Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: BTC Pickpockets SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
BTC Pickpockets

I observed requests to my webserver to retrieve Bitcoin wallet files:

The files they are looking for are:

wallet - Copy.dat

I've seen a couple of such request a couple of years ago, but it's the first time I see that many. The first time I observed this was late 2013, in the middle of the first big BTC price rally.

Please post a comment if you observed similar requests.

Didier Stevens
Microsoft MVP Consumer Security


450 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!