Yahoo Virus Converts Millions Of Computers Into Bitcoin Mining Slaves

Tyler Durden's picture

A few days ago it was revealed that numerous European users of Yahoo, as many as two million, had gotten infected with malware from virus-laden ads served by Yahoo's homepage during the period from December 31 to January 3. The company admitted as much when it revealed that "From December 31 to January 3 on our European sites, we served some advertisements that did not meet our editorial guidelines – specifically, they spread malware." Users in North America, Asia Pacific and Latin America weren't affected, Yahoo said. Nor were users of Apple Macs or mobile devices. "We will continue to monitor and block any advertisements being used for this activity," the company added. "We will post more information for our users shortly." What was not clear is just what function the ad virus served. According to the Guardian, the purpose of the most prevalent virus spread by the website was to convert the infected computers into Bitcoin mining slaves.

According to the Guardian, "some of the malware would turn PCs into bitcoin miners - a huge drain on its computing resources - without users' knowledge. Yahoo has been criticised for not saying how many people could be affected or doing anything to help those with the malware, which attacked flaws in Java modules on systems."

As a reminder, in "A trip through the Bitcoin mines" we showed just how extensive the capital requirements can be for any legitimate Bitcoin mining operation, where the distributed calculations used to extract new Bitcoins have now risen to a stunning 10 quadrillion per second.

So what is an enterprising hacker in need of some quick cash, but unwilling to spend the CapEx for procuring the expensive equipment (especially when buybacks and dividends are so much more attractive, just kidding) to do? Why force others to do the mining for them. This is precisely what the creator of the Yahoo-hosted virus did.

According to Light Cyber, a security research firm which warned Yahoo of the attacks in late December, one of the malware programs delivered in the attack turned the victim's computer into a bitcoin miner. The computer is set to work performing the calculations required to make the bitcoin network run, but the rewards for doing so accrue to the malware writer.


Fox IT, the Dutch cybersecurity firm which first disclosed the vulnerability to the public, estimated that there were around 27,000 infections every hour the malware was live on the site. If the malware was being served consistently for the three days, it may be the case that almost 2 million computers were infected.


Bitcoin is so valuable to botnet owners, criminals who control large numbers of compromised computers, that one academic paper argues that the security of the network is permanently at risk. Philipp Güring and Ian Grigg argue that the currency violates Gresham's Law (pdf), an economic theorem that states that bad money drives out good. Since bitcoin mining is far more profitable done on stolen computers with stolen energy, they argue, it will soon be uneconomical to do it any other way.


"The attack focused on outdated software," says Steve Regan of security site CSO. "The only way for the exploits to work is to have outdated versions of Java on your system. If Java is up to date, then the odds are, you're safe. However, I don't trust Java, so unless you absolutely need it, my advice is to uninstall it from your system. It seems like I see more zero-day attacks aimed at Java than anything else, the risk isn't worth it for me." Zero-day attacks exploit previously unreported flaws in software to install malware or take over a computer.

Mining for Bitcoin was not the only infection.

As well as the bitcoin mining malware, other software installed includes ZeuS, which attempts to steal banking information; Andromeda, which turns the computer into part of a "botnet" for use by third parties, and "adjacking" malware which hijacks the user's browser to click on adverts, thus channeling income to corrupt site owners... Software such as ZeuS lets criminals install Cryptolocker, a dangerous new type of malware which first encrypts the user's files and then demands a ransom, payable in bitcoin, to decrypt them. In most versions of Cryptolocker, the ransom is set at two bitcoins, currently worth around $2,000.

One can only hope that Yahoo, which hosted the ads willingly and apparently without filtering and pre-clearing the ad content, wasn't in on the scheme. To be sure, it has been slammed for keeping users in the dark.

Yahoo has been criticised for not doing more to aid users infected by the faulty adverts. Dan Farber of technology site CNET says that: "At this point, Yahoo hasn't addressed any of the details, such as how the malware exploit got into its Web pages, how many users are impacted, and what victims of the attack should do. The company may still be gathering data."

All in all, a rather ingenious wealth extraction scheme: either have others mine for Bitcoin, or demand a ransom if they want their computer back. We wonder how long until these activities are added to the definition of GDP in the New Normal economy?

