Bitcoin Website Issues "State-Sponsored Attack" Warning

Crypto-currency aficionados navigating to the Bitcoin website yesterday were greeted with a grim security warning saying that the project's binary files, soon to be released, would most likely be targeted by "state-sponsored attackers."

The project cites "reasons" that make it believe that the binary files used to run Bitcoin software on mining pools and exchange servers might be the target of cyber-attacks.

No! Nobody will DDoS a binary, but it is likely that someone will try to hijack and replace the official files, either on the official website or during transit (download) to the user, tricking the target into installing a tainted version of the Bitcoin software.

Bitcoin Project fears future devastating attacks on its network

The Bitcoin Project fears that this could lead to theft of Bitcoin funds from user accounts that interact with the servers running the modified binaries.

Bitcoin administrators full-heartily admit that they don't have the necessary technical resources to fend off such sophisticated attacks.

They also fear that, once compromised, these servers can be used in coordinated attacks against the entire Bitcoin network.

Bitcoin Project fears for its Chinese community the most

The project admins worry about attacks against the Chinese Bitcoin community. Chinese miners are currently dominating the Bitcoin market.

This comment on tech news portal Hacker News by Mozilla Services Security engineer Julien Vehent provides some context into what types of attacks could be carried out:

“  bitcoin.org does not implement HPKP. Any government that controls a CA can generate its own cert for bitcoin.org, hijack the site's IP and replace this page with their own fingerprint.  ”

“  And China has a root CA under their control. I'm on my iPad at the moment so I can't provide the fingerprints of it right now, but I remember 'un-trusting it' on all of my machines a long while back.  ”