Pretty smart idea this one, we wrote about Yahoo! spreading Bitcoin mining malware back in January, but we haven’t really seen any of that type of activity since then.
But this, this is a much better target audience – gamers with high powered GPUs! Especially as this is one of most hyped ‘next-gen’ games for 2014 (yes I’ve been eagerly awaiting it for my PS4). But pirating Watch Dogs via a torrent from popular warez group SkidRow could make you part of a Bitcoin mining botnet!
Tens of thousands of pirate gamers have been enslaved in a Bitcoin botnet after downloading a cracked copy of popular game Watch Dogs.
A torrent of the infected title, which supposedly has had its copy-protection removed, had almost 40,000 active users (seeders and leachers) and was downloaded a further 18,440 times on 23 May on one site alone.
Pirates reported on internet forums that the torrent package masquerading under the popular torrent brand SkidRow had quietly installed a Bitcoin miner along with a working copy of the game.
The Windows miner ran via two executables installed in the folder AppData\Roaming\OaPja and would noticeably slow down lower performance machines sucking up to a quarter of CPU power.
Most sources have removed the offending torrent. Analysis has yet to be done to determine the location or identities of actors behind the attack.
It seems like it was a massively popular torrent, so the infection could easily reach tens of thousands of pirate gamers, which would then turn into a Bitcoin mining botnet with tens of thousands of users (A fairly profitable proposition, even with the current Bitcoin mining difficulty).
It’s also slightly ironic that the tagline for the game is “Everything is connected” as if you pirate it, everyone is connected..to the botnet. And of course the fact it’s a game about ‘hacking’ – although I haven’t played it yet and the reports of the hacking part aren’t great.
Gamers were choice targets for Bitcoin mining malefactors because they often ran high-end graphical processing units (GPUs) and shunned resource-draining anti-virus platforms.
“If you happen to download cracked games via Torrent or other P2P sharing services, chances are that you may become a victim of [a] lucrative trojan bundled with a genuine GPU miner,” BitDefender chief strategist Catalin Cosoi said of an early Bitcoin miner that targeted gamers.
“We advise you to start checking your system for signs of infection, especially if you are constantly losing frames-per-second.”
Using stolen dispersed compute resources was one of the few ways punters could make decent cash by crunching the increasingly difficult mathematical algorithms required to earn Bitcoins.
Crims have in recent years foisted the compute-intensive Bitcoin miners in a host of attacks targeting valuable high-end GPUs right down to ludicrously slow digital video recorders.
They might have been better off mining something else though (Scrypt based coins like Litecoin or perhaps even X11 mining), if they did X11 mining the users probably wouldn’t even notice any framedrops or their GPU fans spinning at full speed.
I’m honestly surprised we don’t see more botnets based around cryptocurrency mining, I guess it’s just not that mainstream yet. And you need a good bait to get so many people to install malware these days (and get past their anti-virus software).
Which is another reason gamers make a good target as they often don’t even use AV software or disable it for maximum performance.
Source: The Register