Forum Thread: Local Bitcoin Botnet

In studying how bots and botnets work I'd thought I'd post something here for other people curious in the same topic. I work as a computer tech at my local community college and was given the green light by the director to infect 30 of the IT computers with an undetectable bitcoin miner. I convinced him that there is no way to actually make any profit from this method (because of the size and now complexity of bc hashes now) but wanted a challenge that doesn't really damage anything.

I have about 4 others that are curious in this topic and I'd thought posting on here would save us some time in figuring out which programs actually work and which skills we would need.

All the computers range from Win Server 2003 to Windows 7. Any advice or guidance is very appreciated!

Join the Next Reality AR Community

Get the latest in AR — delivered straight to your inbox.

8 Responses

Provided that you really have a green light, I may advise you to move to a scrypt coin or CPU minable coin rather than bitcoin. I'm a little behind on latest cryptomarket news, but first things first:

what kind of hardware is that (processor type, any gpu?).
Then, do you already know how mining pools and exchanges work ? Have you ever used cgminer or similar ?
Ever setup a wallet ?

Hardware is pretty old since they are throwaway computers. They range from Pentium 4 to Core2duo. GPU are nonexsistant/scarce. I've worked with cgminer but that would be me just installing it and joining a pool, wouldn't it? I was unaware of embedding cgminer or something similar in a program or the possibility of running it without having it appear as a process (which i don't know if it's possible)

I've setup a wallet in the past and I am familiar with the operations of mining pool but fairly uncertain about exchanges.

Well, either you join a pool, or you mine solo. And mining solo is pretty unefficient unless you have strong hashpower. Let's say a block gives 100 coins, and it would take you an avg of 100 days to get one. So 99 days you still have 0 coins, the next day you have 100. But you have to keep mining for 100 days before seeing a payout... While pooled mining allow you to mine for 3 days and pay you little less than 3 coins, right on. Those calcs are pure speculation, also they are probabilistic, so mining solo could get a block even in 70 or 80 days if you're lucky... still, it could take 120 or more.

Constant payout is better, you can stop anytime your operation and still have some coins. But you could start choosing a CPU coin and run with only one machine, see the hashpower and multiply for machines in network (rough average..), then see if it's any coin that is actually exchanged for bitcoin in a reputable marketplace ( Cryptsy has been going for years, while most others were just scams than ran away with your schekels) and see if it's worth solo VS pool.

Also keep in mind that mining is very resource exhausting, and your pc won't be usable it you go full speed, so you might want to tune it or just run as screensaver when pc is idle.

Cgminer and other miners in general are recognized by the antivirus to prevent malware bundling, so you will have to compile your own and/or make it undetectable. But if your sysadmin is allowing this, he could as well make an exception in the antivirus to let it pass thru. Or you can use a rootkit to hide the process and network traffic associated, but this could open more security risks to your college network, I would not advise this.

A little addition:

While running your tests, you should use a power meter to measure the increase in power consumption from the average computer use, multiply for number of machines and days you want to run the operation, and see not only if it's worth it, but if you're still allowed to do it. Or be prepared to pay the bill..

Ok thank you for that triphat, that has really cleared things up in how to tackle the challenge. Ideally, i wanted to just get the bot on it undetected over the network through a SOHO router that I controlled, and it wouldn't even have to mine. But it would be nice to have the power to command all the computers to mine if desired. I wouldn't actually want to make a profit from this project as me and potentially others could get kicked out of school for it if discovered.

I would be isolated from the outside world as it's my sandbox area, so I think the rootkit option is something that appears to be the coolest option. Now I only need to figure out how to do that, but there are plenty of resources of that online. Thank you for pointing me in the right direction, triphat!

Cgminer actually had a way to remotely control it and it worked like a charm. Starting, stopping, tweaking, checking multiple clients at once. I built my own interface in a blaze. I don't know about other miners but if ever, check it out because it was good when I had a couple machines, it would be mandatory if you control 30 !

In your case, you could make it listen for broadcast traffic for C&C so you can control all at once, spoof the source and don't get caught, but I thought you had the permit to do so, so not sure if this could help.

Also, even if you tunnel with your router, somehow packets will exit the network and admins will see. Mining has a precise signature and their IDS will likely catch it (mining at college is old news, I bet they know about it). You could route all mining traffic to the pool to your own personal mobile network but again, that would look like a high profile hack rather than just an experiment. I don't get what you mean with 'my sandbox area' but if what I said has been helpful, I'm glad of that, you're welcome.

Good luck and don't mess up !!

I have permission, if and only if, the project didn't create profit, then that was punishable. By sandbox, i mean it's an isolated LAN (I live in the mountains so a sandbox is the closest i get to a beach, haha)

I didn't know cgminer could do that! Thank you so much triphat, you've seriously shaved weeks of trial and error. I would love to try your method, sounds so awesome!

So when the computers are listening for broadcast traffic, what program am I using to broadcast the command? And how does that work? I appreciate the guidance! Thank you again!

Well this project will technically generate a profit... but you can always donate the income to the school or buy it a raspberry for the lab with that money.

To use the broadcast commands you could write a little wrapper program in C to bundle with the miner that listens for broadcast and issues command to the local server. Or just make it in python with scapy, that would be way faster to implement. You'll have to install some more libs on each computer, but will speed development a lot.

Dang. Thanks Triphat, you're the man. I love using python so I'll go that route! Post your wallet so I can donate one day. Not from this project but maybe a home project of mine :)

Share Your Thoughts

  • Hot
  • Active