A couple weeks ago, we told you about the deep internet site The Silk Road, in which people could buy all sorts of illegal drugs using Bitcoin currency. This in turn prompted US lawmakers to look into how to block or take down Bitcoin, but it could be that Bitcoin could take itself down.
Last week, there was the first instance of a major Bitcoin theft, with half a million dollars stolen from someone’s Bitcoin wallet, and now there’s news of a Bitcoin trojan and a Bitcoin botnet.
When the half a mil was stolen, this is what the victim posted on the Bitcoin forums:
First thing that I noticed is that my slush’s pool account got hacked into and someone changed the payout address to this:
I then changed the password and proceeded to run some antivirus and anti malware scans. Some stuff was found, but they were all cleaned up and they were all in my windows user profile temp dir which I deleted all the temp files. God I can’t even type properly. Sorry folks I’m a bit emotional now.
I then left another virus scanner running and went to sleep. When I woke up I check my bitcoin wallet. I leave the client running to help the network, and I notice -25,000 (and a transaction fee) gone.
According to Symantec, the trojan infiltrates your system, locates your Bitcoin wallet file and either emails the verification information to the hacker, or just the whole damn thing.
If you have a Bitcoin account, Symantec recommends using a difficult to guess, encrypted password, but the guy who had nearly half a million dollars stolen apparently did that and it didn’t help. I imagine there will be new Bitcoin security protocols in place after all of this, but it’s also part of the danger of using a wild west system like Bitcoin.