Attacks/Breaches

1/5/2015
02:52 PM
Connect Directly
Twitter
RSS
E-Mail
100%
0%

Major Bitcoin Exchange Suspends Service, Suspecting Attack

Bitstamp suspends service, citing a wallet compromise, one day after a significant drop in the value of Bitcoins.

In what they call an "excess of caution," Bitstamp, the world's second-largest Bitcoin exchange, suspended service today, pending investigation of a suspected compromise. However, some skeptics in the finance industry suggest that Bitstamp might just be temporarily shutting things down to insulate themselves from the effects of a significant drop in the price of Bitcoins Sunday.

Saturday's high of $314.77 fell to $260.84 late Sunday. That's more than $100 less than the price of Bitcoins was just one month prior: $369.15 on December 4.

As the Bitstamp home page currently reads:

We have reason to believe that one of Bitstamp’s operational wallets was compromised on January 4th, 2015.

As a security precaution against compromises Bitstamp only maintains a small fraction of customer bitcoins in online systems. Bitstamp maintains more than enough offline reserves to cover the compromised bitcoins.

IN THE MEANTIME, PLEASE DO NOT MAKE DEPOSITS TO PREVIOUSLY ISSUED BITCOIN DEPOSIT ADDRESSES. THEY CANNOT BE HONORED!

Jeffrey Robinson, author of BitCon: The Naked Truth about Bitcoin told CNBC, "Don't believe Bitstamp. It's a matter of liquidity... Who's next? It's as if Bitstamp realized they couldn't internalize the risk anymore so just decided, Let's suspend operations until everything settles down."

If we take Bitstamp at their word, this is just the latest in a string of attacks on Bitcoin exchanges, which peaked in February 2014, when Bitstamp, Mt. Gox, and BTC all fell victim.

At that time, in February, Bitstamp temporarily suspended processing of Bitcoin withdrawals, citing "inconsistent results reported by our bitcoin wallet, caused by a denial-of-service attack using transaction malleability to temporarily disrupt balance checking." Bitcoin exchange BTC suspended trading due to a DDOS attack. Most notably, Tokyo-based Bitcoin exchange Mt. Gox suspended its services February 10, reporting that 850,000 Bitcoins -- worth roughly $500 million at the time -- had been stolen. Mt. Gox filed for bankruptcy 18 days later.

Researchers have said that over 100 flavors of malware were stealing Bitcoins and other forms of cryptocurrency, via wallet-stealing and credential-stealing. In March, Android apps were discovered that contained malware designed to steal other cryptocurries less valuable than Bitcoins.

Bitcoin users have also been targeted directly, via phishing and other methods.

Some criminals, however, might not want to completely shut the exchanges down, because many ransomware operators request ransom payments be made in Bitcoins.

Bitstamp has not yet released any details about the compromise or any estimate about when the exchange will be up and running again.

Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
1/6/2015 | 9:22:42 AM
Re: Safeguards
Well there are many potential benefits to the bitcoin. It behaves similar to a stock in that it appreciates and depreciates. But it is a volatile currency. The digital medium of the currency makes it easy to store and transport. It is non-government regulated which also has its ups and downs but its an alternative means of currency and that is what I attribute to its largest value. Not indicative of national restraints. Universal value.

But as you say @Marilyn Cohodas, with it being a completely digital nature of the bitcoin exposes it to a plethora of exploits.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
1/6/2015 | 9:09:11 AM
Re: Safeguards
Have to admit, I haven't warmed up -- or even totally understand -- the concept of Bitcoin and the potential for exploitation scares me. 
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
1/6/2015 | 8:51:04 AM
Safeguards
I know a big proponent to the bitcoin is that they are not government regulated. But there are a few inherent flaws with the digital currency, which I know from experience of owning a couple of bitcoins myself. First is that when you have a bitcoin wallet, you most likely have it stored locally. Bitcoin banks need to treat their distribution of coins more closely to regular banks.

I think the main question here is: Are bitcoin distributors safeguarding their "data" in a similar fashion as banks treat their data? This isn't to say they will still not experience a breach because it happens to banks anyway but to minimize risk it would behoove these organizations to try and implement similar security frameworks. I would say due to the previous events the answer is most likely no.
It Takes an Average of 3 to 6 Months to Fill a Cybersecurity Job
Kelly Jackson Higgins, Executive Editor at Dark Reading,  3/12/2019
New Mirai Version Targets Business IoT Devices
Dark Reading Staff 3/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: LOL  Hope this one wins
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
The State of Cyber Security Incident Response
The State of Cyber Security Incident Response
Organizations are responding to new threats with new processes for detecting and mitigating them. Here's a look at how the discipline of incident response is evolving.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-6149
PUBLISHED: 2019-03-18
An unquoted search path vulnerability was identified in Lenovo Dynamic Power Reduction Utility prior to version 2.2.2.0 that could allow a malicious user with local access to execute code with administrative privileges.
CVE-2018-15509
PUBLISHED: 2019-03-18
Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 of 2).
CVE-2018-20806
PUBLISHED: 2019-03-17
Phamm (aka PHP LDAP Virtual Hosting Manager) 0.6.8 allows XSS via the login page (the /public/main.php action parameter).
CVE-2019-5616
PUBLISHED: 2019-03-15
CircuitWerkes Sicon-8, a hardware device used for managing electrical devices, ships with a web-based front-end controller and implements an authentication mechanism in JavaScript that is run in the context of a user's web browser.
CVE-2018-17882
PUBLISHED: 2019-03-15
An Integer overflow vulnerability exists in the batchTransfer function of a smart contract implementation for CryptoBotsBattle (CBTB), an Ethereum token. This vulnerability could be used by an attacker to create an arbitrary amount of tokens for any user.