The ups and downs of the cryptocurrency market have made headlines – and not all of them good ones. Tom Brewster takes a look at both sides of the digital coin
The rise of Bitcoin has been remarkable. Even if it doesn’t continue to thrive, its impact on the financial and technology markets has been significant.
Billed as a decentralized currency, autonomous of any government regulation, it was created by a person or persons going by the pseudonym Satoshi Nakamoto. Its basis is standard cryptography, which promises privacy and security. When a user creates a Bitcoin address, they generate a public key and private key, used for signing transactions. When they acquire Bitcoins, the funds are added to the address, which can be stored in software known as a wallet. All transactions are verified by the Bitcoin network of users and made public on a ledger known as a block chain, confirming the parties involved do genuinely own the coins, preventing fraud and double-spending.
The promise of anonymity and the removal of any middle man in transactions have brought about a rise in Bitcoin's popularity, among individuals and businesses alike. Even the University of Cumbria in the UK will begin taking payment of fees using the cryptocurrency. This popularity has, in turn, brought about a massive flux in the value of Bitcoin, which shot up from around $20 for a single coin in February 2013, to over $1,000 later in the year. Yet the increasing value of Bitcoin, along with its aforementioned benefits, has also greatly appealed to digital crooks.
“Cybercriminals aren’t so different from investors in that they gravitate to value. At this point, there has been no shortage of attacks on the digital currency”, notes David Emm, senior security researcher at Kaspersky Lab. “Malware follows the money trail, and Bitcoin is big news at the moment.”
Mass Attacks on Bitcoin
The most prevalent form of Bitcoin-based malware today is the wallet stealer. It comes in various forms, but most are crude, basic pieces of programming, simply searching for a file and then taking it. It is due to this simplicity that many anti-virus systems simply won’t detect them, either because they have no signature or signs of malicious behavior. Meanwhile, well-known botnets are having Bitcoin-thieving modules added to them, carrying out similar activities. The once-vast Kelihos botnet and the continuingly pesky Pony botnet have both had such features added.
“In many cases it’s as simple as stealing a file off of a computer that’s in a known location. That’s in the realm of most programmers to do that, so it’s not surprising we’re seeing a lot of this malware being created”, says Joe Stewart, director of malware research at Dell SecureWorks Counter Threat Unit. “There have been more types of Bitcoin wallet introduced, so we’ve seen some of the malware expand what they’re looking for and how they’re looking for it, instead of looking in a fixed location. Some just look for the file name, the wallet.dat file, in any location.”
One piece of Bitcoin malware spotted by Stewart’s team was especially cunning. It solely looked at the victim machine’s memory, replacing Bitcoin addresses with a different one when the user was doing a simple copy and paste. “If you didn’t verify the address you copied with the one you pasted into your send form, then you were sending Bitcoins to the wrong person”, adds Pat Litke, security analysis advisor with Dell SecureWorks. “In this case, the simplicity was almost elegant. It meant there was zero percent detection.”
Various vulnerabilities have also been found within these wallets, so even those promising protection when the file containing the Bitcoins is taken can be cracked or modified. Bitcoin-QT, one of the largest and most-trusted wallet providers, patched some serious flaws toward the end of 2013, including a critical denial-of-service bug.
Even the most reliable wallets are not infallible it seems. The platforms they’re based on can introduce vulnerabilities too. Last year, scrutiny was justifiably imposed on weak private key generation used by wallets on Google’s Android mobile operating system. The problem lay in Android’s pseudorandom number generator, which occasionally produced the same number twice, allowing attackers to determine private keys of users.
No More Malicious Mining?
In the past, many Bitcoin-focused malware also had mining capabilities. Amalgamating the power of infected machines, bots were set about the task of figuring out the solution to the mathematical problems that unlock bitcoins. The huge ZeroAccess botnet, which has now been dismantled thanks to efforts from Microsoft and law enforcement bodies, was one of the biggest malicious botnet miners.
