Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Bitcoin Crime Security The Almighty Buck

Hackers Steal $5M In Bitcoin During Bitstamp Exchange Attack 114

itwbennett writes: After a weekend hack forced the Bitcoin exchange Bitstamp to shut down, Bitstamp has revealed that $5 million worth of bitcoin was stolen during the attack. And that's not all the bad news for Bitcoin this week: Canadian Bitcoin exchange Vault of Satoshi announced it is is no longer accepting new deposits and will close Feb. 5. But in this case the operators are pursuing new business opportunities, saying in a post that the shutdown "has absolutely nothing to do with insolvency, stolen funds, or any other unfortunate scenario."
This discussion has been archived. No new comments can be posted.

Hackers Steal $5M In Bitcoin During Bitstamp Exchange Attack

Comments Filter:
  • by smittyoneeach ( 243267 ) * on Tuesday January 06, 2015 @06:12PM (#48750481) Homepage Journal
    Bitcoin loss
    After such toil
    All goes to dross
    Like $100/bbl oil
    Burma Shave
    • Re: (Score:1, Troll)

      by pitchpipe ( 708843 )
      Bitcoin theft
      Found us bereft
      All that was left
      Was for the deft
      Burma Shave
      • It's very sane
        Let us explain:
        Your coins remain
        On the blockchain
        In public view
        So carry on!
        No cares for you!
        Aaaaaand... they're gone.
        Burma Shave

    • Re: (Score:1, Troll)

      They lost $5 million
      But it's not in real bucks
      It's bitcoin bullion,
      Uninsurable deposits - that sucks.
      They're closing next month
      But don't worry they said.
      Your money's safe with us
      Though our company's dead.
      Unregulated "money"
      is no money at all,
      And so bitcoin's confidence
      Takes another fall.

      Burma Shave

      • Heist of Bitcoin
        Now others won't join
        And I've got nothin'
        To cover my loin
        - Dr. Suess
        • "Bitstamp got their
          Misery share,
          Like Bob McDonnell so fine
          Justice is served
          Punishment deserved
          If you know what I mean," spake Corzine.
    • Hack or fraud
      Gain or lose
      On /r/Bitcoin
      It's all good news
      Burma Shave

  • by Anonymous Coward

    Oh shit!

    • by houstonbofh ( 602064 ) on Tuesday January 06, 2015 @06:19PM (#48750517)
      Funny, but it does make me wonder why people keep anything in these exchange or in online wallets anymore. I mean is keeping a small file safe yourself really that hard?
      • It's hard to buy or sell bitcoin with fiat currencies (e.g. US Dollar). Online exchanges facilitate that. Why people keep it in online wallets for an extended period of time? Maybe they trust professionals to lock down their business better than they can lock down their own PC. Plus you have to work about disk corruption etc.
        • Maybe they trust professionals to lock down their business better than they can lock down their own PC.

          And these incompetent operators is what is causing bitcoin to lose credibility. An unregulated, anonymous (insofar as bitcoin addresses just being a series of numbers not tied to anybody in particular) currency that is stored with unregulated, uninsured entities is immediately a bad idea and people supporting them and then being fleeced by them or their poor security practices and policies is really damaging bitcoin.

          • by Anonymous Coward

            Is it? Is it really? I haven't exactly seen a decrease in the use of bitcoins. Though I aslo haven't seen a significant increase either. However among those using it they still seem to be using it.

            • And these incompetent operators is what is causing cash to lose credibility. An unregulated, anonymous currency that is stored with unregulated, uninsured entities is immediately a bad idea and people supporting them and then being fleeced by them or their poor security practices and policies is really damaging cash.

              Is it? Is it really? I haven't exactly seen a decrease in the use of cash. Though I aslo haven't seen a significant increase either. However among those using it they still seem to be using it.

              Seems the same to me.

            • Is it? Is it really? I haven't exactly seen a decrease in the use of bitcoins. Though I aslo haven't seen a significant increase either. However among those using it they still seem to be using it.

              Of course it is. I'm not saying people aren't using it but obviously the broader appeal of it is not taking hold and it is viewed as "unsafe" with the incompetence of these operators proving that point by losing customer funds. Bitcoin has a lot going for it but obviously won't go mainstream if you have exchanges continuously screwing up like this.

              • Yes, just like people stop using dollars when there are bank robberies. It's normal.

                • by exomondo ( 1725132 ) on Tuesday January 06, 2015 @09:45PM (#48751679)

                  Yes, just like people stop using dollars when there are bank robberies.

