I dont understand few things in this post. How can a malware read the file is related to wallet or not?
The same way a worm copies itself on your USB disk when you connect it to an infected computer. And checking contents of a file is not a hard thing when it is not encrypted!
WatchForConnectedDevicesViatUSB().RunAsLongAsSystemIsRunning(inBackground = true);
if(newDeviceDetected)
{
GetAllFiles().Containing("Wallet", "bitcoin",....);
ReadContent();
if(content.IsPrivateKey)
{
SendToAttacker();
}
}
So it's good idea to rename documents or folders which contain your private keys. Viruses can parse file and folder names but they can't open random files.