Topic: Is a Bitcoin mining virus, more powerful than mining farms? (Read 13508 times)

Thats kind of more or less the case, you can just have the program run in the background and low priority. I can't even tell that i'm mining with my GPU and CPU performance wise. I can play any game, and still mine at full speed, the program just scale back and let other processes go first.

Bitcoin mining viruses is actually very hard to be profitable. Since it uses a lot of compute resources, users would feel that their computer begins to slow down hence do a reinstall or scan for viruses. There are mining viruses which only starts when a mouse movement is not detected within certain period of the time. Although this can be more effective, the sound of the fan whirring up can give it away and even if the user doesn't notice, the earnings would drop tremendously.

Yeah? Well when a virus that propagate through Windows, manage to infect Linux, bypass the router, inject into an arm processor linux, then i guess we can start getting worried, but there's no skynet virus.

Well Bitcoin viruses can definitely attack Linux.

Indeed, botnet hijacking CPU and GPU to mine altcoin is pretty much the way to go. Doing it on BTC is silly compared to the profitability from doing it on alt coins. I guess many people still don't understand the difference in hash power from SHA256 and all other altcoins, even Scrypt who also have ASIC, it still does not compare.

I would agree most asics are behind a firewall.  They normally are not open to internet.  Also people watch pools pretty close so even if there was a virus asic owners will notice quick.

I do think a botnet could mine the heck out of CPU coins.  Not sure how profitable but I'm sure this is going on.  But again does not compare to asics

You'd need the virus to attack ASIC now. And to be fair, there aren't many miners that doesn't keep an eye on their throughput. I would definitively notice if something more than a few % would go away...

And its not very easy to hack and infect and propagate such a virus that would work on Linux.

Basically i'd have to say yes it would be more powerful, but no i don't see it happening.

I recently learned that my computer was infected by a Bitcoin mining virus. My antivirus program says that the virus has been on my computer for over a year. After some calculations I figured that the virus mined around .2 BTC over that period. If the same virus infected 5000 PCs it could have mined 1000 BTC.

Yes I would..... When I had FREE Power, I was running every laptop and desktop I could get my hands on even if it was a Kilohash miner.. infact at one point I had some 3Mhash Server blades running for me at a  friends datacenter that were not being used at the time.

Yes, but once he got them,  but he will use them where he will get most profit out of them. Will mine those CPU mined coins or doing something else.

Not that he will mine bitcoins, just because he can do it.

Since the malware writer would not have any expenses, any amount of Bitcoin or any cryptocurrency mined on that botnet would be profit. The electricity cost is zero for the attacker, and with some good social and software engineering, the virus could be spread very far. Also, the botnet of thousands of computers can still be rented out for blackhat purposes. It doesn't necessarily need to be dedicated to one thing, it could be multipurpose. This is kind of like this guy: https://www.reddit.com/r/IAmA/comments/sq7cy/iama_a_malware_coder_and_botnet_operator_ama/. He made malware which mined bitcoin, was also a banking trojan, and could ddos.

Who Cares? its FREE Money to the hacker

they could come up with the same but for asic(i don't know if this is possible, at best you could infect their machine at which asic are connected), but i doubt it could ever steal a large portion of the hash, you need to infect  all those big farms out there

Quite a while ago, when scrypt was popular, people would bind a program to game files that would steal GPU compute power and mine while people played games.   It was spread via torrent sites.    It was very profitable back then but would likely be a waste of time now.

The average high-end PC is capable of 50 MH/s when mining SHA-256. They have 200,000 participants according to the latest figures so that brings the total maximum hashrate to 50*200,000 = 10 million MH/s or 10 TH/s. If we assume that 1 million PCs mining 24/7 at 10% efficiency (5 TH/s) generates $15 per day (see my post earlier in the thread), then 200,000 PCs should generate about $3 per day.



I just recently installed uTorrent a few days ago. From what I've read, I was expecting it to be terrible but honestly, it's not that bad. The option to opt out is actually pretty clearly stated and quite difficult to miss as long as you read through the instructions for each step of the installation. I didn't install it via the update process as a few others did but I'd be surprised if it was any different.

Also, uTorrent's mining program mined litecoins (and possibly other cryptocurrencies) rather than bitcoins.

EDIT: And the latest version has been stripped of the mining program:

http://blog.utorrent.com/2015/03/28/important-update-about-epic-scale-partner-offer/


You can't really compare the two. Legitimate mining firms have expenses that can impact profitability and sometimes make it negative. For a botnet owner/virus creator, there are virtually zero expenses and so any coins mined are completely free. Even if a PC was 10,000 times less powerful than a miner, having 1 million infected PCs would bring in the same amount of coins as 100 miners but with none of the pesky expenses that legitimate miners have to deal with such as rent, hardware costs, and electricity. Hence it might even be more profitable than having 1,000 or even 10,000 physical miners. In other words, it's pure profit after all.


