Advertise with us (we do not endorse any site advertised)

Author Topic: pcworld.idg.com.au: Hackers break into bitcoin exchange site Bitcoinica  (Read 4036 times)

0 Members and 1 Guest are viewing this topic.

Offline bitcoinforum.comTopic starter

  • Administrator
  • Legendary Member
  • *******
  • Joined: Nov 2011
  • Location: bitcoinforum.com
  • Posts: 1494
  • Country: bz
  • Thanked: 51 times
  • Karma: +38/-1
  • Gender: Male
  • The Bitcoin genie is already out of the bottle.
    • facebook.com/bitcoinforum
    • flickr.com/bitcoinforum
    • bitcoinforum.livejournal.com
    • reddit.com/user/bitcoinforum
    • stumbleupon.com/stumbler/bitcoinforum
    • bitcoinforum.tumblr.com
    • twitter.com/bitcoinforumcom
    • bitcoinforum.wordpress.com
    • View Profile
    • bitcoinforum.com
Hackers break into bitcoin exchange site Bitcoinica, steal $90,000 in bitcoins
http://www.pcworld.idg.com.au/article/424589/hackers_break_into_bitcoin_exchange_site_bitcoinica_steal_90_000_bitcoins

Quote
Hackers stole 18,547 bitcoins and the user database from bitcoin exchange site Bitcoinica

    Lucian Constantin (IDG News Service)
    — 15 May, 2012 08:41

    Share
    Be the first to comment 0

Bitcoin exchange site Bitcoinica suspended its operations on Friday after hackers managed to steal 18,547 bitcoins -- valued at about US$90,000 -- from its online wallet.

The user database probably was compromised as well, Bitcoinica's administrators said in an announcement posted on the site's home page. The information stored in the database included usernames, email addresses and account histories.

Account passwords were encrypted in a way that makes it extremely unlikely for them to be cracked, the Bitcoinica team said. However, to be on the safe side, the team advised users to change their passwords on other websites where they might have used them.

The compromised user information can be used to launch phishing attacks, as has happened in the past after many data breaches that exposed user email addresses.

Users should be suspicious of any messages received on their email addresses registered with Bitcoinica, the site's administrators said. "It is always a best practice to never click an email link to login to any online service."

Bitcoin is a cash-like digital currency that can be exchanged directly by users without the need for a central payment service. It uses the peer-to-peer model for synchronizing transaction records between users.

Bitcoinica noted that the stolen bitcoins belonged to the exchange, not the users, and said it will honor any withdrawal request. However, it's not clear when or if the website will resume operations.

"It's more serious than we thought," said Bitcoinica founder Zhou Tong, in a post on the Bitcointalk forum on Saturday. "Likely we will either shut down the platform or re-develop entirely (which will take months instead of days)."

The company needs more time to come up with a plan to compensate users for the downtime and other issues resulting from this security incident, Zhou said.

In a separate post on Sunday, Zhou revealed that he sold Bitcoinica to an undisclosed investor back in November 2011 and stayed with the company as an employee in charge of daily operations until a new team took over two weeks ago. He also announced that he plans to retire from all bitcoin-related projects after this incident is resolved.

Security breaches at bitcoin exchanges don't only affect the users of those exchanges, but the entire bitcoin community, because they negatively affect the value of the virtual currency. In June 2011, bitcoin prices plummeted after news broke that the largest bitcoin exchange, Mt.Gox, was compromised.

This is not the first time that Bitcoinica has lost a large number of bitcoins to hackers. Back in March, attackers managed to steal 43,000 bitcoins from the exchange after they compromised the servers of Web hosting provider Linode.

"It seems Bitcoin has the same problem(s) that other web applications possess: vulnerabilities, such as SQL injections, that make it susceptible to data theft," Rob Rachwald, director of security strategy at security firm Imperva, said via email. "In the early days of legitimate online banking, when one breach hit a bank, the whole industry's brand took a hit. Ironically, the same dynamic could play out in black market banking."

Bitcoin exchanges need code reviews, vulnerability assessments and Web application firewalls, Rachwald said. However, the question is whether honest security vendors would sell to such organizations, giving bitcoin's association with cybercriminal activity, he said.
x-x-x

C'mon pcworld! We already read this. Bitcoinica !== Bitcoin!
"Your keys, your Bitcoin. Not your keys, not your Bitcoin." (Andreas Antonopoulos)
Latest stable Bitcoin version
Latest stable Electrum version


 

americanbanker.com: Bitcoin Exchange's Crisis Bodes Ill for Payment Innovation

Started by bitcoinforum.com

Replies: 0
Views: 8164
Last post February 18, 2012, 04:26:32 PM
by bitcoinforum.com
Bitcoinica.com: Bitcoinica joins forces with Bitcoin Consultancy

Started by bitcoinforum.com

Replies: 0
Views: 1767
Last post April 25, 2012, 12:26:59 AM
by bitcoinforum.com
payglo.be: BitInstant is first US bitcoin exchange to be federally licensed

Started by bitcoinforum.com

Replies: 0
Views: 3244
Last post May 04, 2012, 08:59:16 AM
by bitcoinforum.com
bbc: Bitcoin users sue over funds lost in site attack

Started by bitcoinforum.com

Replies: 0
Views: 1802
Last post August 13, 2012, 06:54:34 PM
by bitcoinforum.com
Bitcoin-Central, first exchange licensed to operate as a bank

Started by bitcoinforum.com

Replies: 1
Views: 7755
Last post December 06, 2012, 07:26:43 PM
by cryptoanarchist

your ads here