ICYMI: Bitcoin Gold Official Wallet App Compromised – Move Funds If You Downloaded the Suspicious File
Bitcoin Gold (BTG) is facing yet another security issue as the team has revealed that hackers had gained access to their GitHub repository, replacing their compiled Windows file with a suspicious file. The developers warned earlier in the week that they detected the breach over the weekend. As a result of this breach, their GitHub repo served a suspicious file instead of BTG's legitimate official Windows wallet application between November 21, 2017, 09:39 UTC, and November 25, 2017, 22:30 UTC.
"Until we know otherwise, all users should presume this file was created with malicious intent – to steal cryptocurrencies and/or user information," the security advisory says. "The file does not trigger antivirus / anti-malware software, but do not presume the file is safe." The team has also advised users to verify the SHA-256 checksum of the downloaded file against the one listed on the site.
Any user who verified the SHA-256 checksum of the download against the checksum listed on our Download pages is already aware the file is not authentic and should not have used the file, but nobody should assume that all users take this important step.
In a security alert issued by the BTG cryptocurrency team, devs have added that the site itself doesn't host installers for the official apps, but links to files on GitHub. That GitHub repo was temporarily taken over by an "unknown party" and "two different suspicious files were uploaded to the GitHub over the course of several days."
Bitcoin Gold Windows wallet app users are advised to move their funds
While developers have added that the file doesn't appear to have any malicious intentions, it should be taken as a malware. They have also advised users who may have installed this file to scan their PCs and move digital currency to new wallets.
"If the file was used, the computer on which it was used should be addressed with extreme caution; the file should be deleted, the machine should be thoroughly checked for malware and viruses (or wiped clean), and any cryptocurrencies with wallets accessible on that machine should be moved to new wallet addresses immediately."
Bitcoin Gold is the fifth most popular cryptocurrency, ranking behind BTC, ETH, BCH, and XRP. The team has promised to audit their security processes to ensure this doesn't happen again. The GitHub repo has also been secured now.