Bitcoin.org Warns of Attacks Amid Upcoming Bitcoin Software Release

A new post to the Bitcoin.org website indicates its contributors have reason to believe it may soon be targeted by malicious actors.

Aug 18, 2016 at 4:38 a.m. UTC
Updated Sep 11, 2021 at 12:27 p.m. UTC

A new post on the open-source Bitcoin.org website indicates its contributors have reason to believe the online resource may be targeted by malicious actors following an upcoming software release by Bitcoin Core developers.

Bitcoin.org contributor Cobra-Bitcoin published a post today in which he indicated that certain resources the website intends to post following the Bitcoin Core development update could be the target of unspecified "state-sponsored attackers".

At issue, the post asserts, is that Bitcoin.org generally posts binaries, or executable software versions of Bitcoin Core software releases, for developers who do not want to compile the source code issued by the open-source development team.

The offering is aimed at developers who do not want to undertake the recommended Gitian build process by which developers are given source code that allows them to construct the executable code for use.

The post reads:

"As a website, Bitcoin.org does not have the necessary technical resources to guarantee that we can defend ourselves from attackers of this calibre. We ask the Bitcoin community, and in particular the Chinese Bitcoin community to be extra vigilant when downloading binaries from our website."

The post was published to the website without peer review, according to a representative of Bitcoin Core, meaning the message has not been subject to a typical feedback process.

Nonetheless, the update has created confusion about the safety of the release in the media, prompting comment from Bitcoin Core contributors.

"There's absolutely nothing in the Bitcoin Core binaries, as built by the Bitcoin Core team, that has been targeted by state sponsored attackers that we know of at this point," Bitcoin Core contributor Eric Lombrozo said in a statement.

The specific attack discussed would find Bitcoin.org users possibly subjected to a so-called man-in-the-middle attack by which an attacker could make their own version of these files, which could then be used to encourage users to download malicious software.

"This malicious software might also cause your computer to participate in attacks against the bitcoin network. We believe Chinese services such as pools and exchanges are most at risk here due to the origin of the attackers," the post continues.

At press time, Bitcoin.org representative Theymos was active on Reddit, where he was encouraging bitcoin developers to be on "high alert" during the upcoming software release.

Red light image via Shutterstock

The Festival for the Decentralized World
Thursday - Sunday, June 9-12, 2022
Austin, Texas
Save a Seat Now

DISCLOSURE

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.

Trending

1
CoinDesk - Unknown
Market Wrap: Metaverse Tokens Rise; Crypto Analysts Expect More Volatility

BTC was roughly flat over the past 24 hours while SAND rose by as much as 7%.

BTC was roughly flat over the past 24 hours while SAND rose by as much as 7%.

CoinDesk - Unknown
2
CoinDesk - Unknown
Circle Asks US Fed Not to Step on Its Toes by Launching a Digital Dollar

The public is already served well by private-sector tokens, the USDC stablecoin issuer said in a comment letter to the central bank.

The public is already served well by private-sector tokens, the USDC stablecoin issuer said in a comment letter to the central bank.

CoinDesk - Unknown
3
CoinDesk - Unknown
Crypto News Roundup for May 25, 2022

With bitcoin seemingly unable to break above the $30,000 threshold, plus a look at the suspects in the cast of the UST collapse, CoinDesk’s "Markets Daily" is back with the latest news roundup.

With bitcoin seemingly unable to break above the $30,000 threshold, plus a look at the suspects in the cast of the UST collapse, CoinDesk’s "Markets Daily" is back with the latest news roundup.

CoinDesk - Unknown
4
CoinDesk - Unknown
ApeCoin

CoinDesk - Unknown