The best news, however, is that there are still at least two millions people who use Yahoo.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
ebworthen's picture

Where's Fonestar to tell us this is bullish for Bitcoin?

Temporalist's picture

Ebworthen that isn't fair.  When there are tungsten bars floating around it doesn't mean all gold is bad or all gold "bugs" are thieves and the same should apply to BTC.  Whether you like it or not there cannot be a double standard.

Grande Tetons's picture

Fonestar should be laughing his ass off all the way to the bank...if he is smart...he will be taking profits here. 


Pladizow's picture

What color were these computers?

Skateboarder's picture

PCB Green. You can call me raycizz. but I'm just tellin' the truth, brotha.

fonestar's picture

Anyone using Yahoo deserves to be Bot'd.  I hope the guy running that net made shitloads off those dupes.

nope-1004's picture

Honorable currency you're pushing there dude.....


fonestar's picture

How is a currency honourable or dishonourable?  Beyond stupid, your anti-Bitcoin rants are pathetic.

I don't care how anyone makes their Bitcoin as long as they make it.  These people were already voluntary windoze slaves so I have no objection to someone turning them into Satoshi's slaves.

SISSYFUSS's picture

"I don't care how anyone makes their Bitcoin as long as they make it."

You'd fit right in at 'Wall Street Inc'

May the cog-dis be with you :-)

nope-1004's picture

I'm pro Bitcoin, if it were truly free.  But seems to me a log of every transaction and cyber wallet is not the most intelligent way to stay away from gov't peeps, especially in light of Snowden's disclosure on the level of NSA intrusion.

And I don't buy this notion that a failing electricity grid will kill Bitcoin either.  I just logically look at what the government and banks dislike, which is cash and PM's, and go from there.  If the govvy is open to incorporating Bitcoin and the same corrupt, fascist govvy is my enemy, then simple reasoning follows.


Bearhug Bernanke's picture

I heard dogecoin is taking off too. Such profit.

Grosvenor Pkwy's picture

dogechain fork

much loss

so sad


Stackers's picture


Since bitcoin mining is far more profitable done on stolen computers with stolen energy, they argue, it will soon be uneconomical to do it any other way.


At current difficulty levels, it would take 2 million desktop computers running normal graphics cards MONTHS to generate one single bitcoin.


The purpose built ASCI miners have made the difficulty go exponential and can not be matched by desktop GPU's anymore. Even millions of them mining into a single account would not generate any kind of real returns. A single desktop graphics card at today's difficulty would literally take 6 months to mine 0.01 bitcoin

digi's picture 

Bitcoin will adopt that anonymous feature or another coin will and we will be talking about it in a few years and not bitcoin.

wee-weed up's picture



Bitcoin... the new VD.

Are you infected?

Handful of Dust's picture

Yahoo becomes malware's bitch.

fonestar's picture

All's fair in love and HaX0r3.

silvermail's picture

"...turning them into Satoshi's slaves"?!

More precisely in slaves of Fed, which is hidden under the guise of an unknown Satoshi.
After all, that's what you meant, is not it? LOL

Woodhippie's picture

A crazy thing happened to me the other day ... had someone show up trying to sell me something and right in the middle of the pitch he wanted me to go mine some gold for him.


I told him to fuck off.

Stoploss's picture

Your currency is about to be declared a cyber terrrrisst....

fonestar's picture

I guess you think Bitcoiners are concerned about their declarations?

sessinpo's picture

fonestar   "Anyone using Yahoo deserves to be Bot'd.  I hope the guy running that net made shitloads off those dupes.


Very emotional response. And what if it happened on a site you used. What if it happened at ZH. Would you then be one of those dupes? And would you be a dupe for buying into bitcoin or because you got infected?

fonestar's picture

I wouldn't get infected.  I don't run windoze and I am too smart.

silvermail's picture

If you actually had a "very smart", then you would understand that Bitcoin - it is product of the Federal Reserve.

silvermail's picture

Bitcoin – a product of the Federal Reserve.
Only the blind can not see it.

Dollar discredited itself in the eyes of the public. The Fed also discredited itself in the eyes of the public.
Of course for Fed was needed make a legend about some Satoshi, buyout supposedly created Bitcoin, and then he is evaporated.

