Bitcoin is due to change the face of finance, but could have interesting social effects too, according to a leading security researcher.
Mikko Hypponen, chief research officer at F-Secure, believes Bitcoin could have a major impact beyond online payments.
He said: “I first heard about Bitcoin in 2009 and thought it was very interesting and invented by a genius. I first thought it was a huge waste of computing power but them realised that the system was doing something useful – tracking transactions. I’m not sure that Bitcoin will be the breakthrough digital currency, but it will be something which looks very like it.”
Hypponen said that only the ‘geekiest of the geeks’ were involved in early bitcoin mining, assembling their own machines and rigs. He said: “We’ve seen what bankers do when they get rich but the recent success and speculation around Bitcoin guarantees that the geekiest geeks on the planet will get rich – what will they do with their money? It will be interesting to see what these super-geeks decide to invest in.” Bitcoin mining in 2009 was very much a niche interest – Satoshi Nakamoto’s paper outlining the Bitcoin protocol was only published in 2008.
But he warned there were two main security risks for Bitcoin users or anyone mining similar currencies like Litecoin. “We’ve already seen malware attacks on Bitcoin – either direct attacks on exchanges or by searching for wallets on people’s compromised computers. If they take your wallet your Bitcoins are gone – just like cash. The thieves might struggle to use the coins but you’ll have lost them.”
These problems are likely to get more common as the technology increasingly enters the mainstream, and begins to be installed by less informed users.
The second security fear is cyber crooks creating botnets for mining Bitcoins or other currencies. The world’s second largest botnet – ZeroAccess – has over one million PCs which have spent the last year and a half mining Bitcoins. Hypponen said: “The Russian guys behind this must have made millions – and they’ll be investing this back into malware. These botnets used to be for sending spam, but now they’re making serious money.”
Right now mining Bitcoin mining is moving to specialised machines but rivals like Litecoin still use ordinary PCs to mine their currency.
In future we could see criminals targetting other devices – because with mining you don’t need a user. Embedded devices could be infected for mining purposes. Servers, mainframes or even set-top boxes could all be targetted in this way. If mining continues to provide a financial return for criminals so it is worth their while to invest in spreading malware infections.
“Bitcoin mining botnets are not a problem for embedded devices yet, but they could be for bitcoin clones – this provides a reason to hack your toaster.”
Hypponen said: “Our enemies have money to invest, they’re hiring developers and software testers. They’re even setting themselves up as operators and ISPs, making our job even harder.”