BitFloor Joins List of Compromised BitCoin Exchanges 232
hypnosec writes "An attacker managed to access an unencrypted backup of wallet keys and steal 24,000 BTC (worth more than a quarter million USD), following which Bitcoin exchange Bitfloor has been shut down while the investigation of the theft is going on. The attack was carried out sometime last night. In a forum post, Shtylman pleads with Bitcoin users that BitFloor needs their help."
Not surprised ... (Score:2, Interesting)
I'm not really surprised by this. Someone had the idea to create a purely virtual currency, and someone else has found it to be an attractive target.
The fact that it is vulnerable to this kind of attack probably indicates there's some real flaws in how this currency is supposed to work -- or at least a few places where someone can get through the cracks.
I remember when I first started hearing about this, and thinking "gee, I hope they've thought through all of the security issues". It's like security in operating systems ... there's tons of things you could overlook which can let someone in, and until it starts happening, you likely haven't even thought of all of them.
I feel bad for anybody has lost their money on this, but I've been treating this like an experiment which has the potential to go really wrong. It's just so massively complex to try to design your own currency system that someone isn't going to try to exploit without going through a lot of growing pains.
i think these places steal their own bitcoins (Score:2, Interesting)
Easy way to make money, set up a bitcoin exchange, run it long enough to get a couple 100 grand of bitcoins then steal them all from yourself, since bitcoin is untraceable there's really no way to get caught.
Re:Why ever use Bitcoin in the first place? (Score:1, Interesting)
Hello. Welcome to the 2010s. The "other online payment systems" are not just service providers anymore, they are also Boy Scouts, and a Neighborhood Watch. They take it upon themselves to determine who you can give money to, and to who you can not. Wikileaks is just one such example. There are also many outside of the US that are somehow considered to be in violation of US laws that of course don't apply to them.
Therefore we need the equivalent of cash.
You need help alright (Score:4, Interesting)
This smacks of an inside job, which given the nature of bitcoin, is far to easy.
Set up exchange, collect keys, lose keys in 'compromise', profit. No ???? Needed.
Re:Why ever use Bitcoin in the first place? (Score:5, Interesting)
Obviously, there's lots of ways things could go wrong, but I'd give them my money before I'd put it in a bitcoin exchange...
Re:OK, I really don't get BitCoin... (Score:2, Interesting)
The title of your post is spot on: you really don't get it.
The amount of black money in the EU is well over 1000 billion euro. Try to picture that much money. Now imagine the corrupt Chinese official who was caught stacking piles of money inside his walls at home because he didn't know how to spend it. Understand that the communist party in China has over 70 million members, many of them an official of some sort. Now think about all the other corrupt places in the world.
I think you get the idea. There's a ton of people who want to do business outside of official channels. Occasionally losing some money in an exchange that gets hacked is better than having your money rot inside a wall.
Would anyone be surprised? (Score:2, Interesting)
I have heard from a source I cannot disclose that these attacks *might be* government sponsored.
The notion here is that if governments actively attempted to outlaw, ban or block the use of this alternative currency, people would backlash and buckle down even tighter. (You can see how well the "war on terror" and the "war on drugs" has been working out.) Making this currency illegal will only create more criminals.
Instead, it has been said that there is an extremely active initiative to discredit the risk and reliability of the currency.
Personally, I am not sure whether this will work or not, but the purpose and the methods seem reasonable.