| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 19 Jul 2011 15:58:49 -0400
From: Peter Dawson <slash.pd@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Hacked servers mining for bitcoins?
I think that Bitcoin to (linden$ ) L$ | USD is another method of morphing
the economics to support real vector values.
Bitcoin's design allows for pseudonymous ownership and transfers and thereby
making it attractive space to begin with. Plus with an overall growth
anticpated to be approx $21M, it is lucrative for small black transaction
...just saying
/pd
On Tue, Jul 19, 2011 at 3:21 PM, Chris M <chris@...lroute.net> wrote:
> Yes, it is well known that certain individuals are using compromised *nix
> servers particularly to run bitcoin miners into pools. Its only been
> happening for.. a long time.
>
>
> On Tue, Jul 19, 2011 at 8:20 PM, Zach C. <fxchip@...il.com> wrote:
>
>> Hmm -- that's interesting. I wonder if it would be possible/feasible to
>> build a botnet in this fashion that would overtake legitimate bitcoin nodes
>> in terms of CPU power. (You probably know what would happen then)
>> On Jul 19, 2011 12:11 PM, "Robin" <robin@...ec.net> wrote:
>> > Had to deal with a server today that had been hacked (still running
>> > realVNC 4.0, so there's that lovely bypass exploit released 4 years
>> > ago). This server was an exchange/domain controller for a small
>> business.
>> >
>> > Not much seemed to have been done to it. From the looks of it, all the
>> > attacker had done was make themselves a new account (domain user, local
>> > admin, username 'sys'), and had then logged into it, downloaded the
>> > Ufasoft bitcoin miner from a russian file sharing site, and then run it.
>> > The file was called `mmc.exe`, and was saved in the new account's `My
>> > Documents`. No other attempts to hide what was being done.
>> >
>> > Has anyone seen this before? Can you make more money from generating
>> > bitcoins on a hacked server than sending spam from it? The value of
>> > bitcoin is usually offset by the cost of generating it, but if you're
>> > using other people's resources to do it, it suddenly seems much more
>> > attractive. This looked like a fairly amateur attempt, so it could be a
>> > one-off skiddy, but maybe others will follow...
>> >
>> > ~Robin
>> >
>> > _______________________________________________
>> > Full-Disclosure - We believe in it.
>> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> > Hosted and sponsored by Secunia - http://secunia.com/
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>
>
> --
> I’m a hot-wired, heat seeking, warm-hearted cool customer, voice activated
> and bio-degradable. I interface with my database, my database is in
> cyberspace, so I’m interactive, I’m hyperactive and from time to time I’m
> radioactive.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists