ESET, a security firm, has published a report showing that there is a piece of malware aimed at stealing Litecoin wallet files. ESET says that the Trojan, named MSIL/PSW.LiteCoin.A, is not widespread just now, and extremely unsophisticated. The report suggests that this malware or others like it could become more prevalent if Litecoin enjoys a wider adoption and popularity.
Bitcoin has already been the target of malware attacks. For example, Win32/Delf.QCZ will, among other things, install bitcoin mining software on the target computer, and have it join a network of zombified mining PCs. There have also been cases where a bitcoin wallet was stolen.
This is the first time that malware has been targeted at Litecoin users. ESET describes the Trojan as extremely unsophisticated, and that its only function is to send the user’s wallet.dat file to an FTP server, which the attacker controls. ESET showed the decompiled C# program – a mere 38 lines of code.
ESET say that the provider of the FTP server used by the attacker has been informed. The provider has now blocked requests to the server, and redirects browsers to a page that reads:
User **** from BTC-E exchange uses this ftp address to steal wallets from cryptocoiners! BEWARE!!!!
The report did not comment on MSIL/PSW.LiteCoin.A‘s attack vectors – i.e. the methods of infection. While firewalls and antivirus are useful, security experts generally say that your behaviour is the first line of defence against malicious software. Specifically, never open email attachments you weren’t expecting, don’t click on unsolicited links on social networks, and if you have to click links in emails at least use the browser or email program’s status bar to actually see where the link points to.