14 DAY TRIAL // Security researchers warn that a recently discovered botnet designed to mine Bitcoins has been updated with components that facilitate distributed denial-of-service (DDoS) attacks.
The so-called Miner Botnet uses a peer-to-peer infrastructure and can also serve as a malware distribution platform.
However, considering that by default it includes three different Bitcoin mining tools, namely Ufasoft, RCP and Phoenix, its primary purpose is rather clear.
Security researchers from Kaspersky Lab told The H Security that recently they've observed two DDoS components being distributed through the botnet.
One enables HTTP flooding attacks, also known as HTTP hammering, and seems to target 31 German and 2 Austrian websites.
Food and real estate industry websites are particularly targeted judging by the URL list downloaded by the botnet.
The second component facilitates UDP flooding attacks and has a shorter list of targets, however, all of them are companies that offer anti-DDoS services.
One of the victims, pizza.de, confirmed to Kaspersky Lab that it has been attacked with malicious traffic coming from around 50,000 unique IP addresses.
This means the Miner Botnet is growing and, considering it's peer-to-peer infrastructure, it won't be easy to take down. When Kasperskty reported about it last Friday, they had recorded 38.000 different public IP addresses.
Bitcoin mining is an increasingly attractive activity for cyber criminals with the virtual currency gathering more and more support from the public. Recently discovered trojans have began using the GPUs from infected machines to mine Bitcoins more efficiently.
As usual, users are advised to run an up-to-date antivirus system on their computers at all times, but keeping software applications updated is equally important giving today's exploit-driven threat landscape.
Due to its flexibility and ability to download additional malware, the Miner Botnet can be quickly repurposed for other illegal activities like scareware distribution. As a result, victims might find their computers infected by more than one threat.