Bitcoin-mining linked to malware spread by Yahoo ads

BitcoinHere’s an easy prediction to make for 2014. We’re going to see lots more malware attacks designed to mine Bitcoins on infected computers.

It’s come to light that some of the malware spread over the New Year period via poisoned Yahoo ads was designed to mine the virtual currency.

As you probably know, mining Bitcoins is an enormously processor-intensive activity which ties up the resources of a computer for an extraordinarily long period of time, gobbling up computer power and electricity. Because of this, Bitcoin mining has become a serious business with the more serious miners pooling their resources.

So, if you were keen for some Bitcoins, but didn’t have thousands of computers in your garden shed, maybe you would be tempted to hijack innocent people’s computers with malware instead?

Sign up to our free newsletter.
Security news, advice, and tips.

Israeli security firm Light Cyber said in a press release that their researchers “were the first to discover that among other activities, the malware was attempting to use host computational resources for Bitcoin mining, and were the first to report attack-related files on Tuesday, December 31st.”

I had to roll my eyes a little at Light Cyber’s press release, however.

The company crows about how they the first to detect the malware, having allegedly detected it on December 31st 2013 at 11am UTC, “well before the attack was reported by a Dutch-based security firm and confirmed by Yahoo on Friday, January 3rd.”

However, if Light Cyber were so very smart how come they didn’t warn the millions of potentially affected Yahoo users themselves, rather than leaving it to Fox-IT on January 3rd?

It’s one thing to stop a malware attack hitting your customers. It’s quite another to realise what’s going on at the time, and warn all internet users of the potential danger.

Don’t forget – the malicious Yahoo ads relied upon vulnerabilities in users’ Java installations to infect surfing computers.

It’s essential that you either keep Java properly updated with security patches or disable Java in your browser entirely (note: Java is *different* from JavaScript).


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

One comment on “Bitcoin-mining linked to malware spread by Yahoo ads”

  1. My understanding is that ASICs are so much faster at mining than CPU mining (which is what the malware miners are doing) that even with many thousands of bot-miners, the malware writers are unlikely to mine any noticeable quantity of bitcoins.

    If so, there's a good chance that malware mining will be unprofitable and malware writers will soon move on to doing something else.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.