Posted by Virus Bulletin on Dec 13, 2011
In-the-browser botnet turns victims' CPU cycles into cash for the attackers.
Researchers have discovered a compromised website where a piece of JavaScript has been included that is used to mine bitcoins for the attacker.
Bitcoins are a digital currency whose popularity and value have increased significantly in recent years. Bitcoins can be used to make online payments and exchanged for real currency, while new bitcoins can be 'mined' using large amounts of CPU time.
Unsurprisingly, this has attracted the interest of botherders: via the botnets they control, they have access to a lot of CPU time, which can be turned into cash via bitcoin mining. Indeed, in recent months a number of malware samples have been discovered that are capable of using a compromised machine's CPU cycles to mine bitcoins.
In this particular case, however, the mining software is programmed in JavaScript and runs inside the browser of those visiting a compromised website. This in-the-browser botnet does not infect the victim's computer, but it does use their CPU time, which could significantly slow down the machine. The advantage for the attacker is that the mining code is browser- and platform-independent and is less likely to be blocked by security software.
More at the MailChannels blog here.
Posted on 13 December 2011 by Virus Bulletin