By Keith Bird, UK MD, Check Point
More and more people are beginning to use cryptocurrency, such as Bitcoin, and more businesses are beginning to accept it. The growing popularity, however, means thieves are also increasingly interested in stealing it.
Cryptocurrency is a digital currency. There is nothing physical—no coins or notes—and it is generated (“mined”) by computers performing complex mathematical calculations. Bitcoin is perhaps the most well-known digital currency currently available, but there are plenty of others, including dogecoin, mazacoin, megacoin, and even solarcoin.
The value of the various cryptocurrencies fluctuates, but for the past few months, Bitcoin’s value has been steadily increasing. This has led many people to perceive it as a viable alternative currency to the almighty Dollar, Euro, and others. It’s a natural progression. More publicity leads to more people buying Bitcoin, which means more businesses agree to accept the cryptocurrency, and the thieves decide the digital currency is valuable enough to steal. It’s important to protect your Bitcoin, because it’s like cash—once stolen, it’s impossible to get it back or to figure out who took it in the first place.
Security Concerns with Bitcoin
According to a recent Dell SecureWorks study, there are already more than 100 unique malware families that have cryptocurrency-stealing capabilities. This list includes malware specifically designed to target digital currency, as well as existing malware that has been modified with new currency-specific functionality. The alarming part about this report is the fact that most cryptocurrency-stealing malware is not overly sophisticated and can be developed by “script kiddies,” or anyone with rudimentary programming skills.
For example, if the Trojan is already designed to steal credentials from online banking sites, it isn’t very difficult to modify its capabilities so that it can also intercept credentials from user Bitcoin wallets or from digital currency exchanges. The malware monitors user activity and starts logging keystrokes only when the user tries to access the cloud-based wallet or to log in to the exchange website to send and receive Bitcoins. The credentials are intercepted and sent to the attacker, who can then use the login information to empty the accounts.
Keeping Your Bitcoins Secure
The most common type of cryptocurrency-stealing malware is the one targeting user wallets stored on the computer. The malware searches for the “wallet.dat” file or other commonly used filenames and directories on the computer. The malware then uploads the entire wallet to a remote server so that the attacker can extract the key and transfer the funds from the wallet to a different account. As Bitcoins are tied only to a certain email address, -no names, no identifying information,- once that money is gone, it can’t be traced back.
If you decide to invest in Bitcoin or other types of cryptocurrency, make sure to exercise good security hygiene and remain vigilant of malware infections. Be careful about what you download, keep your antivirus up-to-date, and watch out for phishing email scams trying to steal your wallet credentials. If you have a firewall or a similar security product installed, you can block the malware from phoning home or trying to transfer out wallet files to a remote server. Protect your email accounts and select strong passwords for your exchange account and for the wallet so that attackers can’t just brute-force their way in.
Eventually Bitcoin and crypto-currency theft could be more profitable than conventional credit card and banking theft, so make sure you take the necessary steps to protect yourself.