Bitcoin Victimized with Malware - Kaspersky Lab
According to the latest monthly report by Moscow-based security firm, Kaspersky Lab, 35 species of unique malicious programs targeting Bitcoin system have been detected.
Bitcoin is an open-source project for developing a decentralized, peer-to-peer network for tracking and verifying transactions.
Based on the aspect that potential earnings of cybercriminals depends upon the number of computers been accessed, criminals have started utilizing social networks like Twitter and P2P network-based botnets for augmenting their number of attacks.
However, Kaspersky hold the opinion that this move of cyber crooks was intended to counter the action by the antivirus companies and obstruct the operation of a single botnet command center (C&C) server, in cases where no malicious network contained alternate servers.
Kaspersky also added that the utilization of Twitter as a botnet C&C with the Bitcoin system is the first time.
While explaining the modus operandi of the attack, security experts commented that a bot literally sends a requrest via Twitter account to the botnet owner about the left over commands. This is where the program through a Bitcoin generating program is downloaded containing instructions due which Bitcoin work.
The company further claimed that it was revealed in August 2011 that one of the largest botnets has the capability to conceal actual accounts as they can be deleted by server owners who rather take a positive stance against illegitimate mining programs.
Further, Kaspersky also commented that in August 2011, approximately a year after the leakage of the original code of the most threatening Trojan Zeus (Trojan-Spy.Win32.Zbot), Russian-speaking cybercriminals created its clone which gained commendable popularity among fraudsters. However, the new creation is named as dubbed Ice IX by its creator and it prize ranges from US $600-1,800.
One of the most incredible innovations of the Ice IX is the altered botnet control web module by which cybercriminals can use legitimate hosting services instead of expensive bulletproof servers that are maintained by the cyber criminal community. According to the Ice IX owners,
However, Kaspersky researchers noticed the Morto computer worm in August 2011. This novel worm interestingly does not exploit vulnerabilities for replicating itself. It circulates through Remote Desktop Protocol (RDP) service that offers remote access to a window desktop, which has never been noticed earlier.
Related article: Bitcoin Harvesting Trojan Disseminating Through Twitter
» SPAMfighter News - 22-09-2011