I assumed from reading the OP that it would be average home users who would get infected (e.g. someone who might not hesitate to open an email attachment containing an infected file or a high school kid who stumbles upon a malware-infested site), and not miners who would probably be more vigilant with their computer's security and knowledgeable about these types of things.

Honestly a virus to mine other people's hardware, considering most people mining have a fairly decent level of tech knowledge would be fairly hard to get through.  Take a look at thepiratebay.  Most of the torrents that have had this type of virus plugged into software have been seen and mentioned.  Sure some of the people who get torrents or what not will never notice it but that is going to be a fairly small percentage of the people who download things like that considering that also takes a bit of tech knowledge to install the programs in the first place.

I don't know if everyone know's how big these mining farms are.   To get the asic level mining level it's a almost impossible amount of compromised computers with cpu or gpu's.   Most will notice if a computer is dragging from high intensity of mining.   

I think it would be hard to be undetectable.  Someone will notice computer dragging slow, and it will get reported and detectable.  I think large scale this remaining undetectable is just going to be very very tough.

Indeed it can be more powerful than mining farms if un detected but unusual gpu or cpu use would start throwing up questions or hidden background services running don't go undetected for long seen a few company's try this that where indeed successful at but soon got court doing it. and Utorrent one of the latest versions had this in set to auto run after installing its latest update in an attempt for people to auto run torrent client and also run an auto miner in background of µTorrent in its services without the user knowing. So happy I moved away from µTorrent a long time ago due to them being bought out and then going down hill after. Feel free to have a a read at the story.

http://www.theverge.com/2015/3/6/8161251/utorrents-secret-bitcoin-miner-adware-malware

http://www.makeuseof.com/tag/google-xp-support-utorrent-bitcoin-miner-tech-news-digest/

Just goes to show even running on  a scale this big with the amount of users that µTorrent has am sure they got away with some nice coin.

I might be the exception, being a gamer and a over-clocker we tend to push hardware to it's limits and we notice the smallest change and what processes hog the different components on a computer. {CPU/GPU/Memory}

The average computer user might not notice it, even if it takes 50% of the processing power on their machines. 

I know some type of viruses work only when PC is idle, or are programmed to use a small percentage of CPU so you don't notice.

I cannot see how this will go unnoticed by the bigger anti-virus companies for a long duration for this to be affective.

The built in "hearistic" methods of dectection would also counter the replication nature of a virus of this kind. {Worm} ..... You would have to be a very skilled programmer to succeed with this.

I would surely notice if I lose so much processing power needed for mining. 

yes they are being detected because asic miners had extra speed as well as extra security

how to make one ? 

Depends on how good is the virus and how many machines you can infect. I think Bitcoin mining today is only for real, big players, unless you want to mine altcoins.

I recently switched to qBittorrent. uTorrent can die in a fire.

Yeah, uTorrent had a miner built-in in one of the recent updates. If anyone reading this wants a better alternative: try Transmission (very clean and sleek little bittorrent client, I love it (especially on my Mac)).

+1 and you have to hide yourself being detected by the farm owner; otherwise, they will take some actions to improve their security.

#BitTorrent

If it infected enough computers, then it would be like any other distributed computing powerhouse, imagine if say SETI or Folding@Home turned all their power to mining BTC. I wonder how many TH/s Folding@Home would pump out if it turned to BTC mining for a day.

What if the forum was making your CPU mine bitcoins as you typed your replies top the threads here....?

*tinfoil hat on*

If 20 PCs equal 1 GH/s then wouldn't you need 20,000 PCs for 1 TH/s and 20,000,000 PCs for 1 PH/s?

Anyway, both Bitcoin mining viruses and non-SHA-256 altcoin mining viruses would be profitable (it is free electricity, after all). A 1 million PC botnet where each PC is capable of 50 MH/s would have a total hashpower of about 50 million MH/s or 50 TH/s. At the current difficulty, the botnet operator would get a reasonable-ish passive profit of $150* per day according to Coinwarz.

However, the botnet operator could earn much more than this if he chose to mine CPU and GPU mineable altcoins instead. If he mined Darkcoin and we assume that each PC has 3 MH/s of X11 hashing power, he would get $75,000** per day!

Viruses that mine scrypt-based currencies would fall somewhere in the middle as they have ASICs built for them but the performance difference between ASIC mining and GPU mining is not as extreme as SHA-256.

*If the miner only mined at 10% max performance to prevent the PC owners from finding out, it would only bring in $15 a day.

