First published: 18th August 2011
Bitcoin is an open-source, peer-to-peer digital cash system that uses cryptographic proof-of-work problems to validate transactions. A recent trojan, called Trojan.Badminer, installs a Bitcoin client on the victim's computer, uses it to validate transactions, and sends block reward bitcoins generated to a predetermined location. The bitcoins can be converted to traditional currency at various trading websites. Essentially, the attacker is using the victim's computer to generate money.
Previously in June, a different trojan, Infostealer.Coinbit simply stole bitcoins from the digital wallet on Bitcoin users' computers. Another incident, around 21 June 2011, saw the bitcoin exchange rate drop to almost zero as bitcoins stolen by password guessing were dumped on one of the major bitcoin-to-traditional currency gateways.
The latest attack goes beyond the earlier robberies because stealing computing power to generate bitcoins undermines the economic model of the currency. The Bitcoin model rewards people for dedicating their computing power to the difficult cryptographic task of securing transactions on the Bitcoin network (Bitcoin mining). If criminals steal computing power to generate bitcoins, then the system becomes a way to reward criminals. At the time of writing the US$ / bitcoin (BTC) exchange rate is 10.98999, and some back-of-the-envelope calculations reveal that the cost of electricity to generate a bitcoin is US$17.84 (assuming a fast, efficient GPU, and Uzbekistan's electricity tarrif). Any sane, honest bitcoin miner should turn off their mining rig at those prices.
The situation is not quite as clear as that, bitcoins are generated at a limited rate and the economics of the limited supply is expected to increase the value of existing bitcoins in the future, assuming that usage of bitcoins continues to grow. Therefore, an honest bitcoin miner might decide to continue mining in the face of uneconomic electricity prices, in the expectation they could hoard the bitcoins until the value rose. Conversely, the perception that all bitcoin miners must be crooks could reduce confidence in the currency, making it worthless.
There are other factors affecting mining bots. One is the opportunity cost of using a botnet for bitcoin mining rather than other, proven illicit enterprises, such as DDoS attacks or spam distribution. Another might be the potential for other criminals to target mining bots, attempting to steal their bitcoins.
What of law enforcement? One possibility might be to examine a victim's computer to identify the account it generated bitcoins for, and then trace the transaction record stored in the Bitcoin blocks to identify the first transaction for those coins. The difficulty of doing this, and successfully linking it to a real person, seems extreme and, as the loss to the victim would be a few cents of electricity per day, not worthwhile. The indirect cost of loss of confidence in and collapse of a novel form of currency may be irrelevant to Police investigators used to dealing with traditional currency.