A simple piece of malicious software is circulating that steals Litecoins, a virtual currency based on the Bitcoin system.
Security vendor ESET wrote the malware infects Windows computers. The program tries to steal “wallet.dat” files, which are used to store Litecoins in software programs.
The malware “is not very widespread at the moment, but Litecoin may become a target for attackers as its popularity and user base increases,” wrote Robert Lipovsky, a malware researcher with ESET.
The malware sent the wallet file to a remote FTP server controlled by the attacker. But the web host has been made aware of the scam, and a warning is now shown when connecting to the attacker’s FTP site.
The main Litecoin software application, called Litecoin-Qt, has a feature that lets users encrypt their wallet. An attacker would still need a password in order to unlock the coins.
Litecoin is closely based on the Bitcoin system. It uses the same protocol and a peer-to-peer network to transfer litecoins from one computer to another.
But Litecoin has taken a square aim at Bitcoin’s weaknesses and claims to offer faster verification times for transactions. In Bitcoin’s system, a transaction is usually considered legitimate if it achieves six verifications from the network, which can take from a few minutes to up to three hours.
Litecoin’s system has been engineered to confirm transactions within three minutes, according to the project’s website. Litecoins were trading on Wednesday for around US$2.70 each, according to BTC-e.com, a virtual currency exchange.