Old western cowboys beware, this heist didn’t happen with a stagecoach at gunpoint, it’s a new era out there. A user, going by the username allinvain reports he had 25,000 Bitcoins (BTC) stolen when his computer was infected. At the current BTC exchange rate, that haul would net about $500,000. Not too shabby for a single break-in.
In response to my recent blog about how Bitcoins work, David C commented, “I was expecting to have seen the need for Bitcoin users to increase significantly their attention to their security. The wallet.dat contains the money. It is not encrypted. A process can read that file, send the keys out and spend those funds — anonymously. Encryption is coming, but the user still must enter a password on the keyboard.” Well David, it seems you were more prescient than you knew, that’s exactly what reports claimed happened.
One of the difficulties of investigating this type of incident is paradoxically one of the “strengths” of Bitcoin: it’s decentralized and offers reasonable anonymity by design. This also offers little recourse if the report is to be believed and there was, indeed, a theft. Still, allinvain states he was an early adopter of the technology and was saving up to start a Bitcoin-denominated ebay clone, so he may have been more experienced than other more recent adoptees, who wouldn’t be as familiar with the technology, possible pitfalls, and security issues.
There has been some talk about the best method to protect the wallet.dat file that holds the BTC, and we assume it will be forthcoming. What remains to be seen is how quickly the malware crowd will push payloads out to scour users’ computers for the unencrypted file in the meantime. Codepoint commented on my recent blog, “Have seen Zeus trojaner dropping Bitcoin and Miner to bots, confirming that criminal groups are trading in this currency,” so it appears the word is already getting out. Given the lag time between now and whenever the wallet.dat security gets implemented, it seems like a malware windfall, especially for users who don’t keep a keen eye on the latest security patches.
Either way, there is a risk/reward formula for being an early adopter. Early adopters of Confederate States of America dollar probably grew very “rich”, only to have their wealth wiped out later as confidence in the currency vaporized. The trajectory of Bitcoin remains to be seen, and there are bound to be more growing pains. Still, when your wallet with all your money in it is stolen, whether physically, through financial institution fraud, or some malicious actor stealing your wallet.dat, it’s a very bad day.
Author Cameron Camp, ESET