Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Attackers of Mt. Gox Chief Executive Circulate Bitcoin-Stealing Malware

According to Kaspersky the security company, a condensed file of transaction documents compiled at the firm Mt. Gox, which hackers lately exposed online after hijacking the blog belonging to Mark Karpeles CEO of Mt. Gox, as well carries malware for stealing bitcoins from Mac or Windows PCs.

Kaspersky investigators examined the archive, sized 620MB and named MtGox2014Leak.zip, to ultimately state that along with different data and files from Mt. Gox it consisted of malware.

The archive pretends to be Mac/Windows editions of one software program of custom, back-office required to gain admission into the transaction records stored at Mt. Gox, one major supplier of bitcoins and which claimed to be bankrupt during February-late 2014, in Japan because it allegedly faced a theft of approximately 850,000 bitcoins by cyber-thugs.

Kaspersky detected the malware compatible with Windows system as Trojan.Win32.CoinStealer.i and that with Mac as Trojan.OSX.Coinstealer.a.

For writing the Mac and Windows malware, the hackers understandably chose the programming language LiveCode, which aids in writing software for a number of simultaneous platforms.

On running the custom, back-office software, victims note one program to gain admission into the Tibanne Co. Ltd. database; the company is the operator of Mt. Gox. Meanwhile, the Bitcoins in the transactions get stolen.

According to Sergey Lozhkin, Security Researcher at Kaspersky, the LiveCode written malware has key code packed and encrypted, while the malware obtainable whenever run. Softpedia.com reported this, March 17, 2014.

Hackers, after designing the particular malware, use it for running the TibanneSocket.exe executable as well as to hunt down the wallet.dat and bitcoin.conf files. Incase the wallet.dat file, which's critical for a Bitcoin owner, isn't decoded while also stolen, then cyber-crooks can easily acquire access to each and every Bitcoin in the wallet of that owner, continues Lozhkin. Techcrunch.com published this, March 14, 2014.

Evidently, every component of the data gets transmitted to a CnC server based in Bulgaria, however, presently deactivated.

Meanwhile, Mt. Gox's consumers have fallen target to cyber-criminals previously too when they received phishing electronic mails masquerading as the Bitcoin exchange while soliciting their username and password, address, full name as well as bank account.

» SPAMfighter News - 3/26/2014

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page