back to article First China banned Bitcoin. Now its crooks are using malware to steal traders' wallets

Cybercrooks have developed a strain of malware that actively targets BTC China and other Bitcoin exchanges. A Zeus P2P/Gameover variant discovered by Trusteer is designed to steal the passwords of traders in the virtual currency. A blog post by the IBM-owned transaction security firm (extract below) explains that the malware …

COMMENTS

This topic is closed for new posts.
  1. Khaptain Silver badge

    Serious Question

    Who in this day and age still for those kinds of emails ? I have a slight suspicion that traders are generally not quite so dumb.

    1. Anonymous Coward
      Anonymous Coward

      Re: Serious Question

      What kind of emails are you talking about? The malware monitors whether you are logging into an exchange and then steals your credentials.

      1. Khaptain Silver badge

        Re: Serious Question

        Mea culpa, I read the article too quickly. What I dont understand is how the malware gets there in the first place ( hence the bad presumption of clicking a link within an email - quite typically it's thru email )

        In fact I just realised the article doesn't mention at all how the malware gets to its target.

      2. Mark .

        Re: Serious Question

        On Bitstamp all withdrawals have to be approved via email. I guess the flaw in that is that they could change the email - on Bitstamp this is only possible my manually contacting the admins. I don't know what kind of checks they do for someone trying to change their password (but it would be easy to say, email the old account, to alert people of someone trying to change an account without them knowing).

    2. Another Eldo

      Re: Serious Question

      Have you met many traders?

  2. Justice

    Hello Friend!

    I am Prince Nabunzi Kamadaria, sovereign of the Made-Up Zafini Province and I need your help to transfer some BitCoins out of my country due to a civil uprising...

    1. Elmer Phud

      Re: Hello Friend!

      Please find enclosed a document showing my credentials.

  3. Matt Bryant Silver badge
    Facepalm

    Oops!

    Looks like there's no honour amongst thieves (or darknetters). That bubble will be popping real soon.

  4. Barbarian At the Gates

    So, what got stolen?

    Bitcoin not being a legally recognized tender effectively makes it no different than, say, "gold mining" in World of Warcraft. Except Bitcoin got rid all those rubbish game mechanics that get in the way.

    If a World of Warcraft account gets raided, you appeal to Blizzard and maybe something gets done to redress it.

    If someone swipes your Bitcoin data file in a jurisdiction that does not recognize it as legal tender...civil lawsuit and attempt to damages based on...?

    1. Alan Dougherty

      Re: So, what got stolen?

      @BatG

      'If someone swipes your Bitcoin data file in a jurisdiction that does not recognize it as legal tender.'

      Except, that no country or jurisdiction recognizes it as legal tender in the first place.

      It is currently treated as a commodity. A digital commodity. One that will not exist, without electricity or internet.

      If you have BTC or other digital currency, then the easiest way out is to find a precious metal dealer that will take BTC for shiny metals.

      Don't wait for BTC exchanges to transfer funds in to your fiat accounts. Spend it with PM dealers that accept BTC and will send you physical PMs.

    2. Mark .

      Re: So, what got stolen?

      Or also no different to a car, house or gold. I don't see how not being legal tender means it doesn't count as theft.

      1. Matt Bryant Silver badge
        FAIL

        Re: Mark Re: So, what got stolen?

        "Or also no different to a car, house or gold......" No. A car, house or gold has a legally recognised value, Bitcoins do not. This will be shown the first time some numptie tries to claim on his insurance for Bitcoin "theft"

        ".....I don't see how not being legal tender means it doesn't count as theft." It's not, at most it would currently be a cybercrime for hacking.

        1. Mark .

          Re: Mark So, what got stolen?

          Okay, you're making a completely different argument to the OP's argument about legal tender and WoW gold, which is what I was addressing.