                  No, people do not stop using dollars when there are bank robberies because - as I pointed out in my original post [slashdot.org] - these bitcoin entities are unregulated and uninsured. If a bank is robbed you do not lose your money, when MtGox was robbed you lost your bitcoins.

                  I thought I made it pretty clear and wouldn't have to point out that the reason I explicitly said they were uninsured and unregulated is because that is contrary to the existing banking systems.

                  • You are not exactly right. That only covers up to $100,000

                    So if you have a retirement account with $500,000 in it and the bank gets robbed, you get $100,000 back. Unless the bank has taken steps to guarantee amounts above $100,000. Thought most dont, they simply have you sign I form when you open the account that states you have been notified.

                    • You are not exactly right. That only covers up to $100,000

                      Unlike bitcoin they don't earmark the cash on a per-account basis. If a bitcoin exchange is robbed the funds are removed from specific accounts, if a bank branch is robbed and cash is stolen that isn't necessarily from anybody's account in particular.

                    • by Anonymous Coward

                      You are not exactly right. That only covers up to $100,000

                      So if you have a retirement account with $500,000 in it and the bank gets robbed, you get $100,000 back.

                      No you are thinking of insurance for the bank going out of business which was part of the Banking Act of 1933. When cash is held on the premises of bank it is not literally held in individual accounts so when a robber steals money from a bank it isn't from one particular bank customer. What you are describing there (even though the limit is incorrect as it was raised to $250,000 in 2008) is FDIC or the Federal Deposit Insurance Corporation which covers the depositors up to that amount in the event the bank

          • by rtb61 ( 674572 )

            The real question is how much do those operators make by shifting around other people's bitcoin and doing the conversion versus how much they make by having a bunch 'er' stolen, seeing as there are no criminal ramifications for when they get stolen, they just need to have evidence of an attack and it's whoops tee hee and they do not cover the loss, like a normal bank would.

          • An unregulated, anonymous (insofar as bitcoin addresses just being a series of numbers not tied to anybody in particular) currency that is stored with unregulated, uninsured entities is immediately a bad idea

            But, tell me, how is this not exactly what people should have expected? You can't say "wow, what we really need is an unregulated currency", and then be caught off guard when the lack of regulation and insurance bites you in the ass.

            If you want to have an unregulated currency, don't bloody well expect

            • But, tell me, how is this not exactly what people should have expected?

              It absolutely is, I agree with you. My whole point is that using exchanges like that is completely stupid, you don't store your money with some random foreign entity that has no real responsibility or accountability.

              • What bitcoin exchanges have any real responsibility or accountability?

                Isn't it, by definition, unregulated? You want FDIC insurance or something? Like a bank?

                • What bitcoin exchanges have any real responsibility or accountability?

                  None, that's what I'm saying.

                  Isn't it, by definition, unregulated?

                  Yes.

                  You want FDIC insurance or something? Like a bank?

                  Yes, if I'm going to store my money with some other entity absolutely, but no bitcoin exchange is going to provide that.

      • by ls671 ( 1122017 )

        I prefer to always carry a safe file in my pockets. I allowed me to open a few.

        https://en.wikipedia.org/wiki/... [wikipedia.org]

  • by Anonymous Coward

    Bitstamp co-founder Damijan Merlak said that Bitstamp plans to resume its operations in the next 24 hours. Hot-wallet did what hot-wallets are designed to do, compromise only resulted in a minor loss (relatively). If bank of america and other major institutions cannot keep your info out of the hands of hackers why would you think any other website is infallible?

    Own your own keys, be responsible for your own money. Unless you are day-trading there is no reason to leave a money on an exchange earning zero int

    • by exomondo ( 1725132 ) on Tuesday January 06, 2015 @06:47PM (#48750691)

      If bank of america and other major institutions cannot keep your info out of the hands of hackers why would you think any other website is infallible?

      You wouldn't, but Bank of America is federally insured, Bitcoin exchanges are not. Obviously storing currency in one of those is a lot more risky than that other.

    • by Nutria ( 679911 ) on Tuesday January 06, 2015 @06:48PM (#48750699)

      If bank of america and other major institutions cannot keep your info out of the hands of hackers why would you think any other website is infallible?

      My bank (Chase) got hacked last year, and Teh Evil Haxx0rz might have gotten my vital info, but all of my money is still in the bank.

