14 DAY TRIAL // Security researchers have uncovered a piece of malware that’s designed to mine Litecoins, an open source P2P digital currency that’s similar to Bitcoin.
According to Doctor Web, the Trojan, which they’ve dubbed Trojan.BtcMine.221, is disguised as legitimate applications such as VLC Player, or VPN software. It can also be disguised as a browser extension that helps users with shopping suggestions.
Experts highlight the fact that the malicious applications are signed with digital certificates obtained by the developers for legitimate applications.
The threat is distributed on shady websites and experts say it has been making the rounds online for at least one year. Once it infects a computer, Trojan.BtcMine.221 starts mining for Litecoins by using the device’s computing resources.
In some cases, only CPU resources are used for mining the digital currency, but sometimes, the GPU is also utilized.
Doctor Web says that over 311,000 computers have already been infected, over half of them being located in the US. Many infections have also been spotted in Brazil, Turkey and Russia.
“An average of 203,406 bots go online every day. As many as 49,149 newly infected machines connected to the network in just three days in December 2013, while the number of Trojans removed during the same period reached only 6,028,” Doctor Web noted in its report.
Depending on the Trojan.BtcMine.221 version that’s running on a computer, the botnet is made up of several subnets. One of these subnets is said to be comprised of around 65,000 active bots.
“The average daily income for the criminals involved is 1,454.53 U.S. dollars (1,069 EUR). The Average processing power of that subnet (hash rate) is 167,647 KH/s,” the IT security firm explained.