Kaspersky Lab researchers recently came across a Skype malware campaign that leverages infected machines to mine Bitcoins. According to VirusTotal, only 9 of 45 anti-virus solutions currently detect the malware, which Kaspersky identifies as Trojan.Win32.Jorik.IRCbot.xkt.
Most victims currently live in Italy, Russia, Poland, Costa Rica, Spain, Germany and Ukraine — and there are a lot of them. At this point, according to Kaspersky, the campaign is generating more than 2,000 clicks per hour.
Once a machine is infected, the malware connects to a command and control server in Germany and downloads several other pieces of malware from file hosting site Hotfile.com.
Among other things, the malware turns the infected PC into a Bitcoin miner. “It abuses the CPU of infected machine to mine Bitcoins for the criminal. … If you see your machine is working hard, using all available CPU resources, you may be infected,” writes Kaspersky Lab’s Dmitry Bestuzhev.