A hacker successfully injected malicious files into the official Bitcoin Gold wallet repository and download file, potentially placing users at extreme risk of having funds or personal data stolen.
On November 26, Bitcoin Gold’s development team posted a “Critical Warning” revealing that for four-and-a-half days — from November 21 to November 25 — users who downloaded the official Windows wallet from the Bitcoin Gold website or GitHub repository also received two suspicious files of unknown origin.
Presumably, these files were created to steal user funds or information, so the developers strongly advised anyone who downloaded the Windows wallet client during this period to take extreme caution to protect themselves and their funds — even going to far as to wipe any machines that downloaded the malicious files.
From the warning:
“Anyone who downloaded the Windows Wallet file between November 21, 2017, 09:39 UTC, and November 25, 2017, 22:30 UTC, should not use the file in any way. If the file was used, the computer on which it was used should be addressed with extreme caution; the file should be deleted, the machine should be thoroughly checked for malware and viruses (or wiped clean), and any cryptocurrencies with wallets accessible on that machine should be moved to new wallet addresses immediately,” the team wrote.
It is unclear how many users are affected by the security breach or whether any have lost funds as a result. The developers state that the Linux file was not breached and that the GitHub repository has been secured to prevent another similar breach from occurring in the future. Nevertheless, users should be vigilant to verify that the updated wallet download checksum matches the checksum listed on the Bitcoin Gold website.
This is just the latest setback to hit the fledgling cryptocurrency — which has the sixth largest market cap of any cryptocurrency — during its first month.
The coin’s official launch was beset by a DDoS attack, and community members raised questions about the premine that occurred before the public mainnet went live, as well as the project’s mining software.
Then, third-party wallet services MyBTGWallet and Electron Gold turned out to be scams, netting their creators’ millions of dollars worth of ill-gotten user funds. Following these revelations, it is likely that many users downloaded the official Bitcoin Gold wallet, assuming it to be the safest way to secure their coins. Unfortunately, this was not the case.
At the time of writing, bitcoin gold was trading at $305, which represents a nearly 25 percent decline from the all-time high of $413 it set just prior to the revelation of the download file breach.
Featured image from Shutterstock.