SoylentNews is people
SoylentNews
HotHardware.com is reporting that there's a Linux malware in the wild that takes over Raspberry Pi devices and uses them to mine for cryptocurrency...
Linux.MulDrop.14 [scans] for RPis with an open (and default) SSH port, the "pi" user is logged into (if the password is left default), and the password is subsequently changed. After that, the malware installs ZMap and sshpass software, and then it configures itself... to make digital money for someone else, namely the author or the malware, using your Raspberry Pi.
The article focuses on how much your power bill will go up in the course of making money for someone else due to the 100%-CPU-usage nature of mining software.
The existence of such a malware raises the question: Are there enough Raspberry Pi devices connected to the network, but not really monitored, such that there are enough to mine a single unit of cryptocurrency? ARM dev boards are not known for processing power, and the RPIs are no exception.
On the subject of default root passwords for devices intended to be connected to Internet, must this be the case with the RPI, or could they take the route of having an actually installable GNU/Linux instead of an image of an already installed system with insecure passwords?
(Score: 3, Insightful) by ledow on Monday June 12 2017, @12:45PM (3 children)
"The article focuses on how much your power bill will go up in the course of making money for someone else due to the 100%-CPU-usage nature of mining software."
On a 5v 2/3A device? 15W total? My PC probably takes more than that in standby.
You could leave it on for a year and barely reach the same cost as a couple of months of a standard lightbulb being on.
And how much would it generate them? Given the RPi's base clock, not a lot at all.
CPU miners were dead years ago.
GPU miners are dead even.
ASIC miners are only just holding their own and making profit.
You could install it on a million RPi's, make no money out of it, and individual owners wouldn't even notice the difference on the electricity bill, most likely.
(Score: 2) by VLM on Monday June 12 2017, @01:23PM
The local power company would notice. So is it capitalism at work and the botnet authors work for your local electrical company, or is it ecoterrorism where the goal is to make one pi virus emit 1000000 times as much CO2 as the Paris Accords would have reduced or is it a combo of the above as a piece of performance art?
(Score: 3, Informative) by JNCF on Monday June 12 2017, @02:07PM
That's true of Bitcoin. It isn't true of Zcoin yet, or any number of other small cryptocurrencies which can be traded for bitcoins. The only source I found saying that this malware mines bitcoins has redacted the claim (Hackaday). I don't know what it uses, but I doubt it's Bitcoin.
(Score: 0) by Anonymous Coward on Tuesday June 13 2017, @05:06PM
there's nothing insightful about this post. any half-assed attempt at learning about the cryptocurrency space will immediately reveal that there are many coins that are profitable to mine with GPUs. ledow is obviously a slave virus infected windows user.