      Months before that, someone used my Chase CC to buy a couple of Amtrak tickets (presumably to then refund them for cash). Got a fraud alert from Chase, and called them to confirm that it was in fact fraud. They immediately canceled my card sent me new ones. Checks of my & my wife's credit reports show no unusual activity.

      So, thank you very much, but I'll stick with fiat money stored in an actual, regulated American bank.

      • Re: (Score:2, Insightful)

        by PRMan ( 959735 )

        Now ask your grandparents the same questions.

        Now ask yourself the same questions about a large amount of cash.

        • by Nutria ( 679911 )

          What?

          • by Anonymous Coward
            Never mind. Don't worry your pretty little head over it.
            • To be fair, most grandparents are going to be less than 100 years old (the youngest you would be to have money on deposit before the government started backing bank deposits). Great or great-great parents is more likely (and they're likely dead). The banking system is fundamentally different, it was a stupid point.

              • by Nutria ( 679911 )

                Exactly.

                (My paternal grandparents grew up in the Depression, but still had no fear of banks. They were pretty darned cautious, though, by only using a big local *bank*, not S&L, that survived the Depression. Their parents probably didn't use banks in the 30s -- and *maybe* not in the 40s -- but definitely did in the 50s.)

        • by gmhowell ( 26755 )

          Now ask your grandparents the same questions.

          Now ask yourself the same questions about a large amount of cash.

          Insured by the FDIC (and FSLIC). And regulated. And we've known about this for a minimum of 80 years. Why is it so difficult for Bitcoin, supporters, and companies to learn lessons from the past and NOT repeat them?

          It's the same as giving modern radical Muslims a pass because of atrocities commited by the Roman Catholics 500 years ago. Why are the lessons never learned? Why start from zero?

          We are even talking about "If I have seen further it is by standing on the shoulders of giants," more like standing on

      • by Anonymous Coward

        Almost the whole point of Bitcoin is that you can keep your wallet yourself, encrypted however you like - getting all the security features of keeping your cash under your mattress, without the vulnerabilities - and still be able to use it for electronic transations. These people who are giving their Bitcoin wallets to shady online services, and just trusting them to keep them secure, are doing something that Bitcoin was explicitly designed to make unnecessary.

      • by codebonobo ( 2762819 ) on Tuesday January 06, 2015 @08:31PM (#48751233)
        Circle and coinbase are regulated with Fincen, AML and KYC regulations, additionally they are insured. The "hack" exchange discussed here was also audited recently and had over 100% solvency unlike most banks and the stolen amount was just some of their pocket trading coins on their live server. I use traditional banks along with bitcoin banks because there are advantages to knowing when to leverage Bitcoin or Fiat.
      • Cyprus, Greece, you think the banks there weren't regulated to death by their governments? What you are relying upon, when you say 'regulated' is actually the infinite paper supply by the Federal reserve and Congress willing to backstop any large back and not let you lose your nominal dollar value, but the system itself is rotten, it doesn't have any actual savings and nothing can backstop the entire system, when it collapses you will get your paper back, for sure, but good luck buying anything with it.

        Not

        • by Nutria ( 679911 )

          What you are relying upon, when you say 'regulated' is actually the infinite paper supply...

          Of course I know that it's the US$ is fiat, and based on faith in a government that's $18T debt. That does not make it less safe than gold, silver, the Yen or Renminbi.

          • Ha ha ha, first of all yes, USD is fiat, so is Yen or Renminbi, however there is a gigantic difference today between USD and Renminbi. See, USD is printed by a government that has no productive capacity in its economy. Renminbi is also printed, but the government in that case has a gigantic manufacturing sector behind it. As to gold and silver, that's money, not currency, there is no comparison. Gold and silver is real money, market money, USD and all other paper is here for a very short time and will b

            • by Anonymous Coward

              Gold and silver isn't real money. You may feel it is so and good for you. But there is more to monies than just buying/selling power. Collect 1 million dollars (or whatever) of gold/silver and put it in your home and see how much it is worth in a week or two and more importantly, who has it.

            • by Nutria ( 679911 )

              As to gold and silver, that's money, not currency, there is no comparison.

              Do you actually know the definitions of money and currency? 'Cause... when *I* look at the definitions of "currency" and "money", they're God damned similar; i.e., a metric ass-load of comparison.

              Are you a gold bug ("Someone who considers one commodity, usually gold, "the appropriate measure of wealth, regardless of the quantity of other goods and services that it can buy"") with tendencies towards conspiracy theories? (Not that you'd think or admit you are, even if you actually are...)

