[candydance]

I was thinking about this too. That "pay us 300 dollars in bitcoins to get a key to your data" virus could be like that.

If the payment -> key sent part was automated then money would just build up in the bitcoin account over time.

[moyix]

You could also automate the backend – set it up so that the botnet could draw on the BTC account to purchase new VPS hosting for its command and control servers, migrate when the old ones get taken down, etc.

Of course, without the creativity to come up with new C&C mechanisms, the pattern of migration and purchases might eventually become predictable enough to stop the botnet.