment.
  • Install comprehensive security. A comprehensive security suite can protect you from malicious links, websites and other nefarious tactics hackers use to compromise your security. Covering your online identity and protecting your mobile devices and computers is simple and with McAfee LiveSafe™ service.
Introducing McAfee+

Identity theft protection and privacy for your digital life

FacebookLinkedInTwitterEmailCopy Link

Stay Updated

Follow us to stay updated on all things McAfee and on top of the latest consumer and mobile security threats.


More from Internet Security

Back to top