How does a Bitcoin Miner Malware works?

[Xenon~]

Title.

I know it fvcks up your CPU / GPU + electricity but I sort of want to learn more about it, like, can you calculate how efficient it is for the sender? The amount of btc they successfully harvested from the infected, can it be traced to the sender, and how does one create such malware?

I used to infect the library in my previous uni w/ btc miner but I forgot how to setup things etc... also probably I failed on that attempt.

c:

[defaulto]

Just the same way normal BTC Mining works. The only difference is the infected person didn't agree to that. Also, your victim needs some goods specs so that mining BTC using Cryptojacking is profitable. There are old sources out there on ******. More up-to-date ones get traded in some off-corner communities. These contain all sorts of bypasses so they don't get picked up by AVs. Hack Discussion Forums like mpgh and co. get file submissions like these too once in a while. Good placed and trained File Analyzers can prevent them from breaking out of the queue.

I am pretty sure a couple of Libraries that provide you with computers and internet access got those installed on them without anyone knowing. And these can range from pretty stealth to breaking your device. Would have done the same if there is no way to trace it back in case local authorities with IT-Experts and shit are onto it.

[lainchan]

Title.

I know it fvcks up your CPU / GPU + electricity but I sort of want to learn more about it, like, can you calculate how efficient it is for the sender? The amount of btc they successfully harvested from the infected, can it be traced to the sender, and how does one create such malware?

I used to infect the library in my previous uni w/ btc miner but I forgot how to setup things etc... also probably I failed on that attempt.

c:

Learn C++ and code the malware yourself. BTC can be traced back if you spend the BTC or trade it somewhere that has your real identity attached through blockchain analysis, though XMR is more popular for miners nowadays because it's more profitable by far. If you're going that route, it's more profitable to make a program that analyzes the user's clipboard for an address and then replaces it with your own address that's very similar. As for how you'd spread it, because you coded it yourself, it's largely undetectable, the ideal way to spread a virus would be to buy a cheap seedbox (like $10-15/mo) and then bind your virus to AAA releases. No point in spreading BTC miners, you're not going to profit. XMR or an altcoin, or clipboard malware is the only realistic way you're going to make any money. Learn C++ or Go or you'll end up infecting yourself with malware yourself that's only going to be easily detected.

[Xenon~]

Appreciate all the responses above.

I did search about this before in ****** and in reddit.
@defaulto have to agree that it is not worth since most computers at our uni library are not equipped w/ high specs etc.
@lainchan thanks for the suggestion but that way is too harsh (too bad) compared to sending ppl w/ btc crypto malware.
Just want to know how do they setup this whether they use (what common software which etc.).

[lainchan]

Appreciate all the responses above.

I did search about this before in ****** and in reddit.
@defaulto have to agree that it is not worth since most computers at our uni library are not equipped w/ high specs etc.
@lainchan thanks for the suggestion but that way is too harsh (too bad) compared to sending ppl w/ btc crypto malware.
Just want to know how do they setup this whether they use (what common software which etc.).

BTC mining isn't worth it even if you manage to infect computers that are high spec, the payout is still abysmal. The reason why has to do with the hashing algorithm and difficulty, BTC uses SHA-256 and there's dedicated hardware far better then normal CPU/GPU's. Anyhow, you can mine altcoins and convert it to BTC easily. The software varies, I think your best bet, if you don't want to code yourself, is buy a setup on the deepweb from the most trusted vendor you can and hope it's not malware that's going to steal your victims. Or look around for an opensourced RAT, btw, either way, just make sure to bind the virus to things that people will have a reason to disable their AV. Cracked video games are one of the best ways imo. The reason why the keyboard clipper works so well is that

1) it's non-intrusive and hard to be detected (if coded properly)
2) it's very easy to code
3) huge potential for profits by taking some poor chump's stack

Though, yeah, I guess if you meant "too harsh" as in "wow, I really don't want to steal this kid's life savings" then yeah, suppose it is harsh.

