Almost everybody in the Bitcoin scene knows that an increasing amount of cryptocurrency-related malware is spreading through computers worldwide, using them as host systems to secretly mine Bitcoins. One of the most famous affiliate programs out there currently doing this is known by the name of FeodalCash and it has been making headlines in the entire world.

The Russian program actually pays people for the mass installation of malware on other people’s computers, turning the devices into Bitcoin mining bots. Allegedly, FeodalCash has been recruiting new members since May of this year, but these members must be able to prove that they have control over enough Internet traffic to guarantee several hundred installs of the malware per day.

According to XyliBox, a website dedicated to demystificating cybercrime, FeodalCash is a source of malware. However, the platform is denying this accusation, but they also refused to submit their installer program to multi-antivirus scanners like Virustotal. Probably because services like this one share information about new malware samples, making it more likely that the antivirus on the host computers will flag the program as malicious.

Fortunately, there are still those who want to show the truth. The website KrebsOnSecutiry.com submitted the file to Virustotal and, guess what… It came back flagged as a Trojan horse twice!



According to the FeodalCash administrator, the program’s affiliates aren’t allowed to distribute the installer file in any way that violates the law. Nevertheless, we’re not sure about which law he’s talking about. After all, you just need to do the math… It’s not even a matter of solving algorithms, just add two plus two and you’ll see that everything looks really suspicious.

Until now, FeodalCash has attracted at least 238 working affiliates and there’s even a list of these members you can check here with their corresponding Bitcoin wallets. As stated by the website Xylitol, the host PCs that are currently infected with the malware are being enslaved through the Eligius bitcoin mining pool. So far, the infected computers have mined around 140 Bitcoins.

Via krebsonsecurity.com