New Malware Targets Bitcoins To Steal

from the if-your-money-needs-malware-protection dept

It's been fascinating to watch the back and forth discussions about Bitcoin. The big story recently was the supposed "theft" of $500,000 worth of Bitcoins. But, perhaps a lot more interesting is the report of new malware specifically targeting Bitcoins. The malware specifically looks for a Bitcoin wallet, which it then looks to email to a specific server. Among the many concerns people have raised about Bitcoins, this one hadn't received that much attention earlier, but could potentially scare a lot of people. The lack of traceability is one of the selling points, but it also has a downside in these types of situations.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: bitcoins, malware


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. icon
    Josh in CharlotteNC (profile), 17 Jun 2011 @ 1:26pm

    Just like cash

    Your BitCoin wallet holding your BitCoins is no different than a physical wallet stuffed with cash. That's made abundantly clear if you read the FAQs on the BitCoin website. If you leave either wallet sitting out in the open (physically or digitally), you're gonna lose it, and recovering cash - good luck with that.

    So, if you take precautions with cash, and your online bank account and credit card info, you need to take them with your BitCoins, too. A significant difference between an online bank account and your BitCoins is that you are in 100% control of all the information related to your BitCoins. You don't have to worry that after buying something from a merchant, that they'll save or leak your credit card number and its out in the wild.

    Say you mine BitCoins on a Windows box that's connected up to the Internet. When you mine one, it goes to the wallet file on that machine. Get a non-networked Linux box for your "real" wallet, and transfer any mined coins from one to the other.

    link to this | view in thread ]

  2. icon
    :Lobo Santo (profile), 17 Jun 2011 @ 1:44pm

    well,

    Obviously they got what they deserved for not using a secure Linux system.

    link to this | view in thread ]

  3. icon
    PrometheeFeu (profile), 17 Jun 2011 @ 1:56pm

    Well, if you keep 1/2 million dollars in cash in your house, and somebody breaks in and takes the money, you can't magically wave your hand and get it back. Security is one of the reasons why we put our money in banks and it's the same thing with bitcoins.

    link to this | view in thread ]

  4. identicon
    Bengie, 17 Jun 2011 @ 1:58pm

    Re: well,

    Win7 was harder to remotely hack than OSX or Linux at all the recent conventions.

    If people want to be safe with their coins, make a separate account for BC and put deny access to everyone else on the BC wallet file. Then you can run BC as that user and no malware you randomly decide to install will get your wallet.

    If people didn't randomly install crap on their machines, they would get malware.

    link to this | view in thread ]

  5. identicon
    Anonymous Coward, 17 Jun 2011 @ 2:01pm

    COINcidence? I don't think so.

    First the government targets Bitcoins, then all of a sudden this malware springs up. Hmmmm...

    link to this | view in thread ]

  6. identicon
    FuzzyDuck, 17 Jun 2011 @ 2:15pm

    Tracibility

    > The lack of traceability is one of the selling points,

    The lack of traceability is a myth. People can follow the stolen bitcoins through the network as each transaction is public. It's going to be pretty hard for the thief to cash it out somewhere.

    link to this | view in thread ]

  7. identicon
    DCX2, 17 Jun 2011 @ 2:19pm

    Re: Just like cash

    That's pretty much what I do for online banking. I found myself a cheap netbook, wiped it clean, installed ubuntu on it, and the only thing I use that netbook for is online banking. It is otherwise disconnected; even the battery is removed, although not for security reasons...it just helps prolong battery life.

    link to this | view in thread ]

  8. identicon
    Anonymous Coward, 17 Jun 2011 @ 2:30pm

    Re: Re: well,

    "conventions" ! = real life.


    Not saying 7 or Linux is easier to "hack" than the other, I'm saying that neither's security should be ranked based on conventions where vendors' interests are at stake more than those that wish to breach them.

    link to this | view in thread ]

  9. identicon
    Anonymous Coward, 17 Jun 2011 @ 2:31pm

    Re: COINcidence? I don't think so.

    It was only a matter of dime before this happened naturally.

    link to this | view in thread ]

  10. icon
    pixelpusher220 (profile), 17 Jun 2011 @ 2:51pm

    Re: Tracibility

    The 'traceability' refers to the physical 'owner' of the BitCoins, not the BitCoins themselves. As you note, the transactions are public and distributed.

