The threat steals wallet.dat files and uploads them to an FTP server

Jul 2, 2013 09:17 GMT  ·  By

Malware that’s designed to mine Bitcoin is not uncommon, but experts have also identified a threat that attempts to steal Litecoin, an improved version of the Bitcoin digital currency.

According to researchers from ESET, the Trojan, MSIL/PSW.LiteCoin.A, is not sophisticated at all. It simply tries to send the victim’s wallet.dat file to a remote FTP server controlled by cybercriminals.

For the time being, MSIL/PSW.LiteCoin.A is not widespread. However, as Litecoin’s popularity grows – even Mt.Gox plans on trading Litecoin – it’s likely that we’ll see more sophisticated threats.

ESET has notified the web provider that hosts the FTP server where the stolen files are uploaded. Now, when someone tries to access the domain in question, they’re presented with the following message: “User [user name] from BTC-E exchange uses this ftp address to steal wallets from cryptocoiners! BEWARE!”