Bitcoin mining botnet has become one of the most prevalent cyber threats

Share this article:
Bitcoin mining botnet has become one of the most prevalent cyber threats
Bitcoin mining botnet has become one of the most prevalent cyber threats

The number of infected hosts in a Bitcoin mining botnet called ZeroAccess has continued to climb throughout the first quarter of year, researchers found.

Fortinet, a Sunnyvale, Calif.-based security firm, announced findings this week from its research labs FortiGuard, which showed that the ZeroAccess botnet was the top threat that its devices turned up between Jan. 1 and March 31.

In the first quarter, Fortinet researchers tracked 100,000 new infections per week worldwide, with a total of three million unique IP addresses reporting ZeroAccess infections.

The botnet is comprised of devices infected with the ZeroAccess trojan, which carries out click fraud, causing victims to unknowingly click ads that drive money to scammers.

The botnet can also instruct infected computers to conduct Bitcoin mining.

Bitcoins, which currently are valued at a volatile $120 each, are a form of virtual currency created in 2009 that can be transferred anonymously from person to person online, without going through a bank. They are accepted today by some online merchants and can be traded for actual dollars at online currency exchanges, such as MtGox.com.

Bitcoin mining is a tactic used to earn more of the currency by using computers' computational power and open-source software to complete mathematical puzzles that solve "blocks," or files that hold records of recent Bitcoin transactions that have not yet been recorded. Rewards of new Bitcoins are given for each block that is solved, thus making mining a far more cost-effective way to amass Bitcoins.

Richard Henderson, a security strategist at Fortinet, told SCMagazine.com on Wednesday that the ZeroAccess' authors were actively hiring outside groups to spread the malware.

“They are so confident that they are charging five times the going rate [for infections],” Henderson said. “They are paying them $500 per 1,000 infections. As soon as the [ZeroAccess] infection takes place, they are already paid. They must have a lot of money in the bank to do this, so they are making a lot off of the ZeroAccess botnet.”  

Last September, research from Sophos showed that the ZeroAccess botnet owners were earning up to $100,000 a day from their Bitcoin and click-fraud scams.  At that time, the botnet's size was estimated to be around one million machines, with more than 50 percent located in the United States.

Fortinet's research did not include a geographical breakdown of the botnet, but the firm did confirm that the network's earning power has remained as high as $100,000 a day.

Share this article:

Sign up to our newsletters

More in News

Firefox 32 feature could cut undetected malware downloads 'in half'

Mozilla plans to introduce a feature in Firefox 32 that, based on preliminary testing, could cut the amount of undetected malware downloads in half.

EFF asks court to find NSA internet spying a violation of Fourth Amendment

EFF asks court to find NSA internet spying ...

Complete with a colorful graphic, the EFF showed a federal court how the NSA essentially runs a digital dragnet that can pick up innocent Americans.

Study: Asian Android users at higher risk of malware exposure

Cheetah Mobile's new study showed that Asian Android users have a two to three times greater risk of downloading malware onto their devices.