    Only if someone validates the BitCoins they are receiving against this list will they be stopped. Just like serial numbers on paper money. Unless you're looking for it, the 'cash' is just 'cash'.

    link to this | view in thread ]

  11. icon
    btrussell (profile), 17 Jun 2011 @ 3:51pm

    Re: Re: well,

    "Win7 was harder to remotely hack than OSX or Linux at all the recent conventions."

    Would have been easier if they had connected to the network.

    link to this | view in thread ]

  12. icon
    umccullough (profile), 17 Jun 2011 @ 4:48pm

    Re: Re: Tracibility

    That's my understanding as well - that the bitcoin block is untraceable once it leaves a person's wallet - but you can track who is sending/receiving them.

    That does little good if 25,000 people receive a bitcoin from this thief - it doesn't mean that those 25,000 people become thieves, just as a store clerk receiving a stolen $20 bill in return for groceries doesn't make them a thief.

    link to this | view in thread ]

  13. identicon
    Anonymous Coward, 17 Jun 2011 @ 4:49pm

    (A non-patentable idea)

    Bitcoin should require a password after selecting an 'account number'.

    So you have all these bitcoin account numbers and you select one. You shouldn't just willy nilly be able to select an account number and then suddenly transfer bitcoins from one account to another. A password should be required and that password should be the password required to decrypt the necessary information to transfer bitcoins.

    Sure, most people will likely choose easily crakable passwords, and bitcoin should give some advice on recommended password parameters, but at least it slows down the process of malicious bitcoin transfers by third party software, which could give a later alerted user time to transfer his bitcoins to an uncompromised account before the password is cracked.

    link to this | view in thread ]

  14. identicon
    Anonymous Coward, 17 Jun 2011 @ 4:51pm

    Re:

    (assuming the malicious software didn't destroy the necessary transfer data or that the user has backups if the software did).

    link to this | view in thread ]

  15. icon
    umccullough (profile), 17 Jun 2011 @ 4:54pm

    Re:

    We're talking about a file on your hard drive here... it doesn't matter if you password protect the file - once malware is in place, you just throw a keylogger on to watch everything the user types.

    You can always encrypt the wallet file, store it offline, or send your bitcoin to a website that "stores" them for you (mybitcoin.com for example)... but that doesn't stop the fact that stored bitcoin can be taken from your machine if you don't protect it somehow.

    link to this | view in thread ]

  16. identicon
    Anonymous Coward, 17 Jun 2011 @ 4:55pm

    Re: Re:

    (also, people on slashdot suggested that people should be diligent and separately encrypt the necessary transfer data with a secure password. No, Bitcoin should have the technology that allows users to encrypt their transfer data built in).

    link to this | view in thread ]

  17. identicon
    Anonymous Coward, 17 Jun 2011 @ 5:07pm

    Re: Re:

    "We're talking about a file on your hard drive here... it doesn't matter if you password protect the file - once malware is in place, you just throw a keylogger on to watch everything the user types."

    Of course, but you assume that all cases of malware intrusion are succeeded by someone typing in all of their bitcoin passwords before discovering the intrusion.

    Also, a password can deter someone with physical access to the computer from simply copying the file over and getting easy access to that information. It gives time for users who periodically transfer money from account to account for security reasons to do so or to discover the intrusion and transfer the money before anything gets cracked. More work is needed to gain access to those coins, that extra work will act as a thief deterrent, and people will weigh the work necessary to steal those coins with the work necessary to earn them.

    Also, malware creators will need to extend more work creating an appropriate keylogger to work with the data transfer software (or if it's a general keylogger they have to spend lots of time looking through the logs, especially if they are looking through the logs of hundreds of users, and by then many of those users could discover the intrusion and transfer the money to another safer account).

    It's like a lock on a door. It won't keep a determined criminal out by any stretch of the imagination, but it's enough to deter many criminals.

    link to this | view in thread ]

  18. icon
    umccullough (profile), 17 Jun 2011 @ 5:19pm

    Re: Re: Re:

    Bah, keyloggers are a dime a dozen these days.

    It's important to note that the bitcoin software is not necessarily a single program - anyone can create their own "secure" bitcoin program if they want (it's open source)... so this problem is likely to solve itself as people actually care enough to do it.

