||Tweet this page|
Cybercriminals are coining it thanks to a new type of malware that enables them to harvest bitcoins - at your expense
The subject of this post came about as a result of a recent conversation with a good friend who works in cyber intelligence for a large global corporate. We often discuss the latest methods used by the bad guys as they attempt to breach his networks, but when he slipped 'bitcoin mining malware' casually into conversation I will admit to being a little taken aback. This method of conning you out of your cash was certainly new to me.
Thinking about it, I suppose it is logical that if a cybercriminal can compromise a large network, then that criminal would certainly put it to use. There are a number of ways to exploit a network of computers under your control: we've seen compromised networks being turned into botnets to run spam email campaigns, or to launch DDoS attacks to take down particular websites for ideological of blackmail purposes. Using the computing power you've stolen to generate cash directly seems like a logical step, and so the bad guys have used their twisted logic and forced compromised machines to labour in the bitcoin mines to enrich themselves at your expense.
This type of compromise has the potential to be even more annoying to those infected than having your machine used as a spam server. The reason for this is the way bitcoin mining works; the malware could make your whole network slow to a crawl and lead to some truly terrifying electricity bills.
To try to explain why this type of malware is particularly nasty, it's worth taking a very general and non-technical peek at bitcoin to see how the principles work. Bitcoin is one of a number of so-called cryptocurrencies out there, and its use is heading more and more into the mainstream. Try typing 'where can I use my bitcoin' into your favourite search engine and you'll see everything from hairdressers to restaurants willing to take bitcoin, to say nothing of ATMs that will allow you to transact in the currency.
The bad guys can attempt to generate bitcoin from their infected botnets, and then spend them in normal shops - it's a direct way to generate cash from malware without having to jump through any hoops. The malware writers' cause is also helped by the fact that, while bitcoin transactions between bitcoin addresses are themselves publicly accessible, each bitcoin address is not necessarily linked to a real human identity, so making it less likely that they will be caught when spending their ill-gotten gains.
So, the baddies love bitcoin. However, we still need to explain why it's so bad for the average home user to contract a bitcoin malware infection.
At the heart of bitcoin is something called 'blockchain' technology. A blockchain is the public ledger of all bitcoin transactions that have ever been executed. The blockchain consists of blocks that can be thought of as individual ledger or page entries that record each transaction happening during a certain time period. When the time period is up, the block is added to the blockchain in a linear and chronological order.
Each computer (or node) connected to the bitcoin network that is running mining software is tasked with validating and relaying transactions. In order for it to do this, in some cases it needs to download a copy of the bitcoin blockchain. It follows that the blockchain is constantly growing as individual ‘completed’ blocks are added to it; at the time of writing, the size of the blockchain is about 50 gigabytes. If you're being taken for a ride by the virus writers, this will take a heck of a chunk out of your hard disk space and royally bung up your broadband; if you're on a limited broadband connection, it may also cause you to be hit with a bill from your ISP. However, more recent bitcoin versions let you mine without requiring the entire blockchain, and this is more likely the approach to be taken by malware writers - most people would notice a 50GB chunk being taken out of their hard disk space.
The second problem is that mining bitcoins is an incredibly CPU (and GPU)-intensive process. Bitcoin miners are constantly processing and recording transactions as they take place and are actually competing in a type of race to ‘complete the current block’ in order to win a stash of bitcoins. Each block is sealed off with a hash that is created from all the data in the block. If you were to change anything in that block, it would also change the block's hash, so anyone verifying transactions would be able to tell that the block had been tampered with.
This verification process is not, in itself, that processor-intensive. However, the total number of bitcoins ever to be produced is set at 21 million (there are various theories around this, including that having 21 million bitcoin means that the total number of Satoshi, or 0.00000001 or a bitcoin, will fit inside a 64-bit number) and computers are incredibly good at creating hashes. In order that today's powerful PCs don't just mine all the bitcoins in a huge hurry, a degree of artificial complexity is added to the hashing process, making it incredibly mathematically complex.
It is the difficulty of the mathematical problem that regulates the creation rate of new bitcoins, since new blocks can’t be submitted to the network without the answer. Currently, the reward for completing a block is 25 bitcoin, and at current exchange rates and electricity prices the electrical power consumed would cost more than the bitcoin reward. If you were to start your own bitcoin mining operation, and don’t happen to have your own wind farm, it wouldn’t be worth the effort. However, if you're running a botnet using other people's computers and electricity supply, this is not your problem: free bitcoins for you!
Despite all the doom and gloom, bitcoin and the technology behind it has enormous potential. The whole process provides a way of verifying financial transactions without any central authority; the integrity of each transaction as well as the ledger as a whole is maintained by the network's users. It's this feature, together with minimal transaction costs and the fact that the register is decentralised, that has captured the attention of the financial industry.
The Bank of England (BoE) is currently running a competition open to UK undergraduates asking for ideas on how to utilise blockchain technology. One of the uses quoted on the BoE website is for universities to be able to encrypt and store student qualifications so that companies can instantly verify submitted CVs. Barclays, Santander and UBS are all researching just how Blockchain could change the payments industry. There's no doubt that this revolution is gaining significant momentum and it has the potential to change for ever the way corporations transact with each other. I have heard this technology described as 'the Uber moment' for the financial industry.
However, don’t forget about the bitcoin mining malware. No matter how useful the technology appears, the bad guys have a habit of finding a way to use it to their own advantage. All we can wish for is that the researchers prioritise system security during their endeavours. Here's hoping.
For more, and to stay abreast of everything that's going on in the world of technology, Subscribe to Computer Shopper magazine today, and get your first 3 issues for just £1 »