The Bitcoin dodge was similar to scams that involve someone claiming to have a million dollars to invest and offering the target a portion of the money to do it, said LogRhythm's Greg Foss. "This is the New Age version of that, where it's attacking users of Bitcoin. We can tell it was very targeted, because all the people we've seen affected by this are registered Bitcoin users."

ile most folks know the value of money, few know the latest value of a Bitcoin, a virtual currency prone to wide price swings. Those swings haven't deterred those on the digital leading edge from speculating in the currency -- or bad app writers from cooking up ways to steal it.

"Bitcoins -- and indeed any digital property of any value -- will be a theft target," Bitcoin developer Jeff Garzik told TechNewsWorld.

"Just like U.S. dollars, Bitcoins are a thing of value, and therefore attractive to bad actors such as thieves," he added. "Bitcoins are purely digital, which makes them more vulnerable to malware than the wallet in your pocket."

Such a vulnerability was discovered recently by LogRhythm; it identified a phishing campaign targeting a list of known Bitcoin owners. Attached to messages are zip archives that the missives declare contain an electronic wallet with 30 Bitcoins, or about US$24,000.

When the wallet is opened, it infects a machine with the Bitcoin malware.

"What we found was that it actually siphons off the Bitcoin wallet of the person who opened the archive," LogRhythm Senior Security Research Engineer Greg Foss told TechNewsWorld.



Bitcoin Mining

Bitcoins also were targeted in a malware attack uncovered by Light Cyber. In that campaign, the bad app was distributed through advertising originating with Yahoo's servers.

Once the ad appeared in a browser, the malware infecting it exploited a Java vulnerability and went on to infect the machine, running the browser with several malicious programs -- including a Bitcoin miner.

Installing a Bitcoiin miner was a curious choice on the part of the malware writers, noted Light Cyber Vice President of Product and Strategy Giora Engel.

"Mining Bitcoin with a personal computer is not efficient," he told TechNewsWorld. "You would need to infect millions of computers before you could generate revenue from this."

Target Developments

The security spotlight continued to shine last week on Target, which was beginning to look like a deer in a Peterbilt's headlights.

The number of customers affected by a data breach in November-December zoomed from 70 million to 110 million.

More information began to emerge about where the data went after it was stolen and how the thieves nicked it.

Two security firms traced the path of some 11 GB of purloined personal information of millions of target customers from a place on the company's own servers to a U.S. server compromised by the attackers, and finally to a server in Russia (see Breach Diary).

"A heist of this caliber is done by the best of the best," said JD Sherry, vice president of technology and solutions at Trend Micro. "One or more elite crime syndicates most likely performed most of the reconnaissance and analysis on the Target mother ship."

RAM Scrapers

The world also got a better look at the techniques used by the Target attackers to compromise the company's systems. It was revealed that Target's point of sale terminals were infected with malware that used "RAM scraping" to siphon data from the devices.

The technique is used to look into an area of memory and identify targets -- credit card numbers, for example -- to capture.

"They can use scraping to retrieve raw data or gain intelligence about the layout of a POS system," Jeff Debrosse, director of security labs at Websense, told TechNewsWorld.

Because the malware was found on thousands of POS stations, it probably was distributed from Target's servers. "The size of the breach indicates the attack was centralized in order to have impacted that many credit card account holders," Debrosse said.

Also last week, although the horses have left the barn, Target announced it was investing $5 million in a multiyear campaign to educate the public on the dangers of scams.