    There's no central authority involved here, so trying to say what they "should do" is sort of pointless, as no one person, or group of people is necessarily responsible for how bitcoin is stored or managed.

    link to this | view in thread ]

  19. identicon
    Anonymous Coward, 17 Jun 2011 @ 5:21pm

    Re: Re:

    "You can always encrypt the wallet file, store it offline, or send your bitcoin to a website that "stores" them for you"

    Yeah, but in order to transfer data, at some time that file needs to be decrypted, and a keylogger can monitor the password necessary to decrypt it. So your 'solution' suffers the same shortcoming just as well.

    link to this | view in thread ]

  20. identicon
    Anonymous Coward, 17 Jun 2011 @ 5:24pm

    Re: Re: Re: Re:

    "It's important to note that the bitcoin software is not necessarily a single program - anyone can create their own "secure" bitcoin program if they want (it's open source)... so this problem is likely to solve itself as people actually care enough to do it."

    I know.

    "There's no central authority involved here, so trying to say what they "should do" is sort of pointless, as no one person, or group of people is necessarily responsible for how bitcoin is stored or managed."

    'They' refer to the bitcoin client developers, and there is a point, to point out the need to create such security features. Yes, they will likely be created anyways, but I was just making a suggestion for discussion purposes since such a suggestion is relevant to the OP.

    link to this | view in thread ]

  21. identicon
    Anonymous Coward, 17 Jun 2011 @ 5:28pm

    Re: Re: Re: Re:

    "Bah, keyloggers are a dime a dozen these days."

    Yes, but general key logs are a time consuming pain to analyze, especially when you have hundreds of them, such extra needed work acts as a deterrent and gives alerted users time to transfer the money to other accounts before it gets stolen.

    link to this | view in thread ]

  22. icon
    Hephaestus (profile), 17 Jun 2011 @ 5:41pm

    The protocol for the bitcoin system is pretty much unbreakable

    The problem lies in the wallet file being clear text, and the client apps being unsecure. What someone needs to do is come up with a client side protocol document like (pdf warning) Satoshi Nakamoto's paper Bitcoin: A Peer-to-Peer Electronic Cash System. This has caused the price of bitcoins to fall by $3 USD, they were at $19 USD three days ago. (Here is a current price chart)

    link to this | view in thread ]

  23. icon
    umccullough (profile), 17 Jun 2011 @ 6:15pm

    Re: Re: Re:

    If it was me, I'd store large quantities of bitcoin offline in multiple wallets (which the guy with 25,000 of them apparently did not bother to do), and then only as much as I need when I'm certain my machine is clean.

    I don't know about you, but I keep my money in multiple locations - some easy to get to (my actual wallet), some in a safe (locked in my house), and some in my bank account (obviously protected by the institution itself).

    That way if someone mugs me in the street, they only get what's in my wallet at the time. If someone breaks into my house (and somehow figures out my safe combination - perhaps because they somehow saw me use it through a window or something), they still don't get what's in my savings account.

    Anyone can do the same with bitcoin, they just tend to be lazy because it's "convenient" to just keep it all in one place, on their trusty, secure computer.

    link to this | view in thread ]

  24. identicon
    Anonymous Coward, 17 Jun 2011 @ 7:11pm

    Re: Re: Re: Re:

    "If it was me, I'd store large quantities of bitcoin offline in multiple wallets (which the guy with 25,000 of them apparently did not bother to do), and then only as much as I need when I'm certain my machine is clean."

    Implementing client based password protection and the above aren't two mutually exclusive possibilities.

    link to this | view in thread ]

  25. identicon
    Anonymous Coward, 17 Jun 2011 @ 7:48pm

    Just use Ukash...

    link to this | view in thread ]

  26. identicon
    Anonymous Coward, 19 Jun 2011 @ 7:12am

    Re: Re: well,

    Win7 was harder to remotely hack than OSX or Linux at all the recent conventions.

    Citation needed.

    link to this | view in thread ]

  27. identicon
    Bengie, 20 Jun 2011 @ 6:22am

    Re: Re: Re: well,

    Not my fault you don't read news. Look it up yourself.

    link to this | view in thread ]

  28. identicon
    Anonymous Coward, 22 Jun 2011 @ 4:19pm

    Re: Re: Re: Re: well,

    Not my fault you don't read news. Look it up yourself.

    The news said you were a liar. Look it up yourself.

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.