Privacy advocates and seedy characters on the edge of Internet legality alike use Bitcoins as their virtual currency of choice. The anonymous, decentralized P2P nature of Bitcoins lets you transfer money without ever having to contact a bank or even know the true identity of the person on the other end of the transaction. Recent events have dragged the shadowy currency into the light of public scrutiny, and now its squirming users have another headache to deal with: a trojan designed specifically to pilfer your Bitcoin wallet.
The malware goes by the name Infostealer.Coinbit. Once it works its way onto a Windows PC, the program checks the default location for Bitcoin's wallet.dat file. Your wallet contains the encryption keys that are essential to Bitcoin transactions. If the trojan finds a wallet, it sends the data file to the attackers.
"If you use Bitcoins, you have the option to encrypt your wallet and we recommend that you choose a strong password for this in the event that an attacker is attempting to brute-force your wallet open," Symantec's Stephen Doherty said on the company's blog.
Sounds like a smart move to us, especially since there are sure to be even more attempts to swindle Bitcoins out from under your nose in the future. Earlier this week, a man claimed to have $500,000 worth of Bitcoins stolen from his e-wallet. One of the currency's selling points is its non-centralized structure, but remember that lack of oversight that seems so awesome in theory means that you have nobody to turn to when some jerk steals your encryption keys.