The system is secure as long as honest nodes collectively control more CPU power than any
cooperating group of attacker nodes.

author: kiba
published: 2011-03-30 03:04:38 UTC A recent bitcoin scam was in progress until it was noticed that somebody's wallet had been stolen. The software was a trojan that deletes a bitcoin wallet and mails the copy to the scammer. Fortuntely, the criminal's stupidity allowed a bitcoiner to hijacked his gmail account and returned some of the stolen bitcoin to its rightful owner, although 30 bitcoins could not be recovered.
The victim in question learned from his loss. However, as the community grows, newbies will be caught unaware by scam attempts. It's also worth noting that even the most security aware could lapse and forget that he should not just download software. After all, we're all human beings.
Still, I believe that bitcoin clients could do better by addressing security concerns and making it easier for the average bitcoiner to secure their money. Here are some of the security proposals that are floating around in the bitcoin community:

1. Bitcoin wallets should be encrypted by default.
2. Bitcoin wallets should be spilt into saving wallet and spending wallet to limit the amount of damage that could be caused by trojan. This should also be default behavior too.
3. An application should not be able to write, copy, and read a bitcoin wallet without user authorizing or without being notified.
4. Backup should be built-in and obvious to users.

I think the forum community could aid in this process.

1. There could be bitcoin security firms that download new software and place it in the VM, then observe what's hpapening. Bonus point for analyzing the source code, posting security flaws, certification, and other practice that minimize security problems in the bitcoin economy. Of course, for proprietary software, they would need to pay high fees to the firm because the source code are not available for inspection.
2. The source code for software that interact with bitcoin wallet should be open to examination. If not, avoid it like a plague. Use MD5 hashes to verify the integrity of files.
3. A news source for bitcoin security would be useful in dissemintating information to bitcoiners. The Bitcoin Weekly obviously could carry such publication, but new publishing organizations could pop up exclusively for security news.
4. It should be a community norm for bitcoiners to spotcheck potential risk and educate new bitcoiners about security. For example, if a new software is released by a new forum member, bitcoiners would swing in to warn others of potential risk.

I am sure these proposals have risks and flawes. For example, if a keylogger is smuggled in, a cracker now have access to the password needed to crack the system. If the user forgot his password, he would be unable to access any of his wallet.
There will be continuous loss of bitcoins due to fraud and security compromise, but we can mininize and educate people about securing thier bitcoin. One less testimony about bitcoins getting stolen means that it will be easier for the bitcoin economy to succeed.

Great, so how do we break this? There are several ways:

• We could break the underlying elliptic curve cryptography, by either solving the discrete logarithm problem (this is something quantum computers can do) or by breaking the particular elliptic curve that was chosen. Most research in this area goes towards finding vulnerabilities in specific elliptic curves, so the latter is more likely.
• We could break the underlying cryptographic hash function. In this case, we have a known signature from the user we would like to attack, and we generate another input transaction that hashes to the same value, so we can replay the previous signature. Such an attack would be dependent on the form of the serialized transaction that Bitcoin processes: it does a nontrivial amount of processing on a transaction, so some legwork by the attackers would be necessary; however, because transactions include a scripting system which permits complex transactions to be built, an attacker would have some leeway in constructing such an input. This would not work on single-use addresses, since no such signature exists for replay.

Breaking the signing algorithm requires a selective forgery attack or stronger, and means that arbitrary transactions may be forged and entered into the system. It would be a complete system break. For the signature replay attack, some protection could be gained by adding client-side checks that the same signature is never used for two different transactions.

The Bitcoin community faced another crisis on Sunday afternoon as the price of the currency on the most popular exchange, Mt.Gox, fell from $17 to pennies in a matter of minutes. Trading was quickly suspended and visitors to the home page were redirected to a statement blaming the crash on a compromised user account. Mt.Gox's Mark Karpeles said that the exchange would be taken offline to give administrators time to roll back the suspect transactions.

The extent of the compromise became clear when a copy of Mt.Gox's user database began circulating online. The file included username, email addres, and hashed password for thousands of Mt.Gox users. Karpeles's statement was updated to acknowledge the breach. He warned users who have re-used the Mt.Gox passwords on other sites to change them.

The crash appears to be the fault of the Mt.Gox exchange rather than a collapse in the value of the currency itself, as the integrity of Bitcoin's underlying peer-to-peer transaction clearing process does not appear to have been compromised. Prices at a competing exchange showed Bitcoins trading down about 25 percent to $13 per Bitcoin earlier today, although it has edged up since.

It's been a bad weekend for Mt.Gox, which until now has been the most popular method for converting between Bitcoins and more conventional currencies. Earlier in the weekend, it was reported that the site was vulnerable to a cross-site request forgery in which a logged-in user could be tricked into submitting fraudulent transaction requests. On Sunday, dozens of irate Bitcoin users pledged to stop using the exchange, arguing that the site's administrators lacked the technical sophistication to build a secure and reliable currency exchange.

But Bitcoin users have few alternatives if they wish to convert their Bitcoins into more stable commodities. A recently-launched competitor, called TradeHill, has capitalized on Mt.Gox's troubles by encouraging members of the Bitcoin community to use their exchange instead. But the site is so new that no one knows if its administrators have the resources or technical expertise to avoid the security and reliability problems that have plagued Mt.Gox.

It's been a wild couple of months for Bitcoin traders. Between April and June, the currency rose from a dollar to more than $30. This month, it fell back to $10 and rose again to $20. It was at $17 at the beginning of this weekend before a string of bad news pushed it down again.

Theoretically, this weekend's developments shouldn't damage Bitcoin's long-term value, since the security model of the underlying currency remains uncompromised. But Bitcoin is a fiat currency; its value ultimately depends on nothing more than public confidence. If the recent string of Bitcoin-related security woes convinces more Bitcoin users to cash out, the currency's value could continue to fall.

