ESET, a security firm, has published a report showing that there is a piece of malware aimed at stealing Litecoin wallet files. ESET says that the Trojan, named MSIL/PSW.LiteCoin.A, is not widespread just now, and extremely unsophisticated. The report suggests that this malware or others like it could become more prevalent if Litecoin enjoys a wider adoption and popularity.
This is the first time that malware has been targeted at Litecoin users. ESET describes the Trojan as extremely unsophisticated, and that its only function is to send the user's wallet.dat file to an FTP server, which the attacker controls. ESET showed the decompiled C# program – a mere 38 lines of code.
ESET say that the provider of the FTP server used by the attacker has been informed. The provider has now blocked requests to the server, and redirects browsers to a page that reads:
The report did not comment on MSIL/PSW.LiteCoin.A's attack vectors – i.e. the methods of infection. While firewalls and antivirus are useful, security experts generally say that your behaviour is the first line of defence against malicious software. Specifically, never open email attachments you weren't expecting, don't click on unsolicited links on social networks, and if you have to click links in emails at least use the browser or email program's status bar to actually see where the link points to.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.