Skip to content

2013 Press Release

Bitcoin-mining Malware is rising in APAC region

Japan and Australia are most affected, users are suggested to be alerted possibility of personal information leak

【Taipei, 26, 2013】 Bitcoin has become a well discussed topic during the past few weeks, especially this virtual currency is as valuable as the real currencies, and it is tradable. The Bitcoin has gained much attention and interest of the hackers and cybercriminals. Trend Micro Corp.(TSE:4704), the global leading internet security vendor has observed the spread infection of Bitcoin-mining malware recently, and this threat affects most countries in APAC region. Trend Micro reminds Bitcoin owners of the importance of keeping their wallets safe from theft -- to separate their Bitcoin wallet and to manage the Bitcoin account off-line to diminish the potential harm.

Trend Micro Smart Protection Network has detected 3 malware called BKDR_BTMINE, TROJ_COINMINE and HKTL_BITCOINMINE which turns infected systems into Bitcoin, making them virtual assets for the criminals. There are more than 12,000 PCs globally had been affected by Bitcoin-mining malware, caused a severe slow down of PC systems..

Here is the statistics of the victim countries on Bitcoin mining malware. (Counted with infected computers) by Trend Micro Smart Protection Network. Japan is the most affected country, Australia ranked No.3 and India rated No.4.

To execute malware into the victims’ computers, in order to do the mining, is a new method of online crimes. Bitcoin mining is resource-intensive and can slow down the system due to the increased CPU load. The infected computers will become very slow on system operation, also appears heavy CPU and power consumption.

Thus, how can current Bitcoin users protect themselves? Trend Micro researchers advise users to understand the transaction ways of Bitocins, and to manage the Bitcoins with the same caution and prudence that applies to real currency- cash.

One essential difference of the Bitcoin from the real world currency is the “permanency"of Bitcoin transition and trade. There is no reversal of charges. That means, once your Bitcoin wallet is compromised by hackers, or the money has been transferred, there’s no recourse to delete this transaction. In fact, there is no regulator or other authority that one can appeal to if victimized by Bitcoin theft or fraud. Therefore, besides using security software to filter for malware, Trend Micro researchers also suggest users not to put all the Bitcoin in one single wallet. Users should divide the Bitcoins into income account and expense account, the expense account only deals all the outbound transaction of Bitcoins. Furthermore, users should consider managing all the wallets offline. As for the identity safety, although Bitcoin is supposed to be “anonymous", the transactions are still in public and leave traces. Consequently, given enough circumstantial evidence, criminals will possibly get the identities of users. This is what the consumers should pay attention to this new attack tactics.

More information: http://blog.trendmicro.com/trendlabs-security-intelligence/bitcoin-price-hike-spurs-malware-wallet-theft/

About Trend Micro

Trend Micro Incorporated (TYO:4704;TSE:4704), a global cloud security leader, creates a world safe for exchanging digital information with its Internet content security and threat management solutions for businesses and consumers. A pioneer in server security with over 20 years’ experience, we deliver top-ranked client, server and cloud-based security that fits our customers’ and partners’ needs, stops new threats faster, and protects data in physical, virtualized and cloud environments. Powered by the industry-leading Trend Micro™ Smart Protection Network™ cloud security infrastructure, our products and services stop threats where they emerge – from the Internet. They are supported by 1,000+ threat intelligence experts around the globe.

Additional information about Trend Micro Incorporated and the products and services are available at Trend Micro.com This Trend Micro news release and other announcements are available at http://trendmicro.mediaroom.com/ and as part of an RSS feed at www.trendmicro.com/rss Or follow our news on Twitter at @TrendMicro.


Connect with us on