Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Bitcoin Crime Security The Almighty Buck

Security Breach Forces Bitcoin Bank Inputs.io To Halt Operations 285

New submitter BitVulture writes "The hardcore Bitcoin community is abuzz with news of the closure of Inputs.io, a supposedly secure online Bitcoin wallet, after an attack resulted in the loss of 4100 Bitcoins. A PGP-signed message at the home page of the now mostly non-operational site briefly explains the situation: 'Two hacks totalling about 4100 BTC have left Inputs.io unable to pay all user balances. The attacker compromised the hosting account through compromising email accounts (some very old, and without phone numbers attached, so it was easy to reset). The attacker was able to bypass 2FA due to a flaw on the server host side.' There's no word yet whether Inputs.io will eventually resume operations or whether the security breach will force the Bitcoin bank out of business."
This discussion has been archived. No new comments can be posted.

Security Breach Forces Bitcoin Bank Inputs.io To Halt Operations

Comments Filter:
  • by JcMorin ( 930466 ) on Thursday November 07, 2013 @08:56AM (#45355521)
    This is for worst or better, online wallet that CONTAINS your private key can be hacked like inputs.io. That's why it's recommended to use wallet like blockchain.info where you hold the private key so they can't spent bitcoin for you. In some case where they must hold the key for you (exchange service for instance) most of their coin should be in cold storage / not allocate to direct individual. In another news, Bitcoin value is at all time high over $300.
  • by DogDude ( 805747 ) on Thursday November 07, 2013 @08:59AM (#45355545)
    I'm so glad that Bitcoin is such a simple solution to the complexity of cash!
    • by nurb432 ( 527695 )

      Except that was never its intent.

      • Re: (Score:2, Interesting)

        by Anonymous Coward

        And yet that's what every proponent of Bitcoin (including the paid shills that edit this site) has tried to convince us of from the very beginning -- that Bitcoin could supplant real currency. Now that the whole plan is crashing down in flames those same proponents have no defence other than "Bitcoin was never meant for that purpose." Funny how your perspective changes when you find out your "sacred cow" is more like "a big steaming pile of bullshit."

        That's what you get for buying into an easy-money scheme.

  • Might want to make that more clear in story, it almost reads like an anti-bitcoin FUD thing.

    So a 'bank' had their servers breached and money stolen... *yawn*.

    • Unlike traditional bank, you can trace the money stolen where it goes but unable to get it back. Bitcoin have no way to force a transaction except if everyone would update their software to approve a transaction without the valid cryptographic signature something unlikely to happen considering the thousands of instance running.
      • Re:exact (Score:5, Insightful)

        by bobbied ( 2522392 ) on Thursday November 07, 2013 @09:48AM (#45356023)

        This is the thing about BitCoin I never understood. The proponents of BitCoin claim that it was untraceable, but all transactions are traceable by looking at who spent the coin and who owns it now, at least by their public key. This information is included in the data blob that IS the coin and lots of people have to observe the transaction before it becomes valid. You may not know who's key is who's, but you certainly can trace ownership of the BitCoin.

        So, you may not know who owns a single coin, but though simple observation of transactions and a bit of foot work you can easily piece together who's who and who's spending their coins on what. It becomes a data mining operation with a bit of detective work to trace where folks are converting traditional currency into and out of BitCoin. Which is totally different than trading say dollars in currency. You *might* be able to trace currency transactions though things like DNA traces left on the bills or serial numbers (if you know them), but if somebody passes a briefcase of money around, there will be no way to trace each transaction that might have taken place.

        • It certainly isn't inherently untraceable, but it is trivial to launder. Wallets are anonymous and unlimited.

          • by dj245 ( 732906 )

            It certainly isn't inherently untraceable, but it is trivial to launder. Wallets are anonymous and unlimited.

            Is laundering effective if the entire record of all transactions is public information? At best, it would provide plausible deniability only.

            • It is when you can create a wallet, use it for the transaction, and then destroy the wallet. You launder the money in the same way people do today with dollars - set up a sham business and use patsies. "Earn money from home!" When my step mother smoked, she bought cigarettes from Ukraine. Each carton came from a different return address. Yes the transaction record is there in the bitcoins that you used, but who cares? The trail stops at some woman in Oklahoma who was paid to convert bitcoins to cash and the

          • True, but eventually to get your money out of the Maytag you will have to convert it to another currency so you can buy something. All law enforcement has to do is catch you converting your BitCoin or associate your wallet(s) with you and they can trace everything.

            The problem with money laundering is always the same. You have illegal assets that you either have to hide by not spending (and where's the fun in that) or make them look like legitimate assets so you can use them. BitCoin doesn't make this conv

  • by lxs ( 131946 ) on Thursday November 07, 2013 @09:09AM (#45355635)

    Pick any two.

  • Never, never, never trust your Bitcoin wallet to a third party, no matter how trusted.
    Keep your wallet safe by maintaining personal, physical possession of it and adhering to safe network practices.
  • I think it is a misuse of the word "bank" using it to describe these websites.

