Security researchers have discovered a Bitcoin mining Trojan that spreads through Facebook to infect computers to use the computing resources for mining cryptocurrency.
According to quarterly threat report from security company McAfee, the Trojan compromises victims' computer through a method called "social engineering."
McAfee security expert Gary Davis said in a blog post, "This particular Trojan tricks victims into thinking their friends are sharing a photo with them via a private chat in Facebook."
"In truth, the file contains a disguised program built to hijack a small part of your computer for Bitcoin mining. After it installs itself, the Trojan sends data back to the main server."
The Trojan tricks the Facebook users into thinking that their friends are sharing a photo with them through a private chat while it contains a malicious programme which is activated once the users click into them.
Once the programme is activated, it sends data back to the main server and hijacks small part of user's computer resources to mine bitcoin.
Though the main purpose of the Trojan is to use infected systems' resources to mine virtual currency, it also installs a backdoor, which in turn allows Trojan to install additional malware in the infected computers.
Most of the popular bitcoin mining Trojans available in the net have been leaked or cracked, allowing others to use these tools free of license, the researchers added.
Since the bitcoin mining has now become resource intensive these days, the hackers want to distribute the mining process to multiple PCs which will help them in creating a network of bitcoin mining machines, which the researchers said it could be a futile exercise.
"But even if we allow a zero cost for hardware and power (the costs of the bots and their power are borne by the victims), the difficulty level of common mining algorithms and the nonspecialized hardware that the malware infects make this a futile effort," the researchers added in the report.
"In essence, botnet sellers are selling snake oil when they say that buyers can profitably mine virtual currencies."
"Further, botnet operators are risking exposure because bot hardware victims are more likely to detect the resource-consuming mining activity."