Science

Bitcoin's Core May Be Targeted by Chinese Government Hackers

Another day, another vulnerability.

by Nathaniel Mott
Getty Images / Andrew Burton

Bitcoin developers have received a strange warning: There’s “reason to suspect that the binaries for the upcoming Bitcoin Core release” — which is what allows the cryptocurrency to function — “will likely be targeted by state-sponsored attackers” hoping to undermine Bitcoin’s security and integrity.

The blog post warning about the potential attack was published on Wednesday by “Cobra-Bitcoin” (one of the managers of Bitcoin.org.) Cobra is “trusted” by the pseudonymous Bitcoin creator Satoshi Nakamoto. Bitcoin.org distributes Bitcoin Core to people who use it in their own software.

“As a website, Bitcoin.org does not have the necessary technical resources to guarantee that we can defend ourselves from attackers of this calibre,” Cobra-Bitcoin wrote in the blog post. “We ask the Bitcoin community, and in particular the Chinese Bitcoin community, to be extra vigilant when downloading binaries from our website.”

Cobra-Bitcoin also warns that downloading corrupted binaries might “cause you to lose all your coins” and “cause your computer to participate in attacks against the Bitcoin network.” They then allude to the Chinese government by saying that Chinese services run the most risk “due to the origin of the attackers” but do not specifically name the Chinese government or explain their attribution process.

Some in the Bitcoin community are suspicious of the mysterious warning. Cobra-Bitcoin published the blog post without seeking any peer review, which is strange for collaborative projects like Bitcoin.org, and many in the community had no idea who this person was before this episode.

That isn’t out of the ordinary for the group behind Bitcoin’s base tech. “‘Bitcoin Core’ was never an organization,” Bitcoin Core maintainer Wladimir van der Laan told CoinDesk in January, “Just a loosely coupled group of overworked mostly-volunteers contributing to a piece of software, so it has never had an unified message.”

Yet the warning still raises concerns about Bitcoin’s security. Most of the time hacks related to the cryptocurrency involve errors on some other developer’s part. A state-sponsored hacker who manages to undermine Bitcoin Core would have a profound impact on the cryptocurrency’s security as a whole.

Cobra-Bitcoin advises people to check to make sure downloaded binaries have a known cryptographic key used in previous releases. “You should securely verify the signature and hashes before running any Bitcoin Core binaries,” they write in their blog post. “This is the safest and most secure way of being confident that the binaries you’re running are the same ones created by the Core Developers.”

That’s a sound practice, yet some have noted that anyone who can make people download a compromised binary instead of the intended release would also be able to edit a blog post on Bitcoin.org to trick Bitcoin users into trusting whatever key is used by the malicious software. Other sources will have to be used to verify that people are downloading the real Bitcoin Core instead of a malicious copycat.

In June, Bitcoin had its longest rally since the boom it experienced in late 2013. At that point it was trading at $750; it is now trading at $574. So if you want to buy some of the bitcoins auctioned off by the U.S. Marshals, now might be the time to do so. Just be sure to check your binaries first.