Bitcoin.org has warned users to be aware that the upcoming release of Bitcoin Core is likely to be targeted by state-sponsored cyberattackers.
The group which manages Bitcoin Core, the client used to keep the virtual currency decentralized while at the same time aims to accept only valid transactions, warned this week that the organization has “reason to suspect” that the binaries used in the next release will become targets.
The upcoming 0.13.0 release, dubbed Segwit, has undergone extensive testing and has been designed to improve transaction efficiency. The update also changes the rules of the Bitcoin system marginally by introducing new features which reduce problems associated with unwanted third-party transaction malleability and designing smart contracts which use the cryptocurrency.
However, state-sponsored groups — which are often sophisticated and have high levels of government funding — may impede the release or threaten investors dabbling in the virtual currency, and Bitcoin.org says that any state-sponsored threats levied against the new release cannot be defended against without help.
As an organization, Bitcoin.org says that it “does not have the necessary technical resources to guarantee that we can defend ourselves from attackers of this caliber.”
Bitcoin.org says within the security advisory:
“We ask the Bitcoin community, and in particular the Chinese Bitcoin community to be extra vigilant when downloading binaries from our website.
In such a situation, not being careful before you download binaries could cause you to lose all your coins. This malicious software might also cause your computer to participate in attacks against the Bitcoin network. We believe Chinese services such as pools and exchanges are most at risk here due to the origin of the attackers.”
The warning, geared towards the Chinese Bitcoin community, does not disclose any more information on whatever threats the organization feels are on the horizon. In the meantime, the group suggests that users download this cryptographic key, of which the hashes of Bitcoin Core binaries are signed with.
“You should securely verify the signature and hashes before running any Bitcoin Core binaries,” Bitcoin.org says. “This is the safest and most secure way of being confident that the binaries you’re running are the same ones created by the Core Developers.”
In June, an Australian man who claims to be the mysterious creator of Bitcoin, Satoshi Nakamoto, filed a vast number of patents which could amass him a fortune in virtual currency-related royalties.