McAfee, a security firm, has issued its latest quarterly threat report. The paper includes a wide scope of emerging technology security risks, as well as mobile malware disseminated by Flappy Bird clones and dangerous rootkits.
The McAfee Labs Threats Report that was issued in June is the first time when McAfee has looked at cryptocurrency mining botnets.
McAfee reports describes numerous botnets with different levels of mining functionality. However specifies that mining major cryptocurrencies on infected PCs simply isn’t worth to do:
“The difficulty level of common mining algorithms and the nonspecialized hardware that the malware infects make this a futile effort.”
Another concern is that mining is so hardware intensive that it is relatively easy to spot by the owners of the infected PCs and results in high botnet attrition.
The malware developers tried to eliminate this problem and have recently integrated ‘throttling’ functionality, which keeps the CPU/GPU cool and effectively puts such attacks into stealth mode. However throttling has a disadvantage as it reduces the overall of the botnet and host PCs.
“In essence, botnet sellers are selling snake oil when they say that buyers can profitably mine virtual currencies,” says McAfee.
The report mentions that mining malware is available in large quantities and it is quite cheap to hire as well.
“Spend some time digging around any underground security forum or marketplace and you will find a myriad of SHA-256 and scrypt miner botnets, builders, and cracked versions of commercial builders and kits, along with the usual assortment of DDoS bots, cryptors, and other nefarious services and tools […] These are just a tiny fraction of what exists,” McAfee states.
McAfee made a conclusion that botnet operators don’t earn much, especially if they mining bitcoin. McAfee points out the most likely returns for operators, stating:
“In a hypothetical example of a 10,000-device botnet, profit without mining is US$11,000.00 while profit with mining is US$11,007.61—just a US$7.61 gain. This assumes an unrealistic attrition rate of 0.25%. A realistic attrition rate of 30% would result in a loss of US$3,265 in potential profit.”
The company said that illicit mining via botnets has moved into the mainstream, as the mining is now bundled in many toolkits across multiple platforms used by malware developers.
“However, there is a great deal of doubt around the profitability of this practice given the resource requirements of the mining algorithms. Nonetheless, the nefarious malware sellers seem to have plenty of motivation to squeeze every possible ounce of profit out of their efforts,” McAfee said.