...

Theft by Compute

by John Paul Chacha on Sat, 15th Dec 2018. Read 10305 times.

Malware creators have found a new way of making money off you.


In the past, malware would typically make money by either selling your information to advertisers or by encrypting your files then demanding a ransom from you. Well, there’s a new trick in town.


You’ve probably heard of Bitcoin, but do you know how it’s generated? Bitcoins, and other so-called “crypto-currencies”, are generated through a process called crypto-currency mining. Mining involves performing a huge number of calculations on large numbers across several computers on cryptocurrency networks. This process consumes an enormous amount of processing power, which translates to high power consumption and ultimately, huge power bills. In general, the cost of the power required to generate a bitcoin on a typical computer is much higher than the value of the bitcoin, which makes mining on your personal computer a loss-making venture. Miners, people who make a living by mining bitcoin, generally do so by setting up specialized “mining rigs” to make the venture profitable. These typically involve using GPUs (Graphics Processing Units) and other exotic hardware in innovative ways to create homebrew supercomputers with very high levels of parallelism and compute density.


However, the argument above only holds true if you’re paying the electricity bill and/or meeting the wear-and-tear costs of the hardware. If you’re not, then every single coin you make from the generated bitcoin is pure profit.


Enter malware.


Malware that makes money using bitcoin sets up your computer as a compute node in a distributed computing network. What that means is that it sets up a network where all infected computers “donate” processing power and memory, which the malware creator can then leverage to solve complex mathematical tasks such as mining bitcoins. In so doing, the miner makes bitcoin revenue at zero cost while you foot the bill and the cost of the wear-and-tear that results from running your computer at 100% all the time.


The compute power thus acquired can also be used for cloud services; for all you know, your personal computer could be running someone’s website or doing big-data for some supermarket in another country right now.