Malicious bitcoin mining spreading across Facebook

If you’re on Facebook, beware.

A new Trojan is lurking around the social network and now users are being warned of the malicious virus that could drain their computer power in order to mine for the peer-to-peer decentralized virtual currency bitcoin.

The warning was issued by security retailer Bitdefender, which confirmed that the Trojan is spreading through private Facebook messages from the individual’s Facebook friends. The file reportedly consists of Java code and then proceeds to download DLL files from a Dropbox account and then connects to a command-and-control server. It also downloads a secondary DLL from a hardcoded location and installs a bitcoin miner to start the mining endeavor.

It was first spotted this week and has been seen in Belgium, India, Portugal, Romania and Serbia.

“It reads ‘hahaha’ and contains an archive called IMAG00953.zip with what seems to be a legitimate .jpg image file. It is actually a malicious Java jar file, which is executed on the machine when the user opens it,” wrote Alexandra Gheorghe in a blog post citing Victor Luncasu, Bitdefender Malware Researcher.

“Bitcoin mining is a small fraction of the entire affair. Cyber-criminals can modify the shellcode once every couple of hours. They can push other types of malware without the victim’s knowledge or intervention, depending on what they have in mind with their PCs.”

Help Net Security recommends that Facebook users should avoid opening the “hahaha” and .jpg image files and refrain from opening similar messages on Facebook, the Internet and even text messages.

Other experts recommend installing Bitdefender because it can prevent malware draining a computer’s resources and spam other Facebook users.

Using unscrupulous means to mine for bitcoins has become a common practice over the past several months. There have been numerous reports of cybercriminals hacking to either mine or steal bitcoins and even dogecoins.

For instance, bitcoin mining malware was discovered on Google Play. These were fake wallpaper applications that turned smartphones into bots for their power and intensive computational power to produce the virtual currency.

A United States-based researcher, meanwhile, was banned from using National Science Foundation funded supercomputers at two universities. It was reported that the researcher used the computers to mine for bitcoins and utilized $150,000 worth of computer use.

Of course, there have also been rather unconventional and simple means. There was an incident of cybercriminals breaching standard security video cameras and infected them with malware and used the power to mine for bitcoins.

As the digital currency becomes even more ubiquitous then it is now and the price surges higher there could a lot more news stories of these occurrences taking place. Bitcoin mining has become a lucrative prospect and could be likened to the gold rush that inflicted the U.S. more than a century ago.