Security researchers have uncovered a new Trojan spreading via Skype that can hijack a computer and force it to mine for Bitcoins.
According to Russian security firm Kaspersky Lab, Skype users are being tricked into downloading the file after receiving a message that says something like ‘this is my favourite picture of you'. Once the file is downloaded and installed it turns the computer into part of a botnet that aims to mine Bitcoins, the online currency that has been making headlines over recent weeks.
Users can earn Bitcoins by solving complicated mathematical problems using their PC. The malware uses infected PCs to do just that, hoping to claim Bitcoins for whoever is behind the attack. One characteristic of the malware is that it uses up almost all of the PC's available processing power. It also drops other malware onto the PC, Kaspersky Lab said.
Kaspersky Lab researchers said the attacks seem to be originating in India but the malware then transmits data back to a control centre in Germany. So far the Trojan has mainly infected Skype users in Italy, Russia, Poland, Costa Rica, Spain, Germany and Ukraine.
Dmitry Bestuzhev wrote on Kaspersky's blog that at its height, the malware was getting more than 2,000 clicks per hour, suggesting it was spreading fast. “It abuses the CPU of the infected machine to mine Bitcoins for the criminal,” Bestuzhev said. “If you see your machine is working hard, using all available CPU resources, you may be infected.”
The value of Bitcoins has been steadily increasing over the last few weeks. It is currently trading at just under $190 per coin on Mt.Gox, the world's largest Bitcoin exchange.
Mt.Gox became a target itself last week when a DDoS attack left it struggling to remain operational. It is thought that whoever was behind the attack was looking to drive down the price of Bitcoin before purchasing as much as they can. They then stop the attack and wait for the value to rise again, at which point they sell.