But now, it appears the task of mining Bitcoin has become too onerous even for the biggest botnets. “These days, just a botnet of computers using their CPUs trying to mine Bitcoins is actually not that productive”, adds Stewart. “It really has become almost impossible to mine Bitcoin profitably without a huge investment in specialized hardware.”
| "Exchanges are going to have to adopt more stringent security policies in terms of how they let users access Bitcoins" |
| Joe Stewart, Dell SecureWorks |
Crooks are now shifting mining operations over to other lesser-known cryptocurrencies, Litecoin being a particular favorite. Anti-virus also appears to be inadequate here, but not for failing to detect threats. Instead, AV has been guilty of false positives, according to Seculert co-founder and chief technology officer, Aviv Raff. “Many of the attacks are using legitimate mining software, like CGMiner or Minerd. This is why many AV companies are now falsely flagging legitimate software as bad”, he says.
Bitcoin exchanges also provide ideal targets for attackers hoping to get their hands on Bitcoin illicitly. Over recent years, they’ve been pummeled by different kinds of attacks. In 2013, a number of them fell victim to heists, including Bitcoin Internet Payment Services, which was robbed of 1,295 BTC.
Malware, including the prominent Zeus malicious software, have added components trying to scoop up logins for specific exchanges. “That’s kind of an obvious target, with exchanges that have huge amounts of Bitcoin stored in them from thousands of users”, says Stewart. “The exchanges are going to have to adopt more stringent security policies in terms of how they let users access Bitcoins.”
Regulating Bitcoin
Meanwhile, Bitcoin has become the currency of choice on the web’s dark markets. The demise of Liberty Reserve, the currency that was dismantled by law enforcement in 2013 when its creators were charged, has led Bitcoin to become the world’s most popular cryptocurrency among those buying and selling offensive digital tools. It was already in use across drug bazaars, like the infamous Silk Road, and among other criminal types.
Partly because of the heightened potential for illegal transactions and the innumerable security issues related to the currency, and partly because of its meteoric rise, Bitcoin is now being threatened with red tape the world over. This will have the double-edged effect of giving the currency legitimacy while stripping it of the decentralized control its very architecture was supposed to eschew.
Proponents of the cryptocurrency, criminal and legitimate, will no doubt fear that second repercussion most. Ever since the 9/11 terrorist attacks, the US has cracked down on cross-border financial systems used by terrorists. They were subsequently locked out of official finance channels, leading them to adopt currencies like Bitcoin, notes Gary Broadfield, partner at law firm Garstangs Burrows Bussin, which specializes in financial crime.
This has presented a huge challenge for lawmakers. For instance, many of those accused of financial crime have their assets frozen by courts to prevent them dissipating or hiding those assets that would be subject to confiscation by the state upon conviction. Those orders are “toothless against Bitcoins”, says Broadfield.
He believes that if Bitcoin is to become popular across legitimate businesses, it will require proper legislation. “It is clear that a balance must be struck between regulation of the currency in order to mitigate against illicit use whilst still permitting businesses to harness the advantages of Bitcoin and other digital currencies”, he asserts.
“Historically, many of the early adopters of Bitcoin held rather extreme libertarian views and were attracted to the currency precisely because it was unregulated and supranational. They were, and are, against any regulation whatsoever and will continue to be so.
“However, they are now being replaced, or at least supplemented, by a newer and larger generation of standard bearers who are much more ‘business-minded’ in their approach. As such, they seem to be more prepared to accept regulation, as ultimately they see that as one of the keys to the currency becoming more widely adopted.”
Regulation appears to be on the horizon. Talks in late January, held by the New York Department of Financial Services, saw Litecoin creator Charles Lee calling for light-touch regulation. Many now expect a licensing regime for Bitcoin exchanges to emerge, bringing in so-called Bitlicenses. That should at least enforce a heightened level of security on exchanges.
The most telling comment from those meetings came from an old enemy of Facebook co-founder Mark Zuckerberg – Cameron Winklevoss of the Winklevoss Bitcoin Trust. “The Wild West attracts cowboys”, he said. “A sheriff is a good thing.”
If Bitcoin gets its sheriff, it will become increasingly popular among traditional businesses. But that could well kill the cryptocurrency’s non-official appeal, leaving space for others to fill the void.
“Bitcoin will not so much be overtaken as much as become one of a crowd of cryptocurrencies”, says Gordon Fletcher, senior lecturer in information systems at the University of Salford, who believes the variable rates of return for mining each of the currencies will help create a competitive market for the different currencies. “In many ways, the biggest threat to Bitcoin are the other cryptocurrencies.”