Total Members: 14197
Posted by: Samker
« on: 08. June 2014., 08:57:08 »
Bitcoin con artists have a new enemy with the launch of a managed fake wallet system that baits malware lurking on machines into striking too early.
BitcoinVigil was a free pre-fab or custom honeypot that users could deploy onto a machine before using it for Bitcoin transactions: https://www.bitcoinvigil.com/
It functioned as a would-be Bitcoin wallet in a bid to trigger dormant malware to pounce, therefore alerting users to the danger.
Users could download a free ready-made honeypot or build thier own. In a new upgrade users could pay $1 a month for a managed intrusion detection service with alerts sent by SMS or email.
Mexico-based developers Rubem Alcazar, Omar RLópez Orendain, and Eric Spriner were unaware of any Bitcoin-malware which could detect the honeypot and said any bid to ignore the fake wallet could result in lost opportunities to steal legitimate Bitcoins.
"...leaving money on the table is a pretty risky move on their part," they wrote in a FAQ: https://www.bitcoinvigil.com/faq
It required only the honeypot file to be saved on a users' machine.
Bitcoin malware had become as common as dirt and was written for a host target systems.
The best botnets targeted high-end machines, GPUs and Bitcoin rigs to maximise what were shrinking returns for mining efforts.
Yet some blundering and perhaps desparate VXers had coded ineffective coin-slurping malware for Android phones: https://blog.lookout.com/blog/2014/04/24/badlepricon-bitcoin/ , while others had inexpicably written wares for Digital Video Recorders: http://scforum.info/index.php/topic,8985.0.html
(ElReg)