[Xenon~]

BTC mining isn't worth it even if you manage to infect computers that are high spec, the payout is still abysmal. The reason why has to do with the hashing algorithm and difficulty, BTC uses SHA-256 and there's dedicated hardware far better then normal CPU/GPU's. Anyhow, you can mine altcoins and convert it to BTC easily. The software varies, I think your best bet, if you don't want to code yourself, is buy a setup on the deepweb from the most trusted vendor you can and hope it's not malware that's going to steal your victims. Or look around for an opensourced RAT, btw, either way, just make sure to bind the virus to things that people will have a reason to disable their AV. Cracked video games are one of the best ways imo. The reason why the keyboard clipper works so well is that

1) it's non-intrusive and hard to be detected (if coded properly)
2) it's very easy to code
3) huge potential for profits by taking some poor chump's stack

Though, yeah, I guess if you meant "too harsh" as in "wow, I really don't want to steal this kid's life savings" then yeah, suppose it is harsh.

yeah m8 but i could've done (w/ some blackmailing included) yet im not bad enough to do it so no no

just wanted to learn some new things

[Onety One]

yeah m8 but i could've done (w/ some blackmailing included) yet im not bad enough to do it so no no

just wanted to learn some new things

Very interesting... I wish to atleast learn how to create these type of infectious files. They truly intrigue me, I just don't have the sliughtest clue where to start lol

[Xenon~]

Very interesting... I wish to atleast learn how to create these type of infectious files. They truly intrigue me, I just don't have the sliughtest clue where to start lol

i just leech before and try to experiment on a virtual machine / sandbox.

started w/ keylogger to monitor who uses my devices w/o my permission.

there are plenty of tutorials in youtube / reddit / ****** but use at your own risk.

[[MPGH]Mayion]

I don't see the point in telling you how to fuck up someone's machine and potentially making them lose all their files, even as a "new thing to learn"

[[MPGH]Dave84311]

Someone is gonna be taking their computer to Bestbuy and complaining about it running so hot

[bape]

Just the same way normal BTC Mining works. The only difference is the infected person didn't agree to that. Also, your victim needs some goods specs so that mining BTC using Cryptojacking is profitable. There are old sources out there on ******. More up-to-date ones get traded in some off-corner communities. These contain all sorts of bypasses so they don't get picked up by AVs. Hack Discussion Forums like mpgh and co. get file submissions like these too once in a while. Good placed and trained File Analyzers can prevent them from breaking out of the queue.

I am pretty sure a couple of Libraries that provide you with computers and internet access got those installed on them without anyone knowing. And these can range from pretty stealth to breaking your device. Would have done the same if there is no way to trace it back in case local authorities with IT-Experts and shit are onto it.

Does the victims PC really need to be powerful to be “profitable”? Obviously the more powerful their computer is the higher the hash rate, but there are so many more low to mid end consumer PCs than powerful ones that it just seems like that wouldn’t make sense. Obviously it costs something to spread the malware and get people infected, but I would think that even a bunch of shitty low end HP laptops with igpus would somewhat quickly make up for the costs which I can’t imagine are much more than a cheap domain and an S3 instance

[Dab]

Someone is gonna be taking their computer to Bestbuy and complaining about it running so hot

Hypothetically speaking an efficient miner malware design should be detecting whether you're pulling your task bar, opening task manager, or playing a video game / using a program like webbrowser or video editing software. You could in theory just run your miner whenever they're AFK, playing games, doing resource intense shit, and when they're not viewing tasks or temps.


Also if you say, infected a popular repack or crack then seed it to fuck you can certainly get a ton of miners and make a good bit of money.

[YeAhx_]

Also if you say, infected a popular repack or crack then seed it to fuck you can certainly get a ton of miners and make a good bit of money.

Exactly this. Most of them downloading these repacks don't know shit about malware or think its a false positive.

[defaulto]

Does the victims PC really need to be powerful to be “profitable”? Obviously the more powerful their computer is the higher the hash rate, but there are so many more low to mid end consumer PCs than powerful ones that it just seems like that wouldn’t make sense. Obviously it costs something to spread the malware and get people infected, but I would think that even a bunch of shitty low end HP laptops with igpus would somewhat quickly make up for the costs which I can’t imagine are much more than a cheap domain and an S3 instance

Yea. Budget hardware isn't made for BTC Mining. And the payout is pretty low for successfully done transactions. So you'd need someone whose hardware is good at doing that to profit something at all. As people above said you go with alt-coins instead. And given you got tons of people, why not go with alt-coins too. You would earn more that way. However you turn it, mining BTC, isn't as lucrative as something else.

[[MPGH]Dave84311]

Hypothetically speaking an efficient miner malware design should be detecting whether you're pulling your task bar, opening task manager, or playing a video game / using a program like webbrowser or video editing software. You could in theory just run your miner whenever they're AFK, playing games, doing resource intense shit, and when they're not viewing tasks or temps.


Also if you say, infected a popular repack or crack then seed it to fuck you can certainly get a ton of miners and make a good bit of money.

You would think so but its a race against time when it comes to viral shit