Home > civil liberties, law, regulation > Bitcoin Exchange Hacked

Bitcoin Exchange Hacked

Tim Lee is on the beat:

The future of the up-and-coming Bitcoin exchange Bitfloor was thrown into question Tuesday when the company’s founder reported that someone had compromised his servers and made off with about 24,000 Bitcoins, worth almost a quarter-million dollars. The exchange no longer has enough cash to cover all of its deposits, and it has suspended its operations while it considers its options.

Bitfloor is not the first Bitcoin service brought low by hackers. Last year, the most popular Bitcoin exchange, Mt.Gox, suspended operations for a week after an attacker compromised a user account and sold all of his Bitcoins in a firesale that temporarily pushed the price down to zero. The site survived the attack and remains the leading Bitcoin exchange today. Hackers made off with another $228,000 in Bitcoins from online services earlier this year.

Bitcoin’s peer-to-peer design means that transactions are irreversible. Once a transaction appears in the blockchain, the global record of Bitcoin transactions, no one has the authority to reverse it. And the pseudonymous nature of Bitcoin makes it difficult to trace stolen Bitcoins to their new owners.

Some regard irreversible transactions as a key Bitcoin feature, since it means merchants never have to worry about “chargebacks.” But this “feature” also dramatically raises the security stakes. Anyone who deals in Bitcoins, from complex exchanges to ordinary users have to worry about hackers making off with their cash. Indeed, malware that steals your Bitcoins automatically has been spotted in the wild.

In a June interview, Bitcoin developer Gavin Andresen told Ars that his team is working on a new feature called multi-signature transactions that could reduce the vulnerability of Bitcoin wallets to this kind of attack. Under this scheme, a user’s signature is divided among multiple devices, all of which would need to approve a transaction before it could be accepted by the Bitcoin network. For personal users, that might mean splitting the key up between a PC and a smartphone. For online Bitcoin services, it would mean splitting control of a Bitcoin wallet among multiple servers. Under that scheme, hackers could only steal Bitcoins if they succeeded in compromising all of the servers holding portions of the private key.

And if you happen to be a Bitcoin user, Tim has some advice for you:

But at least until these new techniques mature, it’s wise not to entrust large amounts of Bitcoins to third-party services, even those with excellent reputations. And always encrypt your Bitcoin wallet as soon as you’re done using it.

Image via Digital Trends

  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: