Yes? Can you link something to evidence the frequent action pool operators take? Article or transcript from pool operators talking about it? I'm curious to learn about this.
To get accurate numbers, you would have to ask the question to Tycho. I was shown last week by a deepbit user when he logged in the banner "your account has been suspended due to illegal activity" (paraphrasing from memory here).
He said it happens automaticly once you have more than 150 different IPs connect to the same worker. (as it happened before)
There is a banner when you register that says "In case of illegal activity your account will be locked",
https://deepbit.net/register.phpWith the amount of traffic deepbit sees, it would be hard to believe they have not automated some parts of the banning
I'm not asking for accurate numbers, I'm asking for any confirmed botnet reports, and evidence as to them being GPU based, as you so casually stated that they were.
What you are telling me is that because an automated system on deepbit, which admittedly catches many regular users (unless you are suggesting your friend is a botnetter) by its aggressive settings, is the only suggestion that botnets "might be out there".
That is hardly conclusive evidence of the roving bands of GPU botnets you claim.
CPU botnets are the most likely, and even those are not very likely, nor clearly are they being very successful.
Maybe you missed those threads:
https://bitcointalk.org/index.php?topic=81356.0;allhttps://bitcointalksearch.org/topic/wonder-who-this-solominer-is-8862169-67634http://www.reddit.com/r/IAmA/comments/sq7cy/iama_a_malware_coder_and_botnet_operator_ama/Q: How many botted machines do you typically gain per month or per campaign.
A: about 500-1000 a day, weekends more. I'm thinking about just buying them in bulks and milking them for bitcoins. Asian installs are very cheap, 15$/1000 installs and have good GPUs.
http://arstechnica.com/tech-policy/2011/08/symantec-spots-malware-that-uses-your-gpu-to-mine-bitcoins/In contrast, the newest Bitcoin malware takes full advantage of the computing power on each compromised machine—including its GPU.
http://www.symantec.com/security_response/writeup.jsp?docid=2011-081115-5847-99&tabid=2The Trojan will then run one of the following Bitcoin mining programs:
If a GPGPU-enabled graphics card is found, it runs Phoenix Miner.
Otherwise it runs RPC Miner.
Though I appreciate links,
as I requested them (maybe you missed that post), neither of these fit any criteria of the quote.
Top line from The AMA post:
I operate a ~10k botnet using a ZeuS software I modified myself, including IRC, DDoS and bitcoin mining (13GH/s - 20GH/s atm).
20GH = 20,000 MH; 20,000 MH / 10,000comps = 2MH/comp. Or roughly what you'd get out of an old crappy CPU. I did say in the quote that CPU mining is most likely of the unlikely scenarios.
For the symantec stuff, GPU malware != GPU botnet. Simply is one, low-risk (hasn't spread much) example of code that has that ability. No one is claiming that it is impossible to do, that isn't what we're discussing, so this is not a useful link. If it were a report of how it was a widespread hidden threat that would make more sense.
As to the other guy with the botnetter friend, well. I will just leave that conversation be then.