New subscription-based SHA256/Scrypt supporting stealth DIY Bitcoin mining tool spotted in the wild


By Dancho Danchev

A recently released subscription-based SHA256/Scrypt supporting stealth DIY Bitcoin mining tool is poised to empower cybercriminals with advanced Bitcoin mining capabilities to be used on the malware-infected hosts that they have direct access to, or have purchased through a boutique cybercrime-friendly E-shop selling access to hacked PCs.

Let’s take a peek at the DIY Bitcoin mining tool, and discuss some of its core features.

Sample screenshot of the international underground market advertisement:

Stealth_Bitcoin_Mining_Tool_DIY_Malware_Cybercrime_Sell_Buy_Purchase_Subscription

The Bitcoin mining tool comes with a DIY generating tool, start up functionality, installation persistence, assembly changer, icon changer, support for both Bitcoin and Litecoin CPU/GPU, the ability to change the CPU/GPU threads, as well as the ability to adjust the GPU fan percentage. The mining tool comes as a fully managed subscription-based service for the price of $15 on a monthly basis. The accepted methods are BTC, LTC, TRC, and naturally in the context of OPSEC-unaware cybercrime-friendly releases, PayPal.

Sample screenshots courtesy of “happy customers”:

Stealth_Bitcoin_Mining_Tool_DIY_Malware_Cybercrime_Sell_Buy_Purchase_Subscription_01 Stealth_Bitcoin_Mining_Tool_DIY_Malware_Cybercrime_Sell_Buy_Purchase_Subscription_02

We expect to continue observing an increase in managed subscription based DIY Bitcoin mining international underground market propositions, and will post updates as soon as we come across such managed services.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on Twitter.

2 thoughts on “New subscription-based SHA256/Scrypt supporting stealth DIY Bitcoin mining tool spotted in the wild

  1. Pingback: Experts Reveal Criminal DIY Bitcoin Mining Tool - eTeknix

  2. Pingback: Yet another commercially available stealth Bitcoin/Litecoin mining tool spotted in the wild | Webroot Threat Blog - Internet Security Threat Updates from Around the World

Join the Conversation

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s