Hackers hunting for open cryptocurrency wallets, scanning computers worldwide

With both bitcoin and ethereum prices hitting all-time highs, cybercriminals are hard at work looking to steal from unsecured cryptocurrency wallets.

Read more

© Arno Burgi / DPA / Global Look Press

Large-scale internet scanning campaigns have been intercepted by security researcher Didier Stevens. The so-called honeypot, a mechanism designed by Stevens to detect, deflect, or counteract unauthorized attempts to use information systems, managed to pick up a bot searching for files containing cryptocurrency wallets.

“I’ve seen a couple of such requests a couple of years ago, but it’s the first time I see that many. The first time I observed this was late 2013, in the middle of the first big BTC (bitcoin) price rally,” Stevens said, as quoted by Global Crypto Press, which focuses on cryptocurrency and tech news.

The researcher posted the findings on the forum of US-based SANS Technology Institute. The filenames included wallet – Copy.dat, wallet.dat, wallet.dat.1, wallet.dat.zip, wallet.tar, wallet.tar.gz, wallet.zip, wallet_backup.dat, wallet_backup.dat.1, wallet_backup.dat.zip, wallet_backup.zip.

Hackers are reportedly looking for bitcoin wallet archives, which were accidentally left online. Access to the archives provides access to the funds stalled in the digital currency. The price for one bitcoin token is currently hovering around $ 10,000, which is stirring up interest among cybercriminals.

At the same time, Stevens revealed that cyberthieves started searching for ethereum wallet clients that are accessible over the internet.

The network security expert said the number of blind requests to the JSON-RPC interface of ethereum nodes has increased. This interface is a programmatic API (application programming interface) for ethereum clients that should be exposed only locally.

The interface does not support any authentication with wallet apps installed on the users’ computers and can make calls to an ethereum client to move and manage funds.

According to Stevens, criminals can also make requests to this JSON-RPC interface and issue commands to move funds to their wallets if the user’s computer is online.

Users that are running ethereum nodes, which require having internet access, should make sure they turn off the JSON-RPC interface’s incoming requests or forward them through an intermediary server to filter only approved clients.

Let’s block ads! (Why?)

RT – Daily news

Post Author: martin

Martin is an enthusiastic programmer, a webdeveloper and a young entrepreneur. He is intereted into computers for a long time. In the age of 10 he has programmed his first website and since then he has been working on web technologies until now. He is the Founder and Editor-in-Chief of BriefNews.eu and PCHealthBoost.info Online Magazines. His colleagues appreciate him as a passionate workhorse, a fan of new technologies, an eternal optimist and a dreamer, but especially the soul of the team for whom he can do anything in the world.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.