Taking a Look at Both Sides of Bitcoin

Bitcoin, developed in 2009 and based on the works of Satoshi Nakamoto, is a peer-to-peer (P2P) currency system created in open-source C++ programming code. Its inventor describes it as a purely peer-to-peer version of electronic cash that allows online payments to be sent directly from one party to another without going through a financial institution.

The payment network can be accessed from anywhere in the world. There are no sign-up requirements or fees to pay; anybody can join and participate. There is no central organization, no list of approved Bitcoin payment processors. To start with Bitcoin, you have to download and install the client software on your computer or use an online wallet service like instawallet.org. In either case, your Bitcoins are stored in your digital wallet(s) and can be sent to anyone else who has a Bitcoin address. The wallets are not encrypted, the transactions are public, and the anonymity–not absolute, but stronger than in traditional electronic payment systems–is guaranteed by pseudonymous ownership. To receive or to send coins, people just need a receiving or a sending addresses, which are long strings of randomly generated characters that point to a wallet.

There are various ways to get Bitcoins:

  • You can trade another currency either directly with somebody who already has Bitcoin or through a Bitcoin-dollar currency exchange. The biggest Bitcoin exchanges today are MtGox and TradeHill. One Bitcoin currently costs roughly US$4.80, but the exchange rate reached $20 in June. I’ve read that a daily swing in the Bitcoin-to-dollar exchange rate of plus or minus 40 percent is common.
  • You can get Bitcoins by selling something or providing a service, assuming you can find somebody willing to pay for your product or service in Bitcoins
  • You can win Bitcoins by allocating some of your CPU time and becoming a node on the network. This technique is called CPU mining or Bitcoin mining. For each transaction, the system issues a “block.” For a miner, the goal is to solve this block to get paid. The claim is that a Bitcoin block can be found every 10 minutes; but this lottery has a very low rate of success and depends on the CPU size. Some calculations don’t finish in minutes, but in days or years!


Because the system is anonymous, you can find all kinds of offers in the underground market: from drugs to zero-day vulnerabilities. The best marketplaces are anonymous hidden services. They must be accessed via the Tor network.

Lately, various security researchers have discussed issues they encountered:

  • Hackers were able to hack into the database of the MtGox Bitcoin exchange firm (The Inquirer)
  • Spam messages promoting fake efficient Bitcoin-mining tools were distributed. They contained malware designed to send the wallet.dat files to a remote location (F-Secure/Softpedia) or a miner able to use graphics processing cycles from infected computers to increase the efficiency (Symantec/Softpedia).
  • A Bitcoin miner botnet was found in the wild. Using a large number of zombie machines, it attempted to speed up the computation and to mine more virtual currency (Kaspersky/Softpedia). This botnet can also launch DDoS attacks against competing Bitcoin miners (Trend Micro/Yahoo! News).


Most of these alerts are dated June, but the crooks have continued their searches and businesses. September has not ended, but it is clear that the number of suspicious or clearly malevolent programs targeting Bitcoin is exploding. This month, the figure will surpass 1,600 when it was practically zero in May.

At McAfee, most of these threats are detected as Generic PUP.z or generic.dx.

After spam, data theft, blackmail, anonymizer networks, etc., it seems we’ve found a new botnet emerging as another source of illegal income. The cybercriminals have also apparently found a new payment system.

If you want to read more about Bitcoin, I recommend Gavin Andresen’s (from acm.org) presentation: “Bitcoin, the World’s First Person-to-Person Digital Currency” and the Raulo white paper: “Optimal Pool Abuse Strategy.” Regarding the various Bitcoin attack vectors, the following Defcon-19 hacking conference white paper is a must-read: “Hacking the Global Economy with GPUs, or How I Learned to Stop Worrying and Love Bitcoin.”