Thus, the Fed shows for fools (which the majority) that Bitcoin - a system that "does not belong to anyone," and "no one is controlled".

But this is absurd. In the world there are no financial assets and payment systems that have no legal owner,
with a specific name, surname and ID number.

All that is in front of the prefix "The global World or International" - it is the property of the United States. Or controlled by the United States.
Everything else - the local and minor.

Federal Reserve no longer need gold. Now they have a Bitcoin. As soon ends era the first fiat money - the U.S. dollar, immediately begin the era of other fiat money under the control of the Fed - it will Bitcoin.

Bitcoin system has a limit of coins. But Bitcoin system has no limit fragmentation of these coins.
Crushing coins Bitcoin to infinity - it's the same exact Monetary Emission, like printing FRN.

One of the main objectives of Bitcoin - it distract investors from investing in gold and silver.
Bitcoin today is the main enemy of the PMs and the main instrument of the Fed for to suppress the price of PMs.

unrulian's picture

if you like your processor, you can keep it

SafelyGraze's picture

I can practically hear them laughing

spoiler:  the ceo laugh lasts

zaphod's picture

Your average dedicated CPU miner does 2Mh/s. If a hacker gets control of 2 million computers that equals 4Th/s at best. 

This is no better than a single ASIC miner or two today. Basically standard computers are useless for bitcoin mining, the currency has moved beyond that.

The network is fully secure and fine, thanks for the FUD though.


fonestar's picture

Windoze abusers + Yahoo == my pants are down around my ankles, rape me please!!

Papasmurf's picture

Windoze abusers + Yahoo == my pants are down around my ankles, rape me please!!

"Sent from your iPhone"

silvermail's picture

The Fed and Wall Street, rape you every day with the help of deceptions, manipulations and now with Bitcoin.

Is this not enough for you?

DoChenRollingBearing's picture

zaphod, thank you again for your kind assitance a week or two ago re BTC encryption, etc.

That may be part of my "Part Seven", which might finish off my BTC articles.

Kirk2NCC1701's picture

Beeblebrox for President!


margaris's picture


I'd suspect that the malware was trying to steal the user's wallet.dat and not do any mining, because mining with a cpu is completely idiotic at this point in time.

Even mining with an ASIC is considered a waste of time and money by many, because you could rather just buy the Bitcoins directly instead of investing the money in miners and hoping you can return the investement, in the end it's the same result.

silvermail's picture

I think this is just another viral advertising Bitcoin.

fonestar's picture

Why would I "take profits" (sell Bitcoin) dumbass?  How does this effect Bitcoin or Bitcoin's value at all?  Oh right, it doesn't....

Grande Tetons's picture

Well, the reason is profits on a winning trade and keep some of your original investment on the table.  

Taking profits has nothing to with value and everyhting to do with generating wealth.  

How many Canadian bagholders got fucked by not taking profits on Nortel? Bitcoin may be future...who knows...but there is nothing wrong with taking some chips off the table. 

jcaz's picture

Don't bother, dude- you're already way over Fonestar's head....

Plus- you can ever sell in a Ponzi......

fonestar's picture

Another pathetic lemming, clueless about P2P.  Spent the last ten years living in a closet.

silvermail's picture

Skype and torrent also based on P2P. But this does not make them orphaned, self-managed, decentralized, anonymous and safe.

sessinpo's picture

fonestar   "Why would I "take profits" (sell Bitcoin) dumbass?  How does this effect Bitcoin or Bitcoin's value at all?  Oh right, it doesn't...."



You don't take profits or losses to effect the the price of any market. You take profit or loss to effect your own account despite the market. Your emotional reponses to defend bitcoin makes one really see bitcoin is a bubble or a market not worth being in.

fonestar's picture

Hahaha..... "a bubble" what a pathetic joke.  I guess cars are in a bubble, horse buggies are going to make a comeback any day now!

silvermail's picture

And for this reason you are willing to pay money for a ticket to a virtual spaceship? LOL

silvermail's picture

Each adult who believes in fairy godmother, wizards, Satoshi and bitcoin - should go to a psychiatrist to be checked.