As you probably know, mining Bitcoins is an enormously processor-intensive activity which ties up the resources of a computer for an extraordinarily long period of time, gobbling up computer power and electricity. Because of this, Bitcoin mining has become a serious business with the more serious miners pooling their resources.
So, if you were keen for some Bitcoins, but didn’t have thousands of computers in your garden shed, maybe you would be tempted to hijack innocent people’s computers with malware instead?
Israeli security firm Light Cyber said in a press release that their researchers “were the first to discover that among other activities, the malware was attempting to use host computational resources for Bitcoin mining, and were the first to report attack-related files on Tuesday, December 31st.”
I had to roll my eyes a little at Light Cyber’s press release, however.
The company crows about how they the first to detect the malware, having allegedly detected it on December 31st 2013 at 11am UTC, “well before the attack was reported by a Dutch-based security firm and confirmed by Yahoo on Friday, January 3rd.”
However, if Light Cyber were so very smart how come they didn’t warn the millions of potentially affected Yahoo users themselves, rather than leaving it to Fox-IT on January 3rd?
It’s one thing to stop a malware attack hitting your customers. It’s quite another to realise what’s going on at the time, and warn all internet users of the potential danger.
Don’t forget – the malicious Yahoo ads relied upon vulnerabilities in users’ Java installations to infect surfing computers.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.