Is the threat of computer malware to steal Bitcoin exaggerated?

12

6

Some months ago I put a small amount of Bitcoin into an account and wrote the address and private key into a text file. I have left on my computers and on those of a couple of friends. The money hasn’t been taken.

Where does the main danger come from? Screenshots, key-logging or what?

My main motive in asking this is that I use bitaddress.org offline to generate addresses, but without using Ubuntu or taking out my hard drive. I never copy my private key onto the clipboard, and I wonder whether the danger I face of having my coins taken - particularly if I store more in this way - is real or merely highly improbable?

Peter

Posted 2014-09-01T10:03:17.233

Reputation: 421

Peter - that text file is surely a ticking time . Imagine your machine is a minefield. Every single wallet address,. Dat and encryption protocol you use is a loaded mine. The main threat is the fact that your compounding your vulnerability manyfold; 1st, you enter other human variables. 2nd, you exponentially increase the chances of a successful breech by multiplying the amount of machines store your same wallets. No, not so much screenshots. Kelloggs are pretty easy to avoid but yes they are problematic. No hot wallet is safe. Period.TheGenesisBloke 2014-09-03T15:49:37.790

Yes, but I should have made it clear that I am leaving it there as a test to see if it is stolen. I think there is one milibit in the wallet! My main interests are: (i) will it be taken (ii) and by which method.Peter 2014-09-04T08:01:56.160

Answers

18

Currently attacks against Bitcoin users can be categorized as

  • "Normal" keylogging malware which stoles credentials to Bitcoin sites and steals Bitcoins from your online wallet (unless you have two-factor authentication). These kind of malware infections generally steal all your passwords, including Facebook, PayPal, and they do not especially target Bitcoin users.

  • Password reuse attacks - if you have used the same password on some other sites, your username and password are stolen or taken from the site and then tried on all popular Bitcoin sites. This may especially happen with shady services like faucets which promise "free bitcoins" if you sign up.

  • Phishing attacks, both via email and Google advertisements. E.g. if you search BlockChain or LocalBitcoins on Google, the first "result" is an advertisement leading to a phishing site. The user gives his username and password on the phishing site, then the site will empty the wallet on the actual Bitcoin site the user thought he/she was logging in.

  • Malware and computer viruses targetting locally installed Bitcoin software. These steal wallet.dat or unencrypted copy of it from the memory when you unlock it.

  • Malicious browser addons (Chrome) targetting popular Bitcoin sites. These may modify Bitcoin receiving address on the page in-fly, so that they can get around two-factor authentication protections set up by Bitcoin sites.

  • Malicious Tor exit node attacks - if you want to hide your tracks using Tor network, there are malicious exit nodes which will do HTTPS man-in-the-middle attack using fake security credentials. The web browser warns about this, but an ordinary user may ignore the warning.

  • Social engineering attacks. If you are a "known Bitcoin celebrity" criminals might to attack your personally, by phone calling you and posing as a service operator, police etc. They might go after your ISP, email provider, etc. and try to social engineer access to your email.

  • Very difficult to pull attacks, like rerouting all Internet traffic just to gain access to Bitcoin mining pool IP addresses

There are already 100+ strains of malware targeting Bitcoin users. Because Bitcoins are easy to steal from careless users, it seems to be profitable to include Bitcoin-stealing capabilities in all malware kits. In the light of this, malware threat against Bitcoin users is not exaggerated.

Of course, to get your Bitcoins stolen by malware, you need to get your computer infected. The ways to protect yourself include

  • Do not install applications or browser extensions on your computer from non-trusted sources, especially pirated applications or random download sites which offer Microsoft Windows application downloads. Always download all Windows software from the webpage of the software author. For OSX or Linux use App Store or the Linux distribution package manager.

  • Always keep the software on your computer up-to-date. Nearly every vulnerability widely exploited by cyber criminals has already been patched by the software manufacturer.

  • Use safer operating systems like Ubuntu Linux and OSX instead of Microsoft Windows, to lower the risk to get infection on your computer

  • Use password management software, like KeePassX, and random password on every website

  • Keep most of your Bitcoin holdings offline, on a separate device not connected to Internet

Mikko Ohtamaa

Posted 2014-09-01T10:03:17.233

Reputation: 2 417

Asked: 2014-09-01T10:03:17.233

Viewed: 1 710 times

Active: 2017-10-03T13:38:31.493