A digital currency known as Bitcoin (BTC) has been causing a bit of a media stir of late due to its use for illicit purposes. Some readers of this blog will be familiar with and have used a digital currency of some form in the past to purchase goods online. Some may even remember failed digital currencies such as e-gold, which had operations suspended by US authorities after its proprietors were indicted on four counts of violating money laundering regulations back in 2007. With Bitcoin, we now have another multi-million dollar digital currency market without any central authority for regulation. (An in-depth explanation of Bitcoins is available on Wikipedia.)
One of the selling points of the Bitcoin currency is that anyone with a computer can begin to earn Bitcoin blocks by using his or her computer’s computational power, along with open source Bitcoin software, to solve a difficult cryptographic proof-of-work problem. This is referred to as Bitcoin mining and, if successful in solving a block, it will lead to a reward of up to 50 Bitcoins per block. As of June 2011, there are just over 6.5 million Bitcoins in existence, with a finite number of 21 million possible to be reached over time. With Bitcoins presently trading at close to $20, Bitcoin mining sounds like an easy way to make some money. Well, cybercriminals might just be thinking the exact same thing.
It has been known for some time that a botnet’s combined computing power could be used for a number of nefarious purposes. We can now add Bitcoin mining to that list. While Symantec has not observed any botnets currently being used to mine Bitcoins, the possibility is there. Through the use of pooled Bitcoin mining, a botnet herder could covertly mine Bitcoins using the computational power of a victim's computer. Another selling point of the Bitcoin currency is its apparent anonymity; along with decentralized authority spread across a peer-to-peer network, this makes the currency even more attractive to cybercriminals. But is Bitcoin mining really worth a botnet herder’s time? Let’s find out.
Using an average computer and only the CPU for computational purposes, we found that when Bitcoin mining, we were able to compute roughly 1 mega-hashes/second. So what does that mean if we want to do pooled Bitcoin mining on a botnet? Using an online Bitcoin mining calculator—which takes into account the current difficulty factor for solving Bitcoin blocks, the computer's hash rate, and Bitcoin exchange rates—we get the following data for Bitcoin botnet mining:


Caveat: calculations based on mining constantly for 24 hours using CPU only at current exchange rate and difficulty factor.

Difficulty Factor	567358.224571
Hash Rate (mega-hashes / second)	1.0
Exchange Rate ($/BTC)	$20

Bot earnings broken down
	Coins	Dollars
Per Day	0.00	$0.03
Per Week	0.01	$0.23
Per Month	0.05	$0.97

Botnet mining per day
Bots		Bot earnings per day	Total earnings
100	x	$0.03	$3
1,000	x	$0.03	$30
10,000	x	$0.03	$300
100,000	x	$0.03	$3,000

Botnet mining per week
Bots		Bot earnings per week	Total earnings
100	x	$0.23	$23
1,000	x	$0.23	$230
10,000	x	$0.23	$2,300
100,000	x	$0.23	$23,000

Botnet mining per month
Bots		Bot earnings per month	Total earnings
100	x	$0.97	$97
1,000	x	$0.97	$970
10,000	x	$0.97	$9,700
100,000	x	$0.97	$97,000

A point to note about these figures is that, as mentioned in the caveat, the compromised computer systems would have to be running 24 hours a day, which is highly unlikely. Also, the earnings would vary from day to day depending on luck. So, as we can see, there is the potential for cybercrimanals to earn money this way. However, another question is if Bitcoin mining is more profitable than other uses for the botnet. Let’s just compare one alternative: renting the botnet out for DDoS attacks. While Symantec has observed DDoS attacks being offered for as little as $5, the more usual offer is similar to what is seen in the screenshot below, offering at the high end of $400 dollars rent a week for a few hours a day.


Taking this information into account, Bitcoin botnet mining as an attractive and profitable venture for cybercriminals is very questionable. However, with recent spikes in the valuation of Bitcoins reaching as high as $26, it may become more appealing in the future to cybercriminals as another source of illegal earnings from their botnets.
We are already starting to see reports on fraud involving Bitcoins and a Bitcoin account being hacked with a substantial monetary loss of approximately $500,000. Symantec has seen one such threat designed to steal Bitcoins from your digital wallet called Infostealer.Coinbit, and we expect to see more in the near future.
As always, Symantec recommends that you keep your antivirus definitions up to date to ensure protection against new threats such as Infostealer.Coinbit.

An employee of the Australian Broadcasting Corporation has been caught using ABC servers to mine for Bitcoins, the Sydney Morning Herald reports.
New Bitcoins are generated through “mining” — a process that takes time and a lot of CPU power. As more Bitcoins are generated, the network self-regulates, producing fewer coins over time, and making it less likely a solo computer will complete the “blocks” that reward the user with new Bitcoins.
The unnamed employee, a part of the ABC’s IT department, had installed the miner on the ABC’s servers to make use of idle CPU power. Nobody at the ABC would comment on the issue, though the Herald quotes communications head Sandy Culkoff saying that “there is a serious misconduct case underway in relation to this matter.”
Bitcoins can be traded for cash, with the currency having reached highs of around US$20 per coin. I’m sure the consequences the unnamed employee now faces for using company equipment for personal gain aren’t going to be worth the effort.
Bitcoin hasn’t had a great month. Half a million US dollars worth of Bitcoins were stolen from an early adopter, the most popular Bitcoin exchange was hacked and prices temporarily flatlined shortly after, U.S. senators pushed a crackdown on the currency and, to add insult to injury, the EFF (who lent the currency some of its earlier legitimacy) have stopped taking donations in Bitcoins and say they won’t even make use of the sizeable number of Bitcoins they’ve already been sent.