November 17, 2013

Bitcoin news -- malware, bots, raids, all as predicted, oh my!

As I'm talking at a conference next week on inter alia matters Bitcoinian, I did a little research on the darker side of the coin. McAfee reports:

As the Bitcoin rate has increased, malicious Bitcoin miners have shown a growing interest by infecting victims with malware that uses computer resources to mine Bitcoin without their knowledge. While the cybercriminals generate profits, the computers slow down. In May, for example, Webroot posted a blog about a marketplace to customize and buy such malware.

This is aligned with the article I wrote a year or two back with Philipp Güring, entitled "Bitcoin & Gresham's Law - the economic inevitability of Collapse." The press says more (but I haven't found the source):

"The proliferation of digital currencies fuels the proliferation of tools and services necessary for cybercrime. This in turn helps fuel the growth in cybercrime, and other forms of digital disruption," said McAfee EMEA CTO, Raj Samani.

"Further, the challenges facing such currencies go beyond their propensity for use within money laundering—to targeted attacks on financial exchanges, and malware developed to target digital wallets."

Evidence that virtual currencies have become a mechanism for online and physical crime risks the possibility of full-scale intervention by governments.

All stirring stuff, and nice to know that we were the first with the right analysis! Don't forget your credits, guys ;-) Ah, found the primary source.

Brian Krebs provides some evidence of that idea that the Botnets would mint some cash:

So far, FeodalCash has managed to attract at least 238 working affiliates. Here is a copy of the affiliate list, complete with their corresponding bitcoin wallets. According to Xylitol, the host PCs that currently have this botcoin mining malware installed are doing their slavish work at the Eligius bitcoin mining pool. According to the FeodalCash administrative panel, the infected machines have mined only about 140 bitcoins. Each bitcoin is currently worth about $100 at today’s exchange rate, making the program’s total haul only about $14,000. The current bitcoin generation rate is about 4.719 bitcoins per day, or about $340.45 daily.

But those numbers are too small to really confirm the hypothesis, and given the FPGA and customized hardware argument, we may never see it (although I reckon we'll see it for GPUs).

Bear in mind when reading this stuff that sales operations like McAfee is in the business of FUD, as that lifts sales of its products. That said, they present a good roundup of the bad things going on:

  • Newish exchange Bitinstant was raided by attackers who stole $12k worth. Bitinstant closed.
  • Leading exchanger Mt Gox is seeing its new accounts climb "to 75,000 in just the first few days of April."
  • Silk Road was closed by the Feds, and they unmasked the Dread Pirate Roberts. They also busted an alleged drugs distributor and took his BTC.
  • A court in the US ordered the siezure of Mt Gox's USA funds held by Dwolla.
  • WebMoney announced a derivative issue whereby users send them Bitcoins and they receive digital derivative instruments valued 1:1 in BTC.
  • Phishers started targetting Bitcoin account holders at Mt Gox.
  • Global Bond, a trading platform for bitcoins in China amassed $3.3 million of them, and then the operators ran off with the loot.
  • An 18 year old in Australia started a Bitcoin bank and amassed AUD $1.4 million before hackers turned up and taxed the lot.

A long time ago I argued that the only way you knew that a new money was successful was when the crooks started attacking. We've certainly crossed that point now, and by this measure, Bitcoin is successful! Congratulations!

Posted by iang at November 17, 2013 11:52 AM | TrackBack

My bitcoin notes/thoughts for what they're worth :-)

(And StartSSL offer free certs now, so you can finally go and get a valid certificate ;-) )

Posted by: Thomas Barker at November 24, 2013 02:04 PM

Hi iang

You talk of bots but what of govs mining and dumping? What of people hijacking supercomputers and misusing them to mine bitcoin?

Just some idle thoughts as I wait for one of the UK's supercomputers, Hector, to come back online so that I can finish off my calculations. (

Posted by: darren at January 11, 2014 10:04 AM
Post a comment

Remember personal info?

Hit preview to see your comment as it would be displayed.