          The question of whether courts would recognise the value of Bitcoin as legal value or covered by criminal or civil law has AFAIK yet to be tested. Note that being "virtual" shouldn't be a reason (or at least, the same argument could be made for things like digital goods - I would have thought that depriving the owner of the files, or destroying them, would still be covered by criminal and civil law). I would hope that a sane court would see this as covered by criminal law (and not just for hacking, but for the money taken), but there's no stopping a court making a dumb decision. And yes, there is the practical issue that the police may go "What's Bitcoin?" However that's a separate argument.

          Consider the authors of Cryptolocker if they are caught - of course, they're guilty of writing viruses no matter what, but don't you think the police and prosecution are going to try to get as heavy penalties as possible for the extortion charges they made? Do you think the prosecution will argue "They demanded users pay $X to them, and made $Y profit as a result of their activities"? Or do you think they will say "Well it's annoying they encrypted people's data, but it didn't cost anything to decrypt it. They didn't make anything from this, because Bitcoins have no value"?

          And all the Governments saying that Bitcoins are subject to tax - how can that be true, if they have no recognised value? Clearly, the Governments are recognising their value for tax purposes at least.

          Out of interest, is there a concept of "legally recognised"? There might be areas where the question of how much something is worth is questionable (e.g., if someone steals a unique rare art, who decides its value - presumably there is already some means by which laws judge this). But is there an example of something with significant market value, but which is not recognised legally as having value? (Perhaps one example might be things illegal to possess like drugs - I'm not sure if this means it's not possible to be guilty of stealing them, or simply that no one ever gets prosecuted, when you'd both be guilty of possession anyway...)

          Insurance is again a different argument - insurance companies typically write what terms they like about what is covered, so not covering Bitcoin wouldn't mean it isn't theft. Indeed, many insurance companies have rules about how much you are covered for cash, even though cash is legal tender!

          1. Anonymous Coward
            Anonymous Coward

            Re: Mark So, what got stolen?

            Not sure there is an inherent value in a set of bytes which carries no intellectual property or which is not itself legal tender.

            Can a game player who kills another opponent in a game and then steals their virtual gold coins (digital) be prosecuted for theft let alone murder.

            If I place a value on air in my vicinity then accuse you of stealing 1 million dollars worth of air I had self valued would it be preposterous or not?

  5. Al Black

    Bitcoin should be banned

    Since Bitcoin is the currency of the dark web, it should be banned. If no bank or trader will exchange bitcoins for real currency, then it will die a sudden and well-deserved death.

    1. Anonymous Coward
      Anonymous Coward

      Inflation is up 3 lamb chops and a pigs trotter this month. [Was Re: Bitcoin should be banned]

      "Since Bitcoin is the currency of the dark web, it should be banned"

      Better still, let's just ban any currency used for dark, nefarious and murderous purposes.

      Hmm, I own 10 breeding sheep, 3 goats, a pig so I should be OK for a time.

  6. Anonymous Coward
    Anonymous Coward

    I am interested how Bitcoin isnt being dealt with on the various pyramid scheme laws

    Like I said in the title, why is Bitcoin not recognized as a pyramid scheme?

    1. RIBrsiq
      FAIL

      Re: I am interested how Bitcoin isnt being dealt with on the various pyramid scheme laws

      What *I* am interested in is how much you know about BitCoin (and most other crypto currencies).

      Not much, is my guess, since if you did you'd see that whatever else it might be, a pyramid scheme it ain't: all crypto currencies I've looked at have a limited release volume planned. Off the top of my head, about 21 million BTC in the case of BitCoin.

      So, you see, if anything BTC is less of a pyramid scheme than, say, USD... ;-)

      1. Anonymous Coward
        Anonymous Coward

        Re: I am interested how Bitcoin isnt being dealt with on the various pyramid scheme laws

        They are divisible to 8 decimal places I believe so 21 million isn't the whole (pardon the pun) part of the story.

  7. Anonymous Coward
    Anonymous Coward

    Bitcoin computer malware?

    Ban this Bitcoin computer malware immediately ...

  8. Anonymous Coward
    Anonymous Coward

    Man in the browser?

    What if it's mobile browser, is that a lad in the trouser attack?

This topic is closed for new posts.

Other stories you might like