New Bitcoin malware steals Bitcoin wallets: Infostealer.Coinbit

Summary:New malware seeks to exploit one of the few flaws of Bitcoin: Unencrypted Bitcoin wallets.

Well, it was only a matter of time before something like this came along. Following the latest crazy about Bitcoin, new malware has been created to steal a Bitcoin user's wallet. To quote Symantec's Infostealer.Coinbit technical specifications page:
When the threat is executed, it searches for a Bitcoin wallet in the following location: %UserProfile%\AppData\Roaming\Bitcoin\wallet.dat It then attempts to email the wallet to the attacker using the following SMTP server: smtp.wp.pl
This malware exploits perhaps the only facet of Bitcoin that its users have expressed concern over: unencrypted Bitcoin wallets. And since everything is anonymously transferred over the Bitcoin network, if someone were to successfully steal a Bitcoin wallet, there would be no way to tell that they bitcoins they use are stolen vs. mined or obtained through trade. Already, one Bitcoin user has allegedly had hundreds of thousands of dollars worth of bitcoins stolen from them by a hacker. In addition to that and this malware, another potential concern will be those who store their Bitcoin wallets on wide-open indexes on their Web site while having no idea that Google and other search engines can see and index it. This data could then be mined by any searcher using queries like the following: intitle:index.of wallet filetype:dat intitle:index.of "wallet.dat" For a high-level overview of Bitcoin, watch the following promotional video:

 

To read up on Bitcoin further, have a look at our exhaustive Bitcoin resource right here on ZDNet. Source: Techdirt -Stephen Chapman SEO Whistleblower
Related Articles:

Topics: Malware, Security

About

Stephen is a freelance writer and blogger based in Charlotte, NC. His contributions to ZDNet cover topics related to security, gaming, Microsoft, Apple, and other topics of interest with a tech/SMB skew.

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.