Pirated ‘Watch Dogs’ Game Made A Bitcoin Mining Botnet

The New Acunetix V12 Engine


Pretty smart idea this one, we wrote about Yahoo! spreading Bitcoin mining malware back in January, but we haven’t really seen any of that type of activity since then.

Watch Dogs Bitcoin Mining Botnet

But this, this is a much better target audience – gamers with high powered GPUs! Especially as this is one of most hyped ‘next-gen’ games for 2014 (yes I’ve been eagerly awaiting it for my PS4). But pirating Watch Dogs via a torrent from popular warez group SkidRow could make you part of a Bitcoin mining botnet!

Tens of thousands of pirate gamers have been enslaved in a Bitcoin botnet after downloading a cracked copy of popular game Watch Dogs.

A torrent of the infected title, which supposedly has had its copy-protection removed, had almost 40,000 active users (seeders and leachers) and was downloaded a further 18,440 times on 23 May on one site alone.

Pirates reported on internet forums that the torrent package masquerading under the popular torrent brand SkidRow had quietly installed a Bitcoin miner along with a working copy of the game.

The Windows miner ran via two executables installed in the folder AppData\Roaming\OaPja and would noticeably slow down lower performance machines sucking up to a quarter of CPU power.

Most sources have removed the offending torrent. Analysis has yet to be done to determine the location or identities of actors behind the attack.


It seems like it was a massively popular torrent, so the infection could easily reach tens of thousands of pirate gamers, which would then turn into a Bitcoin mining botnet with tens of thousands of users (A fairly profitable proposition, even with the current Bitcoin mining difficulty).

It’s also slightly ironic that the tagline for the game is “Everything is connected” as if you pirate it, everyone is connected..to the botnet. And of course the fact it’s a game about ‘hacking’ – although I haven’t played it yet and the reports of the hacking part aren’t great.

Gamers were choice targets for Bitcoin mining malefactors because they often ran high-end graphical processing units (GPUs) and shunned resource-draining anti-virus platforms.

“If you happen to download cracked games via Torrent or other P2P sharing services, chances are that you may become a victim of [a] lucrative trojan bundled with a genuine GPU miner,” BitDefender chief strategist Catalin Cosoi said of an early Bitcoin miner that targeted gamers.

“We advise you to start checking your system for signs of infection, especially if you are constantly losing frames-per-second.”

Using stolen dispersed compute resources was one of the few ways punters could make decent cash by crunching the increasingly difficult mathematical algorithms required to earn Bitcoins.

Crims have in recent years foisted the compute-intensive Bitcoin miners in a host of attacks targeting valuable high-end GPUs right down to ludicrously slow digital video recorders.

They might have been better off mining something else though (Scrypt based coins like Litecoin or perhaps even X11 mining), if they did X11 mining the users probably wouldn’t even notice any framedrops or their GPU fans spinning at full speed.

I’m honestly surprised we don’t see more botnets based around cryptocurrency mining, I guess it’s just not that mainstream yet. And you need a good bait to get so many people to install malware these days (and get past their anti-virus software).

Which is another reason gamers make a good target as they often don’t even use AV software or disable it for maximum performance.

Source: The Register

Posted in: Malware

, , , ,


Latest Posts:


Four Year Old libSSH Bug Leaves Servers Wide Open Four Year Old libssh Bug Leaves Servers Wide Open
A fairly serious 4-year old libssh bug has left servers vulnerable to remote compromise, fortunately, the attack surface isn't that big as neither OpenSSH or the GitHub implementation are affected.
CHIPSEC - Platform Security Assessment Framework CHIPSEC – Platform Security Assessment Framework For Firmware Hacking
CHIPSEC is a platform security assessment framework for PCs including hardware, system firmware (BIOS/UEFI), and platform components for firmware hacking.
How To Recover When Your Website Got Hacked How To Recover When Your Website Got Hacked
The array of easily available Hacking Tools out there now is astounding, combined with self-propagating malware, people often come to me when their website got hacked and they don't know what to do, or even where to start.
HTTrack - Website Downloader Copier & Site Ripper Download HTTrack – Website Downloader Copier & Site Ripper Download
HTTrack is a free and easy-to-use offline browser utility which acts as a website downloader and a site ripper for copying websites and downloading them for offline viewing.
sshLooter - Script To Steal SSH Passwords sshLooter – Script To Steal SSH Passwords
sshLooter is a Python script using a PAM module to steal SSH passwords by logging the password and notifying the admin of the script via Telegram when a user logs in.
Intercepter-NG - Android App For Hacking Intercepter-NG – Android App For Hacking
Intercepter-NG is a multi functional network toolkit including an Android app for hacking, the main purpose is to recover interesting data from the network stream and perform different kinds of MiTM attacks.


One Response to Pirated ‘Watch Dogs’ Game Made A Bitcoin Mining Botnet

  1. Rain May 29, 2014 at 8:53 pm #

    True, most torrents, even trusted ones have bitcoin miner that takes your cpu or gpu resources, do not download at any cost.