Infostealer.Coinbit Trojan Hack Leads to Theft of Bitcoin Virtual Currency

Up until now the bitcoin p2p community was only well known by computer geeks and maybe a handful or two of curious investors.

Recently, after a well-documented $500,000 cyber heist, the virtual currency exchange has quickly gained world-wide notoriety after the hack plunged its value to pennies.

Bitcoin (BTC), a digital currency, was introduced in 2009 and is considered the first decentralized digital currency to gain steady momentum in both use and value. Similar to the dollar, bitcoin's value fluctuates based on demand. However, unlike the dollar, bitcoin is based on a controlled supply that maxes out at 21 million coins and this supply is managed by peer-to-peer networks instead of a centralized bank.

Bitcoin is most attractive to persons wanting to hide their transactions from big brother's (aka government) prying eyes or those seeking to live in a libertarian financial world. One can either buy bitcoins through designated exchanges such as Mt. Gox, the virtual exchange that apparently was hacked, or they can become a miner. Miners or p2p networks generate blocks to verify each and every bitcoin transaction and for this 'work' and use of their system resources, they earn and generate bitcoins. All transactions are recorded and made public and this process plus the imposed $1,000 daily cash out (US dollar conversion) may have salvaged the bitcoins industry from an otherwise plummeting existence.

Suspicious trading on Sunday at Mt. Gox preceded an outcry that following Monday from a bitcoin forum member named 'allinvain' that his wallet full of 25,000 bitcoins (current exchange rate valued them at $500,000) had been stolen. The unnamed trader first sold the coins before repurchasing them again and attempting to cash them out. Thankfully the daily cash out limit of $1,000 was enforced, leaving many to wonder where the remaining bitcoins where being stored and how the heist was made possible.

Mt. Gox subsequently confirmed the user account had been compromised through the use of a Trojan horse and that hackers also infiltrated their system, manipulating the price and stealing vital account data. Upon discovery of the breach, Mt. Gox suspended all transactions and secured all accounts, although it could not keep the price from plunging from $17.50 USD down to $.01 USD. Reports indicate that the remaining coins are being secured by Mt. Gox, which Iím sure is a relief for supposed owner and victim Allinvain.

Allinvain's bitcoin wallet was stored on a Windows OS, known to be targeted by malware attacks because of known vulnerabilities. Doubly risky was Allinvain had not encrypted his .dat file.

Cybercriminals look for holes in hardware and software and depend on human behavior and ignorance to Internet safety to help them steal unwary PC users' data, cheat them out of money and compromise their PCs. In this case the Trojan identified as Infostealer.Coinbit was used to infiltrate a system.

Source code for Trojan.Infostealer.Coinbit, malware designed to locate bitcoin wallet.dat files and upload to a remote server, was reported posted on underground forums. Due to the increased value and interest in the virtual currency and its untraceable expenditures, you can be certain cybercrooks will target more bitcoin wallet holders.

If you use bitcoins or are considering joining its community, you may want to use one of the many secured third-party systems to store your wallet. Otherwise, you should ensure you are using good Internet practices that include the following:

1. Keeping your wallet on an encrypted partition.
2. Keeping the 'passphrase' separate from wallet and in an offsite location.
3. Keeping encrypted back-ups in an off-site location.
4. Instead of saving your wallet to a network, just manually copy the address each time.
5. If your wallet is compromised, do not erase but send all the coins to a different wallet instead.

Once malware infiltrates your system, you can count on other malicious programs to follow and continual attacks. In addition to your vital data being stolen, you might incur:

1. Spoofing of your email account and a spammer spamming all your friends and family.
2. Exploitation of a remote assistance tool so a hacker can malicious use your PC to:
   a. Distribute a DNS attack
   b. Mass spam other unsuspecting PC users
   c. Download more malicious programs or upgrade malware to counter combative efforts by the Internet security community
3. A slick interface of some rogue security program simulating a security breach by assaulting you with fake alerts and warnings, so you can blindly hand over your credit card and buy its useless software.

Other ways to ensure your data and PC are protected is by practicing good Internet safety as follows:

1. Keep an up-to-date antimalware solution installed and active.
2. Stay atop of software upgrades that patch known vulnerabilities.
3. Never trust or click on links or download files from unknown sources.
4. Do not pirate, it is illegal and these files are known to be laced in germs.
5. Surf the Internet with caution and stay away from questionable sites (i.e. porn and free gaming sites).
6. Do not open spam and just delete altogether.
7. Spammers are hijacking and spoofing accounts so verify before 'clicking' or responding.