Litecoin targeted by trojan malware

ESET, a security firm, has published a report showing that there is a piece of malware aimed at stealing Litecoin wallet files. ESET says that the Trojan, named MSIL/PSW.LiteCoin.A, is not widespread just now, and extremely unsophisticated. The report suggests that this malware or others like it could become more prevalent if Litecoin enjoys a wider adoption and popularity.

Bitcoin has already been the target of malware attacks. For example, Win32/Delf.QCZ will, among other things, install bitcoin mining software on the target computer, and have it join a network of zombified mining PCs. There have also been cases where a bitcoin wallet was stolen.

This is the first time that malware has been targeted at Litecoin users. ESET describes the Trojan as extremely unsophisticated, and that its only function is to send the user's wallet.dat file to an FTP server, which the attacker controls. ESET showed the decompiled C# program – a mere 38 lines of code.

ESET say that the provider of the FTP server used by the attacker has been informed. The provider has now blocked requests to the server, and redirects browsers to a page that reads:

User **** from BTC-E exchange uses this ftp address to steal wallets from cryptocoiners! BEWARE!!!!

The report did not comment on MSIL/PSW.LiteCoin.A's attack vectors – i.e. the methods of infection. While firewalls and antivirus are useful, security experts generally say that your behaviour is the first line of defence against malicious software. Specifically, never open email attachments you weren't expecting, don't click on unsolicited links on social networks, and if you have to click links in emails at least use the browser or email program's status bar to actually see where the link points to.

DISCLOSURE

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.

David Gilson

Learn more about Consensus 2024, CoinDesk’s longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.