              • Money and currency are different things, money is a store of value, medium of exchange and unit of account. Gold is market money, it has intrinsic value first of all, before it is even money and it has a long history of being used as money by market participants. Currency is what is used in circulation, for example promissary notes to pay out money (bnk notes, that promiss certain amount of money in exchange for currency). Gold coins could be currency, but generally they are not today. Currency that is

                • by Nutria ( 679911 )

                  Money and currency are different things, money is ...

                  Currency is what is used in circulation ...

                  So what is "paper money"?

                  Gold ... has intrinsic value

                  No. It only has the value that we believe it has. Just like... fiat money!!!

                  The only difference between metals+land (aka physical assets) and fiat money is that they'll be around long after fiat money has gone away. Unless, of course, the government seizes it, it corrodes away (silver, titanium copper, etc), gets flooded out, is lost, stolen, misplaced, etc.

                  USD used to be a meaningful reserve currency before 1971, now it is not

                  If we had stayed on the gold standard, what would have happened to the US (and world, for that matter) economy when the pop

                  • Paper money is only money if it can be exchanged for a real money reserve. Paper has no value but what it promises to get in exchange.

                    You don't have to believe in gold for gold to have intrinsic value, gold is a metal that has that value before it is used as money. Bitcoins are the opposite of that, they are created with the explicit purpose of being money, so they have no other purpose before BTC is money. Gold always had value for humans and people exchange things for gold regardless of what you believe

                    • by Nutria ( 679911 )

                      you could buy a new car for 20 ounces 100 years ago you can still buy a new car for 20 ounces today.

                      But there are a lot more cars (and people to buy them) now than 100 years ago. That's a big problem, and why I said that the GS is unsustainable.

                      Gold provides natural level of inflation at about 1.5% a year.

                      It does?

                    • The prices of cars in gold can be falling with gold being used as money. With paper the prices are going up, there is no reason why prices shouldn't be falling and they were in fact falling under gold and they would still be falling. Prices for manufactured goods fall over time measured in real money. Price for a new car today could be 5 ounces of gold today if we did not try to inflate insanely.

                      Estimated gold reserve on the planet is between 155 and 171 thousand tons of gold, we mine about 3.5 thousand

                • by Kiuas ( 1084567 )

                  Gold is market money, it has intrinsic value first of all, before it is even money

                  The idea that anything has "intrinsic value" is so badly flawed I don't know why this myth persist. Gold and other metals have practical uses, which gives it some additional value yes, but assuming that gold will retain its value, or in fact have any value whatsoever, under all conditions is false.

                  USD used to be a meaningful reserve currency before 1971

                  I don't know exactly what your definition of 'meaningful' is, but approxima

                  • Well, does your life have any value under all conditions?
                    Gold has intrinsic value that actually goes well past your life, gold had value before you and it will have value long after you are gone (and me, and everybody else who is living today).

                    Gold has intrinsic value in its own right and it has value that we recognise as such because we want gold. People wanted gold since the moment they have first seen it and they want it today. Gold has thousands of years of a proven track record, which is thousands of

                • money is a store of value

                  Sorry, no. Money doesn't store value, it measures it in much the same way that rulers don't store distance, they measure it.

                  • Right, so if money doesn't store value how do you propose to be able to buy a similar amount of products with your money tomorrow that you could buy yesterday?

                    Money is not a measure of value, it is an actual store of value, it is also unit of account and medium of exchange. Without being able to store value money is not only useless, it's dangerous to have.

                    • Money is not a measure of value, it is an actual store of value, it is also unit of account

                      This explains why when I go to the store I keep seeing prices denominated in grams of rhodium.

                • by Anonymous Coward

                  Gold is market money, it has intrinsic value first of all, before it is even money and it has a long history of being used as money by market participants

                  This is just plain wrong. Gold does not have intrinsic value. Almost no one will trade a house for your gold. Almost no one will give you groceries, cut your hair, sell you firewood for your gold. Furthermore, the amount of goods that you can get by directly trading for gold, or by converting your gold into dollars and buying goods has oscillated wildly in the short and long term all over the world. Furthermore, people who have been in economic collapses in recent decades ( Yugoslavia, Argentina, Syria) h

    • Good.

      $5M is a lot, but I've long suggested that any significant amount of BTC be stored on a printout in a safe, with a backup in a safe deposit box.

