Menu
Crimeware kit includes Bitcoin, Litecoin miner module

Crimeware kit includes Bitcoin, Litecoin miner module

Atrax, sold for $250, offers a variety of other potent plugins

A new malicious software program, advertised for sale on underground forums, claims to mine and steal bitcoins, according to a Danish security company.

The Atrax malware is notable for its low US$250 price and use of TOR, short for The Onion Router, a privacy network that makes it difficult to track communications, wrote Jonas Monsted of CSIS in a blog post.

After seeing it advertised on Web forums, CSIS is looking for an active sample of Atrax to get a fuller understanding of its capabilities, Monsted wrote.

"We are looking at a new crimeware kit with a lot of different functions and plugins," he wrote.

Atrax, which is the name of a class of poisonous spiders found in Australia, falls into a class of "commercial" malware, created by coders and sold to other cybercriminals. Monsted wrote that Atrax comes with free updates, supports and bug fixes.

For an extra $110, Atrax's creators are offering a "stealer" plugin, which is capable of stealing bitcoin wallet files, which are small data files containing bitcoins.

Bitcoin software clients vary, and some wallet files require a password. But it appears Atrax would likely be capable of acquiring that password as well.

Atrax also has a virtual currency mining plugin, which costs $140. The plugin uses a victim's computer to mine for both bitcoin and litecoins, a spinoff virtual currency modeled on bitcoin.

Atrax communicates with its controllers using TOR, which encrypts outgoing information. Encryption masks information leaving a computer, making it unintelligible unless decrypted. Atrax's large file size, 1.2 MB, is apparently due to its TOR integration.

Another module costing $90 can conduct DDoS (distributed denial-of-service) attacks, including UDP and TCP floods, HTTP-based "slowloris" and RUDY attacks, Monsted wrote.

For $300, Atrax can include an HTTP POST form grabber, which will capture information entered on websites such as PayPal, Amazon, eBay and Bitcoin exchanges including Bitcoin.de and Mt. Gox.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags malwareExploits / vulnerabilitiesCSIS

Featured

Slideshows

EDGE 2018: Kiwis kick back with Super Rugby before NZ session

EDGE 2018: Kiwis kick back with Super Rugby before NZ session

New Zealanders kick-started EDGE 2018 with a bout of Super Rugby before a dedicated New Zealand session, in front of more than 50 partners, vendors and distributors on Hamilton Island.‚Äč

EDGE 2018: Kiwis kick back with Super Rugby before NZ session
EDGE 2018: Kiwis assess key customer priorities through NZ research

EDGE 2018: Kiwis assess key customer priorities through NZ research

EDGE 2018 kicked off with a dedicated New Zealand track, highlighting the key customer priorities across the local market, in association with Dell EMC. Delivered through EDGE Research - leveraging Kiwi data through Tech Research Asia - more than 50 partners, vendors and distributors combined during an interactive session to assess the changing spending patterns of the end-user and the subsequent impact to the channel.

EDGE 2018: Kiwis assess key customer priorities through NZ research
Show Comments