The number of infected hosts in a Bitcoin mining botnet has continued to climb throughout the first quarter of year, researchers found.
Fortinet found the ZeroAccess botnet was the top threat that its devices turned up between 1 January and 31 March.
In the first quarter, Fortinet researchers tracked 100,000 new infections per week worldwide, with a total of three million unique IP addresses reporting ZeroAccess infections.
The botnet is comprised of devices infected with the ZeroAccess trojan, which carries out click fraud, causing victims to unknowingly click ads that drive money to scammers. It can also instruct infected computers to conduct Bitcoin mining.
An analysis of the ZeroAccess botnet in February by researchers at Luxembourg outfit Malware.lu found Australia was among the top 20 countries worst affected by the botnet.
Bitcoins, which currently are valued at a volatile $120 each, are a form of virtual currency created in 2009 that can be transferred anonymously from person to person online, without going through a bank.
hey are accepted today by some online merchants and can be traded for actual dollars at online currency exchanges, such as MtGox.com.
Bitcoin mining is a tactic used to earn more of the currency by using computers' computational power and open-source software to complete mathematical puzzles that solve "blocks," or files that hold records of recent Bitcoin transactions that have not yet been recorded.
Rewards of new Bitcoins are given for each block that is solved, thus making mining a far more cost-effective way to amass Bitcoins.
Fortinet security strategist Richard Henderson told SC the ZeroAccess' authors were actively hiring outside groups to spread the malware.
“They are so confident that they are charging five times the going rate [for infections],” Henderson said.
“They are paying them $500 per 1000 infections. As soon as the [ZeroAccess] infection takes place, they are already paid. They must have a lot of money in the bank to do this, so they are making a lot off of the ZeroAccess botnet.”
Last September, research from Sophos showed that the ZeroAccess botnet owners were earning up to $100,000 a day from their Bitcoin and click-fraud scams. At that time, the botnet's size was estimated to be around one million machines, with more than 50 percent located in the United States.
Fortinet's research did not include a geographical breakdown of the botnet, but the firm did confirm that the network's earning power has remained as high as $100,000 a day.