      • by PRMan ( 959735 )
        Yeah, that's good. That way any bank employee reviewing the contents of your box can take your coins and you will never know for years.
        • Bitstamp has over 100 % solvency and stores most of the coins in multisig cold storage. The stolen amount was just their pocket change on the trading server. Circle and Coinbase are insured and store a majority of coins in multisig cold storage. Multisig cold storage means that it is practically impossible for hackers, disk corruption, or physical theft to steal the coins.
        • by Nonesuch ( 90847 )

          Yeah, that's good. That way any bank employee reviewing the contents of your box can take your coins and you will never know for years.

          Where do you live that "bank employees" can "review" the contents of your safe deposit box?

        • Uh, if your bank is "reviewing" the contents of your safety deposit box, you have a really shitty bank and should probably not have anything stored there.

          That or you have no idea how safety deposit boxes work.

      • If you are going to the effort of putting them in a bank anyway, why not just convert them to real money and earn interest in the bank on a term deposit, then you get the benefit of it being in a bank AND having banking regulation and government backed insurance if the bank is robbed, goes bankrupt etc etc.

        • If you are going to the effort of putting them in a bank anyway, why not just convert them to real money and earn interest in the bank on a term deposit, then you get the benefit of it being in a bank AND having banking regulation and government backed insurance if the bank is robbed, goes bankrupt etc etc.

          Because that interest will not cover inflation.

  • by Anonymous Coward

    5 million dollars were not lost. Stop speaking of Bitcoins in terms of real currency. The fact you keep relating it to currency means that cash is king and you have no argument that could prove otherwise, until you only speak of Bitcoins in terms of number of Bitcoins.

    • Stop speaking of Bitcoins in terms of real currency.

      Don't worry. Fewer and fewer people will be making that mistake in the future, except maybe the poor sod who's gonna try to buy something with Bitcoins a year from now.

  • by Holistic Missile ( 976980 ) on Tuesday January 06, 2015 @08:26PM (#48751189)
    Given law enforcement's inability and unwillingness to investigate any online crime, combined with the complete lack of government regulation or even recognition as a legal tender, what is stopping the exchange operators from simply stealing the bitcoins and then saying they were hacked?

    "Sorry, we got hacked and all your coins are gone. It was probably criminals in Russia / North Korea / Elbonia. Look! They covered their tracks so well, they made it look like the attack came from the Starbucks across town. We lost all our money, too, so we're shutting down and filing bankruptcy. Better luck next time."

    Is there any way to track the stolen coins and void them? I wouldn't think people would steal them if they couldn't spend / cash them...
    • The bitcoin transaction chain is public, so in theory it is possible to track stolen bitcoins. People could arbitrarily decide not to accept bitcoin from tainted sources (or not to accept bitcoin at all) and that would make life much harder for thieves and extortionists. However, the accepted practice is that all bitcoins are equal. There is no governing authority that has the power to declare that certain transactions are "tainted".

      If a mechanism for declaring bitcoin "tainted" would be introduced today, i

    • by AmiMoJo ( 196126 ) *

      Is there any way to track the stolen coins and void them?

      Yes and no. The coins can be tracked easily because all Bitcoin transactions are public. As soon as the thieves transfer them to someone else it will be visible. However, for anyone to notice we would need a list of the stolen coins. Even if we had the list, what would we do with the information? Someone receives a payment from an allegedly stolen coin... we have an email address for them, that's it. Unknowingly receiving stolen currency isn't a crime everywhere, and even where it is Bitcoin might not be co

      • by MrL0G1C ( 867445 )

        Bitcoin is ideal for money Laundering and there are money laundering services.

        You transfer $100 to the money laundering service wallet A, then the money laundering service transfers from wallet B $40 to your second wallet and $60 to your 3rd wallet. Trace lost.

        • Not lost. That's only effective if there's no pattern, and erasing a pattern is a lot more difficult than just splitting the transfers. Assuming the transfers are timely (and it would seem likely that they would be), you could narrow down the source of the funds to accounts that sent money to the launderer within a given timeframe. Seeing the pattern more than once would increase the probability of a match, so you could never receive funds to the same account twice. Further, you could never aggregate fu

          • by MrL0G1C ( 867445 )

            https://bitlaunder.com/bitcoin... [bitlaunder.com]

            Site linked launders over time which apart from extremely large transfers would destroy any trace. Any intelligent criminal would use bespoke software or arduous work to split the stolen coins into dozens or even hundreds of small wallets of varying size, those could then be sold for hard cash or goods etc.

            So yes, bitcoins are ideal for traceless laundering.

Genius is ten percent inspiration and fifty percent capital gains.

Working...