PSA: Bitcoin Gold (BTG) Official Windows Wallet App Might Have Been Compromised

LASER_oneXM

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
The team behind the Bitcoin Gold (BTG) cryptocurrency have issued a security alert warning all users about a security incident involving the official Windows wallet application offered for download via its official website.

The official Bitcoin Gold website does not host installers for the official wallet apps but links to files hosted in a GitHub repository.

BTG developers say that someone gained access to this GitHub account and replaced the Windows installer with a "suspicious" file.

SHA-256 checksums did not match

The Bitcoin Gold team detected the breach over the weekend when they noticed that the SHA-256 checksum for the Windows installer did not match the original SHA-256 checksum for the file they initially hosted on the GitHub repo.


According to an ongoing investigation, the GitHub repo served an incorrect file between November 21, 2017, 09:39 UTC, and November 25, 2017, 22:30 UTC.

Developers say the fake wallet app did not trigger any malware detections with antivirus software and they couldn't identify any malicious behavior. Nonetheless, they labeled the file as "suspicious and are advising users against using it.

"Until we know otherwise, all users should presume these files were created with malicious intent – to steal cryptocurrencies and/or user information," they said.
Click to expand...

Users advised to move funds, reinstall affected PCs

"If the file was used, the computer on which it was used should be addressed with extreme caution; the file should be deleted, the machine should be thoroughly checked for malware and viruses (or wiped clean), and any cryptocurrencies with wallets accessible on that machine should be moved to new wallet addresses immediately," BTG devs added.

The BTG team has restored the original files and has secured its GitHub account.

Below are the current correct SHA-256 checksums for BTG's Windows and Linux wallet apps. Bitcoin Gold developers said the Linux version of its official wallet app was not changed during the incident.

Windows file SHA-256:
53e01dd7366e87fb920645b29541f8487f6f9eec233cbb43032c60c0398fc9fa
bitcoingold-0.15.0-win64-setup.exe

Linux file SHA-256:
25d7bf0deb125ecf5b50925a1c58e98c4b0b0a524470379c952f6b9310e97cfe
bitcoingold-0.15.0-x86_64-pc-linux-gnu.zip
Bitcoin Gold is the latest hard-fork of the official Bitcoin cryptocurrency, created on October 25. Despite being barely a month old, BTG is already the fifth most popular cryptocurrency on the market, ranked behind Bitcoin (BTC), Ethereum (ETH), Bitcoin Cash (BCH), and Ripple (XRP).

At the time of writing, Bitcoin Gold is traded for around $330 and has a market cap of over $5.5 billion.
Click to expand...
 
  • Like
Reactions: harlan4096, upnorth, bribon77 and 1 other person
You must log in or register to reply here.

Similar threads

upnorth
    • Wow
    • Like
Crypto Opinions & News Clipminer Rakes in $1.7m in Crypto Hijacking Scam
Replies
0
Views
659
Crypto News
upnorth
upnorth
Bot
    • Like
Update to Windows Subsystem for Android™ on Windows 11 (June 2023)
Replies
0
Views
600
Windows 11
Bot
Bot
M
    • Like
Threat actors misusing Quick Assist in social engineering attacks leading to ransomware
Replies
0
Views
430
Microsoft Defender
Microsoft Threat Intelligence
M

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top