Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Bitcoin market price app, 'Bitcoin Alarm,' is carefully cloaked malware

The application contains a remote access Trojan, Arbor Networks said

Article comments

If you get a spam message advertising an application called "Bitcoin Alarm," the name may tell you all you need to know.

The desktop Windows application sends price alerts by SMS to a mobile phone. But closer examination of its code turned up several suspicious traits that indicate it may try to steal the virtual currency, wrote Kenny MacDermid, a research analyst with security company Arbor Networks.

Bitcoin's skyrocketing value this year has drawn wide interest from investors as well as from cybercriminals. Bitcoins are secured by public key cryptography, and if the private key for a bitcoin is obtained, the virtual currency can be stolen in a flash.

MacDermid received three spam messages in one day promoting Bitcoin Alarm.

"I ignored it the first two times, but they must have really wanted me to look at it, so who am I not to oblige?" he wrote.

Tucked inside Bitcoin Alarm is a script that checks whether security software from Avast is running. If so, it stays quiet for 20 seconds. "It's a pretty solid chance that if software is checking for an antivirus engine, that it's up to no good," MacDermid wrote.

An encrypted file inside Bitcoin Alarm turned out to be a remote-access Trojan called NetWiredRC, which can be used to steal login credentials and, in this case, bitcoins, he wrote.

MacDermid submitted Bitcoin Alarm to VirusTotal, an online service that runs suspicious software programs through more than four dozen antivirus suites. On the first pass, only Kaspersky Lab's product detected Bitcoin Alarm, although more antivirus suites are picking it up now, MacDermid wrote.

"This free utility is nothing more than malware with very low detection rate being spammed to anyone that might have a bitcoin sitting around," he wrote.

A website for Bitcoin Alarm was created on Nov. 19, according to data from Domain Tools. A YouTube video showing how to install the application was uploaded there two weeks ago. The demonstration video uses a Windows computer set for German.

Efforts to reach Bitcoin Alarm via an email address on its website were not immediately successful.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk



Share:

More from Techworld

More relevant IT news

Comments



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *