Malware Uses Victims' Machines to Mine Bitcoin Until Ransom is Paid

A curious new hybrid of bitcoin-mining malware and ransomware has been discovered infecting PCs.

AccessTimeIconFeb 10, 2014 at 6:28 p.m. UTC
Updated Sep 11, 2021 at 10:20 a.m. UTC

A new Trojan has been discovered by Emsisoft, producer of PC security software. This is no garden-variety Trojan, however, it is a curious hybrid of bitcoin-mining malware and ransomware.

Whereas most ransomware directly attacks your PC or encrypts files stored on its drives, 'Trojan-Ransom.Win32.Linkup' blocks internet access by modifying your DNS and turns your computer into a bitcoin-mining bot at the same time.

Luckily, it shouldn’t be hard to spot when your system has been infected. ‘Linkup’ blocks all internet access bar a bogus Council of Europe website, which will demand personal information and a ‘payment method’ (read ‘ransom’) to unblock your access. Needless to say the Council of Europe has absolutely nothing to do with your internet access and you should not pay anything or enter personal details to regain your service.

In addition to messing around with the DNS, Linkup can also link up to a remote server and pressgang your PC into service as a bitcoin-mining bot. This is carried out via a downloader called 'pts2.exe', which extracts a second file, named 'j.exe', onto your computer. This is, in fact, a popular piece of mining software called 'jhProtominer'.

The damage that is likely to be inflicted by the Trojan is limited. jhProtominer only works on 64-bit operating systems, but, even so, that still leaves plenty of computers around the globe to infect.

Malware losing the mining battle

says it will keep a close eye on Linkup as it evolves. Since it is an unusual mix of ransomware and bitcoin-mining malware, it is in a class of its own. Luckily the company has already come up with a way of detecting Linkup and says that the Trojan should not be too dangerous, provided it does not metamorphose into something more sophisticated.

Bitcoin-mining malware is becoming increasingly common, but developers of these malicious programs are actually fighting a losing battle. As bitcoin's hash difficulty goes up, the mining power achievable with hijacking standard PCs decreases exponentially.

Furthermore, security firms are starting to take notice of the new trend in malware, and just a few weeks ago Microsoft helped destroy the Sefnit botnet, which was also stealing bitcoin mining capacity from people’s PCs. Several other illicit bitcoin mining operations have recently gone the same way.

Malware image via Shutterstock


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.


CoinDesk - Unknown
A New Chapter of Web3: Solana Unveils Smartphone ‘Saga’; Moody’s Downgrades Coinbase

The most valuable crypto stories for Friday, June 24, 2022.

CoinDesk - Unknown
CoinDesk - Unknown
How Are Institutions and Companies Investing in Crypto?

From putting bitcoin on their balance sheets to setting up shop in the metaverse, the ways brands and institutions are investing in cryptocurrencies continues to expand.

CoinDesk - Unknown
CoinDesk - Unknown
Consensus 2022: Hollywood, Colleges, Conferences vs. Crypto

The state of crypto and economics live from Consensus 2022 in Austin, Texas.

CoinDesk - Unknown
CoinDesk - Unknown
Bitcoin se estabiliza cerca de $21K; inversores esperan evitar otra caída el fin de semana

Los analistas se cuestionan si BTC podrá mantenerse por encima del umbral de $20.000 en un clima de desconfianza entre los inversores.

CoinDesk - Unknown