Redditor Details Scheme to Use USB Stick to Infect Random Computers With Ethereum-Mining Virus

As ethereum’s price keeps rising, wannabe cybercriminals are trying to find ways to make an easy buck at the expense of others.

Jun 23 2017, 4:16pm

Image: Motherboard

Unless you've been living under a digital rock, you've heard—a lot—about ethereum. It's an upstart cryptocurrency that might soon overtake it as the world's most popular.

Ethereum is the cool kid in the cryptocurrency town right now—its value is up 3,000 percent since the beginning of the year and everyone wants a piece of the pie—especially wannabe criminals and fraudsters, who are starting to take a lot of interest in the cryptocurrency. In the latest example of innovative crypto schemes, a redditor says they're trying to get their piece of the pie by developing malware that will infect computers and enlist them into an illegal ethereum-mining botnet.

Read more: An Idiot's Guide to Building an Ethereum Mining Rig

"I've been mining Ethereum for a few days now," the redditor, who goes by RoXxorBot, wrote in a post on a subreddit where people usually post hacking news or requests for help breaking into their girlfriend's Facebook accounts (reminder: This is illegal and creepy. Stop it). The redditor, however, quickly realized that the computing power of his machine alone wouldn't cut it.

"I see the benefits of pool mining. The only issue is that I don't have 10 computers to run to actually profit from this."

That's why they want other people's help—without asking their permission. The redditor says he wants to create a "virus" that installs an ethereum miner through a malicious USB stick. Tricking people into plugging booby-trapped USB sticks into their computer is a common method of spreading malware, and it can be used for targeted attacks such as Stuxnet, but doesn't scale.

"All it would take would be modifying a few lines of code here and there," they write, "and you've got yourself either an ethical tool to quickly get your mining rigs up and running, or you've created a botnet."

To be clear, this probably ain't ethical, and it's certainly illegal under the Computer Fraud and Abuse Act, which forbids "unauthorized access" to other people's computers.

Sneaking malware that surreptitiously mines cryptocurrency has been done over the years. Most of the time, it's bad guys using malware doing it, and there have been countless examples of it. Other times, it wasn't even that sneaky. In 2015, the popular Bittorrent client uTorrent started shipping a cryptocurrency miner hidden within its regular client, with the goal of using its customers' idle computing power to surreptitiously mine Litecoin.

In an online chat, RoXxorBot was unusually forthcoming about their intentions. They outlined their plan to play the "Ponzi scheme" of cryptocurrency by taking other people's computing power.

"People steal power for growing marijuana, so people can steal computation power for direct currency," they said.

The redditor also said that for now he's essentially crowdsourcing by posting on various forums by pretending to just need some help with a legit mining operation.

"I'm looking for more people to get involved, because with more people assisting with things, more people can get some profit rolling into their accounts," they said. "First with a virus, to [garner] some people's attention and the proper coders with the skill to work on something bigger, and then we move on to something bigger."

RoXxorBot added that at least initially, his goal is to use "deception" but in the long run he wants to create a "legal" scheme "marketed exclusively to newbies to the mining scene."

This plan will probably not work. For one, using malicious USB sticks isn't a great way to spread malware at scale. But just in case, be very careful about sticking unknown USB sticks into your computer.

Get six of our favorite Motherboard stories every day by signing up for our newsletter.