'Watch Dogs' Game Torrent May Be Infected with Crypto Mining Malware

Hackers may be employing a new clever tactic in an effort to enlist powerful PCs into cryptocurrency mining botnets.

AccessTimeIconMay 26, 2014 at 11:44 a.m. UTC
Updated Sep 11, 2021 at 10:48 a.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

Hackers may have started employing a clever tactic in an effort to enlist powerful PCs into cryptocurrency mining botnets.

According to GameCrastinate, a game torrent is installing bitcoin mining malware on the computers of thousands of unsuspecting users. The torrent in question is Watch Dogs, an upcoming AAA title from Ubisoft, which is scheduled to officially launch tomorrow, 27th May.

However, the reports have been questioned by some gamers who claim that they downloaded the same torrent – with no bitcoin mining malware in tow. Of course, this does not mean that the torrent is safe, as some users may have evaded infection through other means.

If it is true, the new approach is a clever one, as it makes life easier for botnet operators on more than one level.

Quality vs quantity

Botnets are supposed to be big, the bigger the better. However, this rule does not always apply to mining botnets.

Infecting an ancient PC with integrated graphics is pointless and to some extent counterproductive. However, gaming PCs powered by high-end graphic cards make a lot more sense – AMD Radeons based on Tahiti and Hawaii GPUs, such as the Radeon R9 290, R9 280 and HD 7900 series, remain a popular choice for many altcoin miners out there.

Nobody would try to download, install and run a demanding game like Watch Dogs on sub-par hardware, so in theory this approach could give the attacker access to a limited pool of PCs, but practically every one of them would have a powerful GPU.

Furthermore, a smaller botnet is harder to detect, and just a few dozen gaming rigs can mine more altcoins than hundreds of antiquated office boxes.

AMD’s market share in the discrete graphics market hovers around 33%, with Nvidia accounting for the rest. In other words, one in three gaming PCs is equipped with a relatively powerful Radeon card, making these a viable mining platform for altcoins based on the scrypt algorithm, such as litecoin and dogecoin.

Pitfalls to the scheme

Using torrented games to spread mining malware makes sense, as it allows the attacker to specifically target PCs capable of delivering a lot of parallel computing performance. Using an unreleased title is a clever choice too, as torrents of unreleased builds tend to be unstable and exhibit performance issues, so the added load of GPU mining could be hidden to some extent.

There are a few problems though. PC gamers are hardware enthusiasts and most of them would notice the telltale signs of mining with relative ease. For example, high-end graphics cards are inaudible in 2D mode, but when they are placed under load, they can by anything but silent, as they ship with one to three fans that throttle up as the GPU starts crunching numbers.

Such an attack should be easily detected and, since it would be associated with a single source in the form of a torrent file, the infected torrent would be easy to trace and eliminate.


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.