Hacker News new | ask | show | jobs
by dolphenstein 4818 days ago
It didn't. "AdobeUpdate-Setup1.84.exe" is the executable that did the damage.
1 comments
amalag 4818 days ago
Yes, I understand the java applet executed the next file. How did the "AdobeUpdate-Setup1.84.exe" executable do the transfer?
link
jacquesm 4818 days ago
If it has file access permissions it can scan for wallet.dat in a few likely locations and then simply upload that file to a server, then delete the original and you're pretty sure that you'll have time enough to register a transaction with the bitcoin network.
link
phormula 4818 days ago
bitcoins were not stolen from a local wallet, rather they were withdrawn from his mtgox account to the thief's address.
link
jacquesm 4818 days ago
Ah, yes of course a mtgox balance would be at risk as well. I'd definitely check to see if my wallet had not been ripped as well.
link
amalag 4818 days ago
OK thank you. So is the wallet.dat related to MtGox at all or is it just a standard bitcoin wallet file used by the standard clients?
link
ghshephard 4818 days ago
It's a Bitcoin concept. It's where your actual bitcoins are stored.

https://en.bitcoin.it/wiki/Securing_your_wallet

link