New Bitcoin malware steals Bitcoin wallets: Infostealer.Coinbit

New malware seeks to exploit one of the few flaws of Bitcoin: Unencrypted Bitcoin wallets.
Written by Stephen Chapman, Contributor
Well, it was only a matter of time before something like this came along. Following the latest crazy about Bitcoin, new malware has been created to steal a Bitcoin user's wallet. To quote Symantec's Infostealer.Coinbit technical specifications page:
When the threat is executed, it searches for a Bitcoin wallet in the following location: %UserProfile%\AppData\Roaming\Bitcoin\wallet.dat It then attempts to email the wallet to the attacker using the following SMTP server: smtp.wp.pl
This malware exploits perhaps the only facet of Bitcoin that its users have expressed concern over: unencrypted Bitcoin wallets. And since everything is anonymously transferred over the Bitcoin network, if someone were to successfully steal a Bitcoin wallet, there would be no way to tell that they bitcoins they use are stolen vs. mined or obtained through trade. Already, one Bitcoin user has allegedly had hundreds of thousands of dollars worth of bitcoins stolen from them by a hacker. In addition to that and this malware, another potential concern will be those who store their Bitcoin wallets on wide-open indexes on their Web site while having no idea that Google and other search engines can see and index it. This data could then be mined by any searcher using queries like the following: intitle:index.of wallet filetype:dat intitle:index.of "wallet.dat" For a high-level overview of Bitcoin, watch the following promotional video:


To read up on Bitcoin further, have a look at our exhaustive Bitcoin resource right here on ZDNet. Source: Techdirt -Stephen Chapman SEO Whistleblower
Related Articles:
Editorial standards