When most people picture a cryptocurrency mining virus capable of infecting millions of Internet of Things (IoT) smart devices, they might envision that the group behind the operation must be filled with some seriously talented, albeit misguided individuals.
While that very may well be the case for most malware, one recent example, known as LiquorBot shows that sometimes more than just technological savvy is needed to craft a successful virus.
LiquorBot was first spotted in the wild by Romanian cybersecurity company BitDefender back in May 2019. Its researchers then began tracking the development of its code—including watching for feature updates and changes. The team found that the virus is a redeveloped version of a widespread earlier virus known as Mirai, but was instead written in a programming language called Golang.
Experience Web 3.0.
Be the first to get Decrypt Members. A new type of account built on blockchain.
Although the bot isn't particularly impressive in terms of technical capabilities, it does make use of a whole host of different exploits and was cross-compiled to work on multiple different CPU architectures including ARM, ARM64, x86, x64, MIPS—allowing it to target a huge range of routers and other smart devices. Likewise, the malware is unusual in the fact that it was active practically all last year, undergoing at least 13 updates since BitDefender began tracking its evolution last May.
Broken from the start
The Russian-designed virus was designed to covertly mine for cryptocurrency and target as many Internet of Things (IoT) smart devices as possible. However, what the developers apparently failed to realize is, the vast majority of IoT devices feature only minimal onboard processing power—making them practically useless for cryptocurrency mining.
The futility of using IoT-based processors for CPU mining has already been covered in-depth by Errata Security, which found that even if 2.5 million IoT devices were infected with a Mirai-like virus, the entire botnet would only generate $0.25 per day for its designers. Moreover, when adjusting this rate to today's values, 2.5 million IoT devices with the same computing power would generate just over $0.07 per day. Maybe it's more of a passion project.