Recently one user lost about five Bitcoins because of stealing malware contained in a pirate version of Fallout 4. User “Op arkanoah” posted about his loss in the Bitcoin subreddit. That means we should be twice as careful about the things we download from the Internet, and be on the look-out for some means of protection against this kind of malware.
Pirated content and software has always been the cause of many problems. If you’ve ever downloaded pirated or cracked software, chances are you’ve been later troubled by some virus. It’s really as old as time.
Now this content contains malware that can make you several Bitcoins poorer so you should really think twice before downloading something you’re not sure of. Bitcoin developers are getting smarter, but so are thieves. According to Roman Mandeleil, the founder of hacker’s marathons and CEO of ether.camp
Are Antiviruses Useless?
“There are people selling customizable malware to steal wallets and passwords, and generally running one of these things through an obfuscation tool will hide it from all major antivirus software”.
Roman Mandeleil seems to agree with this point of view, suggesting that such games should be checked on virtual machines first. He added:
“Antivirus not always will save you from such theft; that is why pirate copies are like a hackers haven. You’d better try those games on a virtual machine so the virus will not go out of the box and obviously not in the same computer where your Bitcoins are stored”.
It seems no one has faith in antiviruses. Another Bitcoin security expert, Ivan Tikhonov seems to agree with the opinion about antiviruses as well. He stated to Cointelegraph:
“You may first download a harmless install manager which contains no malware. Therefore, your antivirus will not recognise it as a threat. And only afterwards you’ll be offered to install an update which will contain a Bitcoin stealing software. There are even infected OS installers. Notably that malware is integrated in the program core so tightly that it can trick any antivirus”.
People Disable Their Security Suite Without Fully Understanding the Risks
However, antivirus developers state that their products are able to protect people against such malware. Users become its victims because they “sometimes opt to disable their security suite and run cracked and pirated software, without fully understanding the risks”.
Marius Buterchi, PR Manager of Bitdefender stated to Cointelegraph:
“A security solution has heuristic engines that usually detect anomalous behavior associated with malware or malicious activities. Such behavior might include applications that try to launch at start-up, perform registry key modifications, perform memory injections, open backdoors etc. Because most cracks, key generators, and hacking tools usually trigger such activities – that may or may not be benign - they’re blocked/quarantined/removed by the installed security solution”.
Besides, he added that “this Fallout 4 incident is left open to speculation. Because the sample has not been reported and analyzed by a security company in order to ascertain the validity of arkanoah’s claims, the bitcoin theft could simply coincide with the same day when the pirated version of Fallout 4 was installed“.
In fact, it was not the first case of such kind of theft. Back to 2014, ESET researchers discovered Bitcoin stealing malware being spread via cracked apps. Malware targeted Mac users and was disguised as trojanised versions of Bitcoin Ticker TTM (To the Moon), BitVanity, StealthBit and Litecoin Ticker. The malware was contained it cracked versions of Angry Birds, and other apps.