There are evil doers on the Internet, and they’re after your Bitcoins.
Network security vendor Fortinet has released its quarterly threat report for the three months ending March 31, and its top reported threat is ZeroAccess, the Bitcoin mining botnet. According to the vendor, the Bitcoin attack is showing no signs of slowing down.
“In the first quarter of 2013, we have seen owners of the ZeroAccess botnet maintain and expand the number of bots under its control,” said Richard Henderson, security strategist and threat researcher for Fortinet’s FortiGuard Labs, in a statement. “In the last 90 days, the owners of ZeroAccess have sent their infected hosts 20 software updates.”
Fortinet calls ZeroAccess the number one botnet threat identified by reporting from its FortiGate devices deployed in networks worldwide. It’s used primarily for click fraud and Bitcoin mining, as as the value of the digital currency increases such exploits are likely to increase. Fortinet estimates ZeroAccess has likely made its creators millions of very real dollars.
“As Bitcoin’s popularity and value increases, we may see other botnet owners attempt to utilize their botnets in similar fashions or to disrupt the Bitcoin market,” Henderson said.
Fortinet is observing 100,000 new ZeroAccess infections per week and almost 3 million unique IP addresses reporting infections, and estimates ZeroAccess may be generating its owners up to $100,000 per day in fraudulent advertising revenue.
The report wasn’t all Bitcoin-related, though. A massive malware attack targeted South Korean banks and television networks in March, apparently using the Viper malware. And two new aware variants were identified propagating on Android devices, Android.NewyearL.B and Android.Plankton.B.