Bitcoin gets Stoned: How one anonymous prankster tried to crash BTC

In 2014, Microsoft virus scanners were detecting viruses in Bitcoin software

article-image

Art by Crystal Le

share

This is a segment from the Supply Shock newsletter. To read full editions, subscribe.


Bitcoin has its enemies.

Environmental alarmists, stubborn central bankers and out-of-touch politicians would surely count, even if their ranks have thinned in the past few years. 

There’s also the odd boomer economist who would still jump at the chance to suggest that bitcoin has no intrinsic value and embodies the greater fool theory, if it meant extra engagement.

All those archetypes are great heels that routinely serve as sounding boards for Bitcoin discourse. 

There are also those who’ve attacked Bitcoin out of boredom, curiosity or just for fun. Which I suppose is somewhat cooler.

This is the tale of one such punk hellbent on disrupting Bitcoin as best they could.

On This Day — Bitcoin gets Stoned

This story starts all the way back in 1987, more than two decades before Bitcoin.

It’s believed that an unknown student at the University of Wellington in New Zealand had developed malware known as Stoned, one of the first ever computer viruses.

Stoned was an early boot virus, a category which infects the boot sector of a hard drive or removable media (mostly floppy disks back then), altering how computers initially load their operating systems and run other necessary start-up functions.

It was technically a novel virus, but in reality, Stoned was more of an elaborate prank. 

An infected machine would have a one in eight chance of loading a screen that would simply display a pro-pot message: 

“Your PC is now stoned! LEGALIZE MARIJUANA!”

Check the bottom right corner — you’ve been Stoned!

Twenty-seven years later, on May 15, 2014, a pseudonymous Windows 7 user reported a worrying false positive from their Microsoft Security Essentials package.

Microsoft’s built-in antivirus software had detected Stoned’s virus signature in Bitcoin’s blockchain data, leading to constant annoying popups and even deletion of all relevant files.

That included removal of the complete copy of the chain’s history required to sync nodes, which was almost 19 GB large at the time, data that would be automatically re-downloaded by the Bitcoin client.

It didn’t make any sense for Stoned to have really infected Bitcoin Core. The virus’s code would be completely benign, even if it were somehow written to the chain in its entirety. 

The running theory was that perhaps by some statistical anomaly, Bitcoin’s hash function for its block headers had somehow generated enough of Stone’s hexadecimal byte sequences for Microsoft’s malware scanner to recognise it as the actual virus.

Microsoft then quickly patched Security Essentials to ignore the curiosity.

The smoking gun only came about six weeks later, by way of IT professional Didier Stevens. It was not a hoax: Someone had intentionally attempted to bring down Bitcoin nodes.

Stevens had discovered a series of transactions from April 4, 2014 featuring outputs containing identical byte sequences to ones inside Stoned’s code.

Loading Tweet..

Meanwhile, two days earlier, a Pastebin post by an anonymous author had outlined a method of spamming the Bitcoin specifically to trigger false-positives from antivirus software.

They wrote: “Spamming the bitcoin database with virus signatures will cause havoc. Some antivirus-programs will delete the database locally, others will deny their bitcoin-client access to the databases.”

“Some won’t be able to start their bitcoin-clients again (and can’t understand why). Some will format and reinstall their computer…to once again get ‘infected’ when they get a bitcoin client again.”

Next, panic would strike “computer n00bs” alongside rumors that Bitcoin is spreading viruses. Then, chaos, with the media dramatizing the situation. 

“The value of bitcoins will drop hasty…Please help spamming the bitcoin database with virus signatures :)”

Stoned bytecode was injected into Bitcoin’s chain data within about a day of the post.

Of course, there was no widespread panic. The price of bitcoin never crashed in relation to the prank, and there wasn’t a noticeable drop in hash rate due nodes being knocked offline.

But there were forum threads about it, as well as media headlines, blogs and other posts, including this one, 11 years later. That’s gotta count for something.

— David

From The Pod

These days, Bitcoin is increasingly divided over whether spam, not unlike the Stoned bytecode, is, in fact, a virus.

“We’ve always been hostile to the shitcoiners when they invade. Make no mistake, they are invading right now and we should be hostile to them again.”

Those are the passionate words of Chris Guida, a Bitcoin ecosystem developer in favor of stopping non-standard data from ever making it to the chain via the ever-polarizing OP_RETURN field. 

In today’s epic two-hour episode of Supply Shock, Guida and host Pete Rizzo cover the spam filter debate, miner incentives, the realities of decentralization in modern day Bitcoin and other spicy topics.

“It’s called a filter and not a wall because some things are going to slip through. That’s okay, the point of spam filters is to raise the cost of spamming so that the worst offenders, things like BRC20s that had huge transaction volume at the peak, can’t happen.”
Check out the full episode on YouTube, Apple Podcasts and Spotify.


Get the news in your inbox. Explore Blockworks newsletters:

Tags

Decoding crypto and the markets. Daily, with Byron Gilliam.

Upcoming Events

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

Industry City | Brooklyn, NY

TUES - THURS, JUNE 24 - 26, 2025

Permissionless IV serves as the definitive gathering for crypto’s technical founders, developers, and builders to come together and create the future.If you’re ready to shape the future of crypto, Permissionless IV is where it happens.

Brooklyn, NY

SUN - MON, JUN. 22 - 23, 2025

Blockworks and Cracked Labs are teaming up for the third installment of the Permissionless Hackathon, happening June 22–23, 2025 in Brooklyn, NY. This is a 36-hour IRL builder sprint where developers, designers, and creatives ship real projects solving real problems across […]

recent research

Nick Compute (1).png

Research

2025 has facilitated unprecedented growth in generative AI adoption. By late 2024, over 71% of companies were using generative AI in some form, a massive jump from 33% the year prior. Tools like ChatGPT, Perplexity, and open-source models have proliferated, with potentially billions now leveraging AI chat bots. In Q1 2025, OpenAI’s release of the o3 & o4 models marked another leap, touted as a multimodal “reasoning” model capable of breaking responses into smaller components, testing different approaches, and validating solutions until reaching a final output.

article-image

Fineqia’s Matteo Greco says Circle’s targeting a valuation in line with market expectations to avoid a post-launch drop like Coinbase

article-image

The President’s son reportedly said his family may pursue legal action

article-image

One lets everyone see your trades. The other hides everything. Which design wins in crypto’s next perps arena?

article-image

Celebrating Bitcoin’s “zero to 1,000%” moment

article-image

K33 analyst Vetle Lunde warned of potential volatility ahead

article-image

The president wants Senators to hurry up and pass his sweeping tax and budget bill, as well as pro-crypto legislation