**Again, if the miner only mined at 10% max performance, it would bring in $7,500 a day. I'm not sure if this is practically feasible though since dumping that many coins on an exchange every single day would depress the price and surely the exchange owners will find out?

Additional note:

Recently, uTorrent got into a bit of controversy after adding a program that uses spare CPU cycles to mine cryptocurrencies (among other things) into their software. It's not a virus since it's a legitimate program that can be easily uninstalled via the control panel and the intention behind it is good since part of the profits are donated to worthy causes but it works in a very similar way to how Bitcoin mining viruses used to work in the past. As myself and others here have already mentioned, it would be far more profitable to mine cryptocurrencies that don't have ASICs built for them yet compared to mining Bitcoin so I suspect the program is mining one or more CPU or GPU mineable altcoins.

Here is the link:

http://www.btcfeed.net/news/utorrent-update-installs-crypto-miner-without-user-approval/

EDIT: According to another thread here, it seems that the program is mining Litecoin. A bit of a poor choice IMHO.

You would not run it at maximum speed.  You would do it in the background as the number of machines affected would give you the processing power you need. 

I know OP didn't ask but keep in mind that with a virus you dont spend a dime on electricity while with a 1PH mining farm you spend alot.
So I assume that with 1M or less pc infected you get the same profit

Yeah, but its harder to create such a virus, and also its more noticebl for a pc owner if a gpu runs 100% all the time. And its less profittable. =)

Viruses can also use the GPU... 

No. Couse viruses uses a cpu. And using cpu for mining btc is useless. But if this virus is used to mine some cpu coin then yes. Most of cpu coins is mined trought botnets.

define virus and the awnser will be there.

i think anti-virus are a form of virus itself, but that is a personal opinion, not a scientifically prooved fact.

the quick answer is: minerd.exe is NOT  virus, but anti-virus notify it due to mining abuse in public places (schools, library, work) or "other ppls computers"

don't think it would be useful to run a bunch of desktops to mine for bitcoins. you'd probably be better off doing what Dabs said, or renting them for ddosing or something blackhat of that nature.

If you can make a virus that will infect a million PCs, you better sell your network of zombies to some three letter agency. You'll get more that way.

yeah almost impossible, but anything can happen. 

not to mention every virus will get caught eventually, you will see if you earn less instantly

No, it will not have, at least not for long.

One of the core principles of botnetting is stealthiness. you cannot afford a high pitched noise from GPU fans to give that away. There is the reason why so far discovered viral miners are targetting CPU mined Altcoins. The Bitcoin hashrate is allready outside of their reach.

Remember not to buy "CPU-only" Altcoins.

Miners are mostly run by tech people. It is almost impossible for them to get infected en masse...

You can hire botnets if you know where to look.  People use them for DDOS attacks and things like that.  I'm sure it would be easy enough to get one to mine bitcoin instead.  Then it is just a case of how much it costs versus how much it generates.

In any network that has ASICs for some while, such a virus can mine only a very small quantity.
A virus can "make money" on the newer algos, where there are no ASICs yet. Less than a year ago such a virus was mining Dogecoin. Now Scrypt has ASICs too, so the virus writes have to check something else - X13,  M7, ...

I don't think so bitcoin mining is a virus!!

Never heard of it

youd have to infect an insane number of systems for this to produce any substantial income, and the idea isnt new; ESEA for counter strike had a scandal where their client was mining bitcoins while running on peoples machines, and this was back when gpu mining was viable too

I am sure that would be detected easily, once the miner sees no money in the address he is mining with.

No.

There was a time when mining viruses were abound in the days of CPU and GPU mining. But ASICs are by magnitude more powerful than CPU or GPU, it would take an army of 10s of thousands of PCs to even begin to touch what a single ASIC machine can do. People complained about ASICs but one thing they did do was totally eliminate these viruses because they were no longer very effective. Those kinds of viruses went off to hunt other coins that are still CPU or GPU driven.

A better idea would be a virus that infects a miner so that it mines towards your personal address. That'd be more economical.

Assuming it could be written and not detected. It would pull either part of the cpu or part of the discrete gpu.

neither part does a lot of hashing.  Say you bleed 10 percent of the cpu or gpu.  maybe 50mh a pc so 20 pc's for 1 gh.

2000 pc's for 1th

2,000,000 pc's for 1ph.

not much more can be bleed off without detection.

So is it possible to make a virus that infects 2mill pc's sure.  and if you are never caught you hash at 1ph. my guess is it would be found out quickly. since all the pc's would be dedicating a decent amount of cpu/gpu/watts to the mining.

For example a Bitcoin mining farm might have a few petahashes of mining power. Will a Bitcoin mining virus network have the same amount of power?