Security experts are warning Bitcoin users to upgrade the security on their accounts after a trojan targeting the online currency was seen in the wild.
Symantec spotted the malware just a day after news that one Bitcoin user had seen as much as $500,000 wiped from the wallet on his hard drive.
“Malware authors move fast and following a recent look at Bitcoin botnet mining, we have seen a trojan in the wild targeting Bitcoin wallets,” security researcher Stephen Doherty said in a Symantec blog post.
"This is not surprising considering the potential values in a Bitcoin wallet," he wrote. "We have also discovered source code on underground forums which locates the wallet and, using FTP, uploads it to the attacker's servers.”
According to Symantec, Bitcoin account holders should encrypt their wallets and protect them with a strong passrod to provent a brute force attack.
“We expect that code similar to these techniques will find a way into other malware considering the amount of attention this sort of attack is currently receiving and with the amount of Bitcoins currently available for purchase,” Doherty said.
Potential losses
Whereas other digital currencies and payment mechanisms rely on central authorities and issuing banks, Bitcoin uses a distributed database on user machines to track transactions, and relies on built-in systems to provide basic security functions.
The functions were not enough to protect Bitcoin subscriber Allinvain, who claimed to have had 25,000 Bitcoins removed from his hard drive, with a current value of around $20 each.
"I just woke up to see a very large chunk of my Bitcoin balance gone," a user tagged Allinvain wrote on the Bitcoin forums, although the loss has yet to be confirmed.
"I backed up my wallet.dat file religiously and encrypted it, but that does not do me much good when someone or some trojan has direct access to my computer somehow. I tried restoring an earlier backup of my wallet, but naturally that does not work because the transaction has already been validated."
This article originally appeared at pcpro.co.uk