  • by museumpeace ( 735109 ) on Thursday November 07, 2013 @09:21AM (#45355747) Journal
    It does not sound like Nation State Attacker was at work here.
    The attack was not so sophisticated that the infosec boys were left scratching their heads as to how the breach was made. In fact, for a so-called vault, Inputs.io leaving up the access to old accounts that skirt 2FA seems sloppy.
    And, certainly, having 4100 BTC to spend for your porn and drugs would be motivation to some who are capable of such an attack.

    But I assume central banks and gov'ts with propped up currencies don't want to see Bitcoin really take off. Just breaking everyone's trust in BTC is a win for them.
    • Re:motives? (Score:4, Insightful)

      by devman ( 1163205 ) on Thursday November 07, 2013 @09:52AM (#45356069)
      Could have been an inside job. Collect $1.2 million in BTC from "depositors". Take all the money and run. Blame it on hackers. Profit. No one is going to investigate, there are no consequences, there is nothing to audit, and no way to seize back the funds even if some legal action were taken.
      • by tibman ( 623933 )

        There are consequences to inputs.io. People with bitcoins probably all panicked and pulled their coins out. That is why it is very unlikely to be an inside job.

  • Yeah, I know it's the "fad" to bash Bitcoin. But it's disappointing, because Bitcoin represents everything that us nerds reading slashdot should like: It's a mix of cryptography, freedom of speech, computing, networking, finance, economics, and even politics. Most of us here dig that stuff.

    Get over the hype and take Bitcoin for what it really is: a fascinating experiment that has, so far, withstood the amazing barrage of publicity, hacking attempts, legal uncertainties, and remains valuable for reason
    • by DogDude ( 805747 )
      But it's disappointing, because Bitcoin represents everything that us nerds reading slashdot should like: It's a mix of cryptography, freedom of speech, computing, networking, finance, economics, and even politics. Most of us here dig that stuff.

      Speak for yourself. One of the founding principles of geekdom that I learned from geeks much older and much smarter and much wiser than me, and that I still believe wholeheartedly in is: KISS (Keep It Simple, Stupid). Bitcoin fails KISS, spectacularly.

      Bitcoi
      • You're joking, surely? For all that's wrong with it, it's as elegant as a decentralised digital transactions system could be. The issue is rather whether decentralised digital transactions systems, much less ones that also act as a novel unit of trade, are a good idea.

      • "Bitcoin is a laughably complex solution that's looking for a problem."

        If you tell me how you could move $10 million anywhere in the world, in 10 minutes, without third-parties, without fees, and without risk of reversal...then you just answered your own criticism.
      • by Agent ME ( 1411269 ) <agentme49&gmail,com> on Thursday November 07, 2013 @01:05PM (#45358389)

        It's much more complex than any other payment system

        That partly has to do with it being a decentralized cryptocurrency. Without central authorities or trusted servers, it takes quite a bit more to force everyone in the network to work together and agree on the state of the system. (And as digital currency systems can go, it is still pretty far from the most complex. Look up older partially anonymous Chaumian currencies.)

        it's value as a currency is wildly unstable

        Because it's not widely used yet. You can't peg the value of a decentralized currency to a centralized one. Its value works just by supply and demand, and as demand fluctuates wildly, so will its value.

        it's prone to all sorts of technical and security problems

        The article is about a specific vulnerable site that got hacked, not the bitcoin system or software itself.

  • by Bram Stolk ( 24781 ) on Thursday November 07, 2013 @11:53AM (#45357457) Homepage

    I've been analyzing bitcoin lately, and have come up with the following reasoning:

    As the coins are limited to 21M coins, you can, at this date, purchase 1/21Mth part of all the coins in the world for $300,-
    Even if you put the odds of bitcoin supplanting US dollar very slim (1:1000), the only rational choice is to buy bitcoin.
    If in 2030 the world uses bitcoins, you end up owning a sizeable portion (1/21M) of the entire money supply of the world's default currency.
    How is this not a good deal? Heck, even at 1:1000000 odds of bitcoin supplanting US dollar would still make sense at $300,- per coin.

    Where is fault in my logic? It seems too easy.

    • by JoelKatz ( 46478 )

      If everyone agreed with this reasoning, the price would already be higher. The fact that the price is where it now shows that other people assess the probability of Bitcoin taking over a substantial fraction of the world economy *much* lower than you do. If you still think you're right and everyone else is wrong, then buy Bitcoins.

  • As far i know, you can see the history of each bitcoin in the blockchain, each wallet that have and had it, each transaction that it had been involved into. If those bitcoins where moved to a particular wallet, any participant in the bitcoin network can see to which wallet it went it all, and what that person did after that. Maybe the name of that person is not known yet, but the people that will receive some of those bitcoins in exchange of something may have a hint on who they are or where they are living

  • This is great. Usually when a bank loses everything the taxpayers are forced to bail them out. The customers actually losing is a breath of fresh air.

  • How to profit (Score:4, Insightful)

    by tygt ( 792974 ) on Thursday November 07, 2013 @02:42PM (#45359459)

    Not that this is what's going on, of course, but this came to mind:

    1. open bitcoin "bank"
    2. get lots of deposits
    3. "get hacked" and close up shop

    There is no step four, the profit's in step three.

No spitting on the Bus! Thank you, The Mgt.

Working...