A group of hackers tried to leverage the current conflict between Ukraine and Russia by distributing malware aimed at Bitcoin wallets. Bitdefender Labs, a cyber-security company with a keen interest in the digital currency market, issued a report where it highlighted how the alleged hackers masked one type of malware as another.


Apparently, the perpetrators dispensed software programs that they claimed capable of unsettling the digital activities of the Western governments combating against the Russian territory.

In fact, the program secretly installed Kelihos, a malware package which was first identified 5 years ago. Kelihos can steal the content of a Bitcoin user’s wallet, and it features numerous other negative effects, too. The group’s most recent attack was aimed at Ukrainian Internet users, and it looks like 40% of those users were already impacted. Doina Cosovan, analyst for Bitdefender mentions:

“Some of the IPs might indicate the origin of servers specialized in malware distribution or other infected computers that became part of the Kelihos botnet. As most of the infected IPs are from Ukraine, this either means that computers in the country were also infected, or that Ukraine itself is home to the main distribution servers.”

Leaving aside the Bitcoin theft, it looks like Kelihos can also enslave a host computer to a worldwide botnet, thus permitting hackers to use that device and send out spam or even scan data and continue to spread malicious software.

A fake nationalist initiative

In the Bitdefender report, it was mentioned that hackers attempted to pass the “software” as a means for affected users to generate turmoil for the Russian government. Apparently, the message that came with the malware claimed the hacker’s location was inside Russia.

“We, a group of hackers from the Russian Federation, are worried about the unreasonable sanctions that Western states imposed against our country. We have coded our answer and bellow [sic] you will find the link to our program. Run the application on your computer, and it will secretly begin to attack government agencies of the states that have adopted those sanctions.”

Bitdefender explained the message also included a link; clicking on that links means downloading Kelihos, and this is how the hackers were able to take control of a person’s computer.

Always under threat?

Despite the security improvements, there will always be people that can crack even the toughest and most secure alarm systems. Many upgrades were made in the way crypto currency fans store their digital currency. And yet, the threat of malware attacks aimed at Bitcoin will most likely ramp up in parallel with digital currencies’ increasing popularity.

With every day that goes by, the attempts to steal digital currency like Bitcoin are expanding. Kaspersky Labs notes that 22% of all malware attacks linked to finances targeted Bitcoin. Malware attempts come in the most convincing disguises, and they’ve managed to fool millions. This malware issue has attracted lots of attention from regulators and government officials, and it often serves as the basis for investor and consumer warnings on the subject of digital currency.

Agencies like the Securities Exchange Commission and the US Consumer Financial Protection Bureau have already warned against using cryptocurrencies and the malware problem is apparently the key reason for people to be wary of cryptocurrencies.

We at Cointelegraph believe that instead cryptocurrency ‘regulation’ by a centralized authority, which probably knows less about Bitcoin than your average Bitcoiner, we decided to present our readers with a list of possible cyber threats that they could encounter to avoid falling for the most common pitfalls when dealing with digital currencies.

Bitcoin Scams 101

Fraud – a scammer claims to sell digital or physical good and airline mileage but asks users to pay upfront. Basically, you send bitcoins but they don’t send out the goods; scammers may also use fake passports. Since Bitcoin is like hard cash, the transaction is irrecoverable once sent.

Pyramid schemes – the operators claim to offer “interest” for deposits in bitcoins. The method apparently generates “interest” through various methods, such as loaning digital currency to some of their site’s users. Rather than pay interest, the website’s operator pays using the new funds coming in.

Cloud hashing Ponzi – alleged mining groups sell mining capabilities in fractions; your initial investment will eventually be lost as they will claim the hashing difficulty increased.

Pre-order scams – some manufacturers may ask users to place an order (e.g. for mining equipment) and pay in advance; they accept Bitcoin payments but they don’t refund bitcoins if the price goes up; they may even declare bankruptcy to come clean.

The pump & dump – there are numerous digital currencies available and many are created with the sole intention of getting rich quick - the developer that is. People find out about the new coin, it is hyped up on crypto forums to increase its value and then the holdings are liquidated.

Phishing attempts – receiving fake emails that claim to be from famous Bitcoin companies. Users will be compelled to click a link that will take them to a fake website where they are prompted to enter the login info of the real site. If there’s no 2-factor authentication set up for your account, then it will probably be empty next time you look.

Gambling sites– since there’s no way to ban Bitcoin universally, it is ideal for gambling. Nonetheless, just like with any type of gambling platform online, there is always a possibility that it could be fake with back-doors permitting insiders to see your player cards and private information.

IPO/premine – an initial public offering allows investors to buy shares in a company, with the hope that one day, their value will increase in the future. Some of these companies are nothing more but mirages, however. But just like the tricky world of OTC stock markets, users are advised to research in advance prior to making an investment. This usually involves premining, which means that the developers set some coins aside for themselves before the public was able to download the client and mine their own coins. When the coins increase in value, the developers can potentially end up being the biggest holders. 

Did you enjoy this article? You may also be interested in reading these ones:

Coin HR - the best way to find a perfect bitcoin job or an applicant for your vacancy. We connect talent with opportunity!