back to article Hackers force innocent mobes to join crypto mining gangs

Cybercrooks are turning smartphones into digital currency-mining bots using mobile malware. The cyber-menace, dubbed CoinKrypt by mobile security firm Lookout, is capable of hijacking the processor on smartphones to mine digital currency, enriching hackers in the process. CoinKrypt has been confined thus far to Spanish …


This topic is closed for new posts.
  1. mourner

    GPUs for BTC mining? Think again...

    1 Bitcoin mining these days requires a specialist GPU-based rig to get anywhere and is way beyond the productive capacity of ordinary computers, much less smartphones. CoinKrypt is the digital equivalent of a gold rush claim jumper, according to Lookout.

    Bitcoin has moved well beyond the days of being able to do any useful mining with GPUs. BTC mining is now well and firmly ASIC (Application Specific Integrated Circuit) only.

    It can still be profitable to mine other alternative coins with GPU based rigs - which you then exchange for BTC in order to spend or cash out. Typically you're looking at around a 40 - 50 day return on investment buying a mid to top end AMD card after which the profit begins. That said you'd need an awful lot of them to make any real money.

    1. sisk

      Re: GPUs for BTC mining? Think again...

      Even most altcoins require a GPU these days to make any profit really. Any SHA-256 based coin you're going to need a whole array of ASICs, and by the time you get one that you've ordered the difficulty will have gotten up to the point that you'll have a hard time making your money back on it.

      You can still mine Primecoin and Quarkcoin and the like on CPUs, but good luck getting enough of them to be profitable. Last time I looked a Quarkcoin was worth about 8 cents and Primecoin were worth a fraction of a penny each. And you'd likely never see one of either using a phone as your miner.

      1. mourner

        Re: GPUs for BTC mining? Think again...

        That was my point, maybe I didn't express it well.

        GPU -> mine altcoin (scrypt or scrypt-jane), trade for BTC

        ASIC -> mine BTC

        I didn't mention CPU mining.

        Either way, to make any decent return requires a major investment - go big or go home so to speak. As an example of just how big "big" is in this regard, consider 1.4 million ASICs controlled by 5K Rasp Pi's:

        Mining on steroids!

  2. dwrjones87

    Even if they only get 20p a month per phone, times that by 100,000 infections and you get 20k a month. With alt coin mining you can also increase profit with a coin switching pool. Could turn out very profitable for them...

    1. Anonymous Coward
      Anonymous Coward

      100000 infections?

      Are you serious, it's a small-time smartphone bug.

      They've probably got a hundred or so, and most of those people will only suffer the bug for a day or two before figuring out there's a problem.

      No to mention the fact that flat out the phone will only last an hour or two before the battery dies.

  3. This post has been deleted by its author

  4. Euripides Pants

    sensitive data might leak

    What is it going to do? Ooze out of the stress cracks that form in the case due to overheating?

    1. Marc Rogers
      Black Helicopters

      Re: sensitive data might leak

      Well this thing isn't going to leak anyone's data, the malware was literally 3 classes. You start the host app and it starts mining thats as far as its functionality goes.

      However a lot of other malware - especially some of the Chinese stuff - includes stacks of functionality even stuff that isn't being used for the current operation whatever it may be. Fr example I've seen chinese Adware which as well as pushing offensive apps included code to set up a series of VPNs. why did they included that? Because it seemed like a good idea at the time I guess ;)

  5. John Tserkezis

    But it **IS** worthwhile.

    When SOMEONE ELSE is paying for power, maintaintaining the hardware, wears the cost of running and replacement, then it IS worthwhile.

    1. Marc Rogers

      Re: But it **IS** worthwhile.

      In truth the malware author that wrote this probably spent more on electricity while using his laptop to write the code than he's going to net from his evil plan in the next two years.

      It's even more of a failure when you put it in the context of other far more lucrative malware schemes - such as some of the chargeware schemes common to the UK. They can net anywhere from 5 quid to 100 quid in a week. Still gotta admire the ingenuity I guess ;)

      Oh heres a puzzle for you - we found the malware in spanish wares forums in various pirated apps, but all the detections are in France. Still haven't worked out why that is.

  6. Anonymous Coward
    Anonymous Coward

    I've seen bitcoin mining malware before, in a copy of Bioshock Infinite grabbed off 'you do not talk about-'net. That was well targetted: It'd be picked up by gamers, who usually have a powerful GPU. Even though a GPU can't make back the power cost these days, it's still pure profit if someone else is paying the bill.

    Shame they screwed up: They neglected to install a library required to use opencl, so it just resulted in a computer that kept popping up 'DLL not found' errors on boot every time the miner tried to load. So smart, yet so dumb.

This topic is closed for new posts.

Other stories you might like