Security researcher Didier Stevens setup a trap, or in digital security terms – a “honeypot”. Think of it as digital sting operation, where someone puts a server online open to attack – but nothing of value is really there, it’s only there to record the attacks as they happen.
The logs of these honeypots revealed hackers running scrips aimed at detecting files that contain cryptocurrency wallets.
The filenames included:
wallet – Copy.dat
Didier said he’s seen activity like this since 2013 – but never at such high volume.
Source: Global Crypto Press