Incident Response, Malware, TDR

New trojan aims to steal Bitcoin virtual currency

Criminals are targeting the digital currency Bitcoin with new malware designed to steal victims' online wallets, several security firms warned this week. 

A new trojan identified as Infostealer.Coinbit is propagating in the wild and targeting Bitcoin digital wallets installed on computers running Windows, Stephen Doherty, security response engineer at Symantec, wrote in a blog post Thursday. The malware attempts to locate a user's Bitcoin digital wallet and email it back to attackers.

“We expect that [similar code] will find a way into other malware considering the amount of attention this sort of attack is currently receiving and with the amount of Bitcoins currently available for purchase,” Doherty said.

Bitcoins are a form of virtual currency created in 2009 that can be transferred anonymously from person to person online, without going through a bank. They are accepted today by some online merchants and can be traded for actual dollars at online currency exchanges, such as Mtgox.com.

Earlier this week, a user with the handle “allinvain” posted on a Bitcoin forum that a hacker had stolen 25,000 Bitcoins, theoretically valued at $500,000 at current exchange rates, from his account. The user speculated that cybercriminals made off with the money after using malware to compromise his Windows machine.

"Needless to say I feel like I have lost faith in Bitcoin," the user wrote.

Sean Sullivan, security adviser at anti-virus firm F-Secure, said in a blog post Friday that the malware was being distributed via links sent through a Bitcoin forum chat application.

In light of the malware, Bitcoin users should encrypt their digital wallets and use strong passwords to prevent attackers from using brute-force tactics to force their wallets open, Symantec's Doherty said.

Bitcoin has gained attention recently following a Gawker report on the underground drug market known as Silk Road, where Bitcoins are the standard payment method for heroin, cocaine, LSD and other illegal substances.

Bitcoins also have also been embraced by the hacker group LulzSec, which last week announced on Twitter that it had received a donation of more than $7,200 worth of the currency. 

As a result, attacks targeting Bitcoins are likely to become more prevalent, experts predict.

Researchers at Symantec have warned that compromised computers will likely in the future be used for Bitcoin mining, a way of earning Bitcoins by using a machine's computational power and open-source Bitcoin software to solve cryptographic problems.

The security firm has not identified any botnets being used to mine Bitcoins, but said with a network of 100,000 compromised computers, an attacker could earn up to the equivalent of $3,000 in Bitcoins in 24 hours.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.