Symantec warns of trojan targeting Bitcoin
By Stewart Mitchell
Posted on 17 Jun 2011 at 14:25
Security experts are warning Bitcoin users to upgrade the security on their accounts after a trojan targeting the online currency was seen in the wild.
Symantec spotted the malware just a day after news that one Bitcoin user had seen as much as $500,000 wiped from the wallet on his hard drive.
“Malware authors move fast and following a recent look at Bitcoin botnet mining, we have seen a trojan in the wild targeting Bitcoin wallets,” security researcher Stephen Doherty said in a Symantec blog post.
I backed up my wallet.dat file religiously and encrypted it, but that does not do me much good when someone or some trojan has direct access to my computer somehow
"This is not surprising considering the potential values in a Bitcoin wallet," he wrote. "We have also discovered source code on underground forums which locates the wallet and, using FTP, uploads it to the attacker's servers.”
According to Symantec, Bitcoin account holders should encrypt their wallets and protect them with a strong passrod to provent a brute force attack.
“We expect that code similar to these techniques will find a way into other malware considering the amount of attention this sort of attack is currently receiving and with the amount of Bitcoins currently available for purchase,” Doherty said.
Potential losses
Whereas other digital currencies and payment mechanisms rely on central authorities and issuing banks, Bitcoin uses a distributed database on user machines to track transactions, and relies on built-in systems to provide basic security functions.
The functions were not enough to protect Bitcoin subscriber Allinvain, who claimed to have had 25,000 Bitcoins removed from his hard drive, with a current value of around $20 each.
"I just woke up to see a very large chunk of my Bitcoin balance gone," a user tagged Allinvain wrote on the Bitcoin forums, although the loss has yet to be confirmed.
"I backed up my wallet.dat file religiously and encrypted it, but that does not do me much good when someone or some trojan has direct access to my computer somehow. I tried restoring an earlier backup of my wallet, but naturally that does not work because the transaction has already been validated."
From around the web
I wonder if the US has anything to do with this ;):
http://www.pcpro.co.uk/news/367912/us-wants-to-kil
l-off-bitcoin-digital-currency
By tech3475 on 17 Jun 2011 
"..and protect them with a strong passrod to provent a brute force attack."
By ckbridge1 on 18 Jun 2011
Don't threaten U.S. dollar hegemony.
Uncle Sam doesn't like it.
By Lacrobat on 20 Jun 2011
advertisement
- Laptop bag reviews: nine tested
- Sony VAIO T Series Ultrabook review: first look
- Revealed: the military standards and robots HP uses to test its laptops
- Windows 8: multi-monitors and double standards?
- Why is TalkTalk's year-old porn filter suddenly big news?
- Why are laptop screens so far behind mobiles?
- HP EliteBook Folio review: first look
- The shoebox-sized all-in-one printer
- Forget the Ultrabook: here comes the HP Sleekbook
- HP Spectre XT review: first look
- Why you have to be left in the dark on OS patches
- Publishing your email address isn't a security disaster
- Why antivirus is fighting a losing battle in your office
- Four year olds used to steal their parents' data
- An acceptable use policy for your kids
- Paying for your crimes with Bitcoin
- Pavement hacking: What it is and how to avoid it
- Google's risky pre-loaded pages
- Mac under attack: how secure is Apple's OS?
- Has your browser been hijacked?
advertisement
