Businesses told to lockdown Bitcoin wallets against malware threat

Businesses considering accepting Bitcoins or other forms of cryptocurrency should be prepared to battle a rising number of malware aimed at emptying digital wallets.

That's the takeaway from a new study by SecureWorks, computer maker Dell's security unit. Researchers found that the number of malware targeted at stealing cryptocurrency from Windows PCs increased along with the rise in value of Bitcoin since the beginning of 2013.

As of January of this year, SecureWorks had identified on the Internet 100 unique families of malware capable of stealing wallet files or digital currency from users' exchange accounts. The increase in the number of cryptocurrency-stealing malware made it "one of the fastest-growing categories of malware," the study said.

While Bitcoin is not the only type of cryptocurrency, it is the most popular and the most valuable. The price has ranged from a high of roughly $1,150 in early December to a low of $420 Feb. 25. Bitcoin's price on Thursday was about $565. Other digital currencies include Namecoin, Litecoin, Dogecoin, PPCoin and Mastercoin.

The recent shutdown of Mt. Gox, which once had the largest market share of all digital currency exchanges, highlights the risk of cryptocurrency traded over the Internet. The Bitcoin exchange closed this month after cybercriminals stole $400 million. The heist is under investigation by U.S. federal authorities.

The rising popularity of digital currency has led to its adoption by retailers. became the first major online retailer to accept Bitcoins, and industry observers expect others to follow. The site SpendBitcoins lists many places on the web where people can spend their digital currency.

To protect the digital wallets used in conducting transactions, SecureWorks researchers recommend the use of a "split wallet," which has a portion of the file on the computer connected to the Internet and the rest on a system with no network connection.

The file kept on the Internet-enabled system would let the business track its running balance and perform transactions with customers. On the offline system is the private key for authorizing a transaction before it is transmitted.

Electrum is an example of a split wallet done through software. Examples of hardware-based products include Hardware Wallet and Trezor, which plans to release its product soon.

By using the proper security, businesses can significantly reduce the risk of accepting digital currency, Pat Litke, security researcher for Dell SecureWorks' Counter Threat Unit, said.

"It's simply a matter of understanding how to do it safely, and that's where the general population falls short," Litke said.

The SecureWorks study found several categories of PC malware targeting digital currency. One form searched an infected system's hard drive for the typical file names used for wallets, such as "wallet.dat." The file was copied and then sent to a remote server.

Another malware family would set up a man-in-the-middle-like attack in which the address of the recipient in a transaction is altered, so the money goes into the thief's account.

Join the CSO newsletter!

Error: Please check your email address.

Tags security

More about DellOverstock.comSecureWorks

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Antone Gonsalves

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts