|
Title: BTC-E hacked - still unfolding Post by: repentance on July 31, 2012, 03:52:12 AM This is still in progress and is being discussed in the Speculation forum. I'm just posting this here because I know that many users avoid the Speculation forum and will thus be unaware that this has even happened.
Essentially, someone pumped a whole heap of fake USD onto BTC-E and then started buying up the BTC (the price spiked at over $90). It is thought that those who sold their BTC will find there are no funds backing the sale. The rapid price movement also encouraged people to move BTC and real USD onto the exchange in the hope of profiting from the volatility. https://bitcointalk.org/index.php?topic=96802.0 https://bitcointalk.org/index.php?topic=96803.0 Title: Re: BTC-E hacked - still unfolding Post by: dree12 on July 31, 2012, 03:59:47 AM I believe it constructive to repeat these important steps:
1. Sell ALL USD immediately. There is definitely not enough USD to pay out. 2. Withdraw ALL BTC immediately. Unless fractional reserve or cold storage was employed, there should be enough. This is confirmed by one of DeathAndTaxes's experiments. 3. Change passwords for other websites immediately. The database is likely to leak, if a SQL injection was the culprit. Best of luck to all victims. Title: Re: BTC-E hacked - still unfolding Post by: repentance on July 31, 2012, 04:04:06 AM I'm going to lock this now as the purpose of posting the thread was to make the broader community aware of the hack and to direct them to the threads where the details are being discussed. If anything earth-shattering is revealed in the other threads, I'll post it here but it's probably more appropriate for one of those threads to be moved here now.
Title: Re: BTC-E hacked - still unfolding Post by: repentance on July 31, 2012, 05:05:37 AM Confirmed by site owner as a hack so I'm re-opening. This seems a more appropriate forum than Speculation for users to ask questions about losses, refunds, rollback, etc.
Title: Re: BTC-E hacked - still unfolding Post by: Yankee (BitInstant) on July 31, 2012, 05:07:20 AM (reserved)
Will be posting updates BTC-e confirmed the hack, and that they are now carrying out an investigation. I will be here as events unfold Title: Re: BTC-E hacked - still unfolding Post by: kiba on July 31, 2012, 05:09:33 AM (reserved) Will be posting updates You sure know everybody in the community. Title: Re: BTC-E hacked - still unfolding Post by: Yankee (BitInstant) on July 31, 2012, 05:12:58 AM (reserved) Will be posting updates You sure know everybody in the community. It's my job! Title: Re: BTC-E hacked - still unfolding Post by: BorderBits on July 31, 2012, 05:14:59 AM Confirmed by site owner as a hack so I'm re-opening. Whaaa??? A bitcoin operation was hacked???!!!??? The currency of the future! Title: Re: BTC-E hacked - still unfolding Post by: DareC on July 31, 2012, 05:57:50 AM 3. Change passwords for other websites immediately. ...unless you've got a lastpass account (or similar) with long, random, unique passwords for everything. It's not that hard.Title: Re: BTC-E hacked - still unfolding Post by: someguy123 on July 31, 2012, 06:00:18 AM 3. Change passwords for other websites immediately. ...unless you've got a lastpass account (or similar) with long, random, unique passwords for everything. It's not that hard.The bad part is that I've now got $73 that I can't withdraw. Plus I got in late, so if I do get this out at all, I didn't get to profit from the huge hack =_= Title: Re: BTC-E hacked - still unfolding Post by: DareC on July 31, 2012, 06:07:04 AM Pretty sure you're screwed no matter how you look at it. BTC-E admin will probably pull a gox and cancel any profitable trades.
Title: Re: BTC-E hacked - still unfolding Post by: the joint on July 31, 2012, 06:11:57 AM Pretty sure you're screwed no matter how you look at it. BTC-E admin will probably pull a gox and cancel any profitable trades. Yeah well how do they fix people withdrawing BTC? They're fucked. Title: Re: BTC-E hacked - still unfolding Post by: Bitcoin Oz on July 31, 2012, 06:16:18 AM Pretty sure you're screwed no matter how you look at it. BTC-E admin will probably pull a gox and cancel any profitable trades. Yeah well how do they fix people withdrawing BTC? They're fucked. They wont be able too and will probably just mark their account minus USD Im guessing lots of people will abandon their accounts :) Title: Re: BTC-E hacked - still unfolding Post by: Bitcoin Oz on July 31, 2012, 06:37:51 AM I think this may be the root cause of hack or theft or whatever today happened/happening on btc-e https://bitcointalk.org/index.php?topic=94573.0 Yes. He claimed there are a couple of accomplices. I wouldnt be surprised if BCX is one of them :) Title: Re: BTC-E hacked - still unfolding Post by: dishwara on July 31, 2012, 06:38:38 AM https://bitcointalk.org/index.php?topic=94573.0 Title: Re: BTC-E hacked - still unfolding Post by: Xenland on July 31, 2012, 06:46:24 AM Why dosen't anyone do exchanges right? I think I might have to run an exchange just to show these "big tymers" whats up. TOo bad i don't have a cash roll to get it started.
Title: Re: BTC-E hacked - still unfolding Post by: Xenland on July 31, 2012, 06:47:11 AM http://www.youtube.com/watch?v=9iCd6UHR-3I
Title: Re: BTC-E hacked - still unfolding Post by: shockD on July 31, 2012, 06:57:40 AM Confirmed by site owner as a hack so I'm re-opening. Whaaa??? A bitcoin operation was hacked???!!!??? The currency of the future! Nothing wrong with the currency itself ;) Just a bunch of fucking amateurs coding exchanges. Who thought BTC-E looked remotely reputable in the first place? I'm still shocked at the volume there. Hm... random russian exchange, looks legit... Title: Re: BTC-E hacked - still unfolding Post by: dreamwatcher on July 31, 2012, 07:07:02 AM Dev on BTC-E chat, just said the site itself was not hacked.
It appears they received a large fake LR deposit. dev: bitcoinism, they able to withdraw small amount of BTC on our bitcoin server dev: we got some fake LR deposits so they just bought btc and withdraw Added: Looks like they are going to do a rollback dev: we do rollback right now Title: Re: BTC-E hacked - still unfolding Post by: shockD on July 31, 2012, 07:11:34 AM Fake LR deposits... That's pretty curious. I'm going to guess that's still a flaw on their end and not LR's.
Title: Re: BTC-E hacked - still unfolding Post by: dishwara on July 31, 2012, 07:12:24 AM https://bitcointalk.org/index.php?topic=94573.0 btc-e dev said its not supa. I apologize to supa & edited my post to reflect change. sorry supa. Title: Re: BTC-E hacked - still unfolding Post by: check_status on July 31, 2012, 10:20:15 AM How do you "fake" USD or LR on an exchange?
Can any outsider created nonexistent currency and deposit onto an exchange? Title: Re: BTC-E hacked - still unfolding Post by: BkkCoins on July 31, 2012, 10:40:25 AM How do you "fake" USD or LR on an exchange? There's probably at least a few ways. No one is supposed to be able to but if the programming has defects then it's possible. Hackers specialize in finding programming defects.Can any outsider created nonexistent currency and deposit onto an exchange? If you study how LR communicates account info with it's customers then you can mimic that. If the site programming does not completely authenticate any info from LR then it may take fake info at face value and credit accounts with what it believes to be real deposits. Crediting an account on BTC-E is the same as having the money, ie. fake money, that you can spend to buy BTC. So a relatively simple act of intercepting data flow and replaying it may lead to funds to play with. This is only one way. SQL Injection into poorly designed API/site code could lead to being able to adjust account balances without proper auditing or verification. All these things result from poorly thought out and tested code but they allow altering database records that say how much money a user has. Title: Re: BTC-E hacked - still unfolding Post by: bg002h on July 31, 2012, 11:11:04 AM It's a little unwise to permit instantaneous irreversible withdrawals...anyone running the exchange who was watching events unfold would have known to halt trading...but once the funds are gone, you can't just roll it all back.
If you won't program your computer to halt trading when ludicrous events occur, perhaps one should build a time delay in before withdrawals are permitted to allow time for human review. I feel bad for everyone who lost their funds. Title: Re: BTC-E hacked - still unfolding Post by: R- on July 31, 2012, 11:28:47 AM Has the admin of BTC-E signed on yet? My condolences go out to him, as well as the victims, because the hack doesn't appear to be an inside job.
*also equilibrium in the orderbook has been reached* https://i.imgur.com/3awQU.png Title: Re: BTC-E hacked - still unfolding Post by: ElectricMucus on July 31, 2012, 11:44:20 AM The track records of these "hacks" points to "we have been hacked your money is gone, make your claim here".
If this was a genuine hack not a "hack" I would be positively surprised. Just sain' :-\ Title: Re: BTC-E hacked - still unfolding Post by: bitcoinism on July 31, 2012, 12:06:43 PM The track records of these "hacks" points to "we have been hacked your money is gone, make your claim here". If this was a genuine hack not a "hack" I would be positively surprised. Just sain' :-\ I'd say it's highly unlikely it was an inside job... after the hack started there was plenty of time for people to withdraw what they could until the hot wallets were depleted. Title: Re: BTC-E hacked - still unfolding Post by: ElectricMucus on July 31, 2012, 12:09:22 PM The track records of these "hacks" points to "we have been hacked your money is gone, make your claim here". If this was a genuine hack not a "hack" I would be positively surprised. Just sain' :-\ I'd say it's highly unlikely it was an inside job... after the hack started there was plenty of time for people to withdraw what they could until the hot wallets were depleted. People said exactly the same kind of thing last time. Title: Re: BTC-E hacked - still unfolding Post by: Vorksholk on July 31, 2012, 12:45:22 PM From https://btc-e.com/news/81:
Quote Dear users of the Exchange Btc-e.com The exchange is not going to close. We will refund all losses from our reserves. Neither the servers nor the database were compromised. There were no SQL injections. At 04:07 MSK (GMT+4) our LR API Secret Key was compromised. It's 16 uppercase, lowercase letters and digits. They may have bruteforced it for long. Using the key the hacker imitated LR deposits from many accounts and bought up Bitcoins, Namecoins and Litecoins. We lost our daily volume, approx. 4500 BTC. The attacker couldn't withdraw more as most BTC were distributed over several offline wallets. At 10:30 we restored the database to the state it was at 04:00, right before the attack. All trades after 4:00 are reverted. People who attempted withdrawals before 04:00 MSK will get their funds withdrawn later today. For people who deposited BTC, LTC and NMC after 04:00 MSK the funds will be put to their balances before market opens. We are working on the scripts for this. If you deposited USD after 04:00 MSK you should send us your login, amount and payment system used by email or PM. Our plan: 1. The trade will be disabled until we restore the balances to the point before market crash. 2. After that, the trade and deposit/withdrawal will be back on, approx. within 1-2 days. Icq - 610112128 Skype - btc-e.support E-mail - support@btc-e.com Title: Re: BTC-E hacked - still unfolding Post by: cryptoanarchist on July 31, 2012, 12:56:59 PM If you won't program your computer to halt trading when ludicrous events occur, perhaps one should build a time delay in before withdrawals are permitted to allow time for human review. This is the simplest thing. All exchanges need to do to prevent this is write some code that will halt withdrawals (not trading) when something suspicious occurs. Anywho, BTCe sent me all my coins and I got back the BTC I sold after the hack. :) People are bitchin on here, but I think they've done right and made a good name for themselves out of this. At least they didn't keep 18,000+ coins in their hot wallet like some other people we know. Title: Re: BTC-E hacked - still unfolding Post by: dishwara on July 31, 2012, 01:01:21 PM If you won't program your computer to halt trading when ludicrous events occur, perhaps one should build a time delay in before withdrawals are permitted to allow time for human review. This is the simplest thing. All exchanges need to do to prevent this is write some code that will halt withdrawals (not trading) when something suspicious occurs. Anywho, BTCe sent me all my coins and I got back the BTC I sold after the hack. :) Title: Re: BTC-E hacked - still unfolding Post by: cryptoanarchist on July 31, 2012, 01:03:13 PM If you won't program your computer to halt trading when ludicrous events occur, perhaps one should build a time delay in before withdrawals are permitted to allow time for human review. This is the simplest thing. All exchanges need to do to prevent this is write some code that will halt withdrawals (not trading) when something suspicious occurs. Anywho, BTCe sent me all my coins and I got back the BTC I sold after the hack. :) They reversed the trade so I got back the BTC I sold. Since those coins should have been stolen by the hacker, that means they came out of BTCe's reserves. Very kind of them. Title: Re: BTC-E hacked - still unfolding Post by: Gabi on July 31, 2012, 01:09:36 PM Well, BTC-E is doing everything in the correct way. They had backups, they reverted the trades and they will pay for everything.
Title: Re: BTC-E hacked - still unfolding Post by: ElectricMucus on July 31, 2012, 01:12:33 PM Well, BTC-E is doing everything in the correct way. They had backups, they reverted the trades and they will pay for everything. Lets hope it stays that way.Title: Re: BTC-E hacked - still unfolding Post by: defxor on July 31, 2012, 02:24:08 PM From https://btc-e.com/news/81: Quote At 04:07 MSK (GMT+4) our LR API Secret Key was compromised. It's 16 uppercase, lowercase letters and digits. They may have bruteforced it for long. Really? That would make it the longest known brute forced key I've heard of. caveat: I haven't studied the actual implementation in LR, maybe there are shortcuts. I would've just assumed to end up in the right ballpark with an estimation along these lines: GPU brute forcing speed - let's go with 3Mhash/s (SHA-1) based on http://golubev.com/gpuest.htm Time-to-find 16 char l/U/# at 3Mhash/s estimation using http://lastbit.com/pswcalc.asp Result: 510892508003511 years (Feel free to halve for each added GPU and a final halving for 50% time instead of 100% - assume a lucky hacker) Title: Re: BTC-E hacked - still unfolding Post by: Vorksholk on July 31, 2012, 02:39:58 PM From https://btc-e.com/news/81: Quote At 04:07 MSK (GMT+4) our LR API Secret Key was compromised. It's 16 uppercase, lowercase letters and digits. They may have bruteforced it for long. Really? That would make it the longest known brute forced key I've heard of. caveat: I haven't studied the actual implementation in LR, maybe there are shortcuts. I would've just assumed to end up in the right ballpark with an estimation along these lines: GPU brute forcing speed - let's go with 3Mhash/s (SHA-1) based on http://golubev.com/gpuest.htm Time-to-find 16 char l/U/# at 3Mhash/s estimation using http://lastbit.com/pswcalc.asp Result: 510892508003511 years (Feel free to halve for each added GPU and a final halving for 50% time instead of 100% - assume a lucky hacker) Any idea how LibertyReserve stores passwords? Title: Re: BTC-E hacked - still unfolding Post by: proudhon on July 31, 2012, 02:41:37 PM Well, BTC-E is doing everything in the correct way. They had backups, they reverted the trades and they will pay for everything. I know. For all the crap BTC-E gets around here, it seems like this has been handled very well and they were following a lot of the standards that have emerged around here. Keep it up BTC-E. BTW, my balances were restored. I didn't lose anything, as far as I can tell. Title: Re: BTC-E hacked - still unfolding Post by: kiba on July 31, 2012, 02:42:28 PM Well, BTC-E is doing everything in the correct way. They had backups, they reverted the trades and they will pay for everything. I know. For all the crap BTC-E gets around here, it seems like this has been handled very well and they were following a lot of the standards that have emerged around here. Keep it up BTC-E. BTW, my balances were restored. I didn't lose anything, as far as I can tell. We have standard? Title: Re: BTC-E hacked - still unfolding Post by: unclescrooge on July 31, 2012, 02:55:25 PM Well, BTC-E is doing everything in the correct way. They had backups, they reverted the trades and they will pay for everything. +1 It actually gives me a lot of confidence. Title: Re: BTC-E hacked - still unfolding Post by: Yankee (BitInstant) on July 31, 2012, 03:04:42 PM Trading has resumed: https://bitcointalk.org/index.php?topic=96912.0;topicseen
Title: Re: BTC-E hacked - still unfolding Post by: proudhon on July 31, 2012, 04:08:57 PM Who would have guessed that BTC-E was more secure than Bitcoinica?
Title: Re: BTC-E hacked - still unfolding Post by: unclemantis on July 31, 2012, 04:12:40 PM Who would have guessed that BTC-E was more secure than Bitcoinica? I am not like most people. I DON"T judge the security of a website based on AWESOME WEB DESIGN. Title: Re: BTC-E hacked - still unfolding Post by: proudhon on July 31, 2012, 04:18:38 PM Who would have guessed that BTC-E was more secure than Bitcoinica? I am not like most people. I DON"T judge the security of a website based on AWESOME WEB DESIGN. http://cdn.memegenerator.net/instances/400x/24217996.jpg Title: Re: BTC-E hacked - still unfolding Post by: dree12 on July 31, 2012, 04:21:22 PM To be fair, Bitcoinica was never hacked due to a coding error. It seemed to be management and VPS on every occasion.
Title: Re: BTC-E hacked - still unfolding Post by: Gabi on July 31, 2012, 04:51:57 PM To be fair, Bitcoinica was never hacked due to a coding error. It seemed to be management and VPS on every occasion. Probably bitcoinica was never hacked altogether, bitcoinica to me looks like a scam (especially after the "no backup" and the last "money that was on mtgox lost" news) :DTitle: Re: BTC-E hacked - still unfolding Post by: cryptoanarchist on July 31, 2012, 04:55:06 PM To be fair, Bitcoinica was never hacked due to a coding error. It seemed to be management and VPS on every occasion. Probably bitcoinica was never hacked altogether, bitcoinica to me looks like a scam (especially after the "no backup" and the last "money that was on mtgox lost" news) :DYeah, their story is about as fake as the Colorado shooting. Someday, soon hopefully, it will come out that all the Bitcoinica/InterSango guys are establishment cronies (freemasons). Title: Re: BTC-E hacked - still unfolding Post by: adamstgBit on July 31, 2012, 05:28:18 PM From https://btc-e.com/news/81: Quote Dear users of the Exchange Btc-e.com The exchange is not going to close. We will refund all losses from our reserves. Neither the servers nor the database were compromised. There were no SQL injections. At 04:07 MSK (GMT+4) our LR API Secret Key was compromised. It's 16 uppercase, lowercase letters and digits. They may have bruteforced it for long. Using the key the hacker imitated LR deposits from many accounts and bought up Bitcoins, Namecoins and Litecoins. We lost our daily volume, approx. 4500 BTC. The attacker couldn't withdraw more as most BTC were distributed over several offline wallets. At 10:30 we restored the database to the state it was at 04:00, right before the attack. All trades after 4:00 are reverted. People who attempted withdrawals before 04:00 MSK will get their funds withdrawn later today. For people who deposited BTC, LTC and NMC after 04:00 MSK the funds will be put to their balances before market opens. We are working on the scripts for this. If you deposited USD after 04:00 MSK you should send us your login, amount and payment system used by email or PM. Our plan: 1. The trade will be disabled until we restore the balances to the point before market crash. 2. After that, the trade and deposit/withdrawal will be back on, approx. within 1-2 days. Icq - 610112128 Skype - btc-e.support E-mail - support@btc-e.com Well, BTC-E is doing everything in the correct way. They had backups, they reverted the trades and they will pay for everything. +1 It actually gives me a lot of confidence. this is gr8 news, Excellent work btc-e! Title: Re: BTC-E hacked - still unfolding Post by: Ente on July 31, 2012, 05:32:05 PM Indeed.
I will watch this closely. BTC-E just instantly catapulted themselves to #1 of my favorite exchange. After MtGox and Intersango more or less disqualified themselves in the last few days.. Ente Title: Re: BTC-E hacked - still unfolding Post by: andrewbadr on July 31, 2012, 06:21:03 PM From https://btc-e.com/news/81: Quote At 04:07 MSK (GMT+4) our LR API Secret Key was compromised. It's 16 uppercase, lowercase letters and digits. They may have bruteforced it for long. Really? That would make it the longest known brute forced key I've heard of. caveat: I haven't studied the actual implementation in LR, maybe there are shortcuts. I would've just assumed to end up in the right ballpark with an estimation along these lines: GPU brute forcing speed - let's go with 3Mhash/s (SHA-1) based on http://golubev.com/gpuest.htm Time-to-find 16 char l/U/# at 3Mhash/s estimation using http://lastbit.com/pswcalc.asp Result: 510892508003511 years (Feel free to halve for each added GPU and a final halving for 50% time instead of 100% - assume a lucky hacker) I'm guessing there's a timing attack on LR's end. Title: Re: BTC-E hacked - still unfolding Post by: ElectricMucus on July 31, 2012, 06:23:42 PM To be fair, Bitcoinica was never hacked due to a coding error. It seemed to be management and VPS on every occasion. Probably bitcoinica was never hacked altogether, bitcoinica to me looks like a scam (especially after the "no backup" and the last "money that was on mtgox lost" news) :DYeah, their story is about as fake as the Colorado shooting. Someday, soon hopefully, it will come out that all the Bitcoinica/InterSango guys are establishment cronies (freemasons). http://static.fjcdn.com/pictures/i_b513ae_252788.jpg Title: Re: BTC-E hacked - still unfolding Post by: cryptoanarchist on July 31, 2012, 06:24:49 PM To be fair, Bitcoinica was never hacked due to a coding error. It seemed to be management and VPS on every occasion. Probably bitcoinica was never hacked altogether, bitcoinica to me looks like a scam (especially after the "no backup" and the last "money that was on mtgox lost" news) :DYeah, their story is about as fake as the Colorado shooting. Someday, soon hopefully, it will come out that all the Bitcoinica/InterSango guys are establishment cronies (freemasons). http://static.fjcdn.com/pictures/i_b513ae_252788.jpg LMAO... Title: Re: BTC-E hacked - still unfolding Post by: elux on July 31, 2012, 06:29:20 PM Probably bitcoinica was never hacked altogether, bitcoinica to me looks like a scam (especially after the "no backup" and the last "money that was on mtgox lost" news) :D Yeah, their story is about as fake as the Colorado shooting. Someday, soon hopefully, it will come out that all the Bitcoinica/InterSango guys are establishment cronies (freemasons). Title: Re: BTC-E hacked - still unfolding Post by: defxor on July 31, 2012, 06:38:23 PM I'm guessing there's a timing attack on LR's end. Oh that brings back memories from the old embedded system days. Interesting hypothesis - I wouldn't be surprised to see Internet services not realizing such attacks very well can be performed over Internet-distances if you get enough tries. Posting additional information for those who plan on making their own password-validation code not having heard about this class of attacks before: http://www.computerworld.com/s/article/9179224/Researchers_Authentication_crack_could_affect_millions (However, if there is such an information leak on LR's side we would surely see other services accepting LR to be affected as well) Title: Re: BTC-E hacked - still unfolding Post by: cryptoanarchist on July 31, 2012, 07:11:24 PM I'm guessing there's a timing attack on LR's end. Oh that brings back memories from the old embedded system days. Interesting hypothesis - I wouldn't be surprised to see Internet services not realizing such attacks very well can be performed over Internet-distances if you get enough tries. Posting additional information for those who plan on making their own password-validation code not having heard about this class of attacks before: http://www.computerworld.com/s/article/9179224/Researchers_Authentication_crack_could_affect_millions (However, if there is such an information leak on LR's side we would surely see other services accepting LR to be affected as well) Interesting stuff. If that's the case... Quote the fix is simple: Program the system to take the same amount of time to return both correct and incorrect passwords. This can be done in about six lines of code, Lawson said. Title: Re: BTC-E hacked - still unfolding Post by: Xenland on July 31, 2012, 07:20:12 PM I think a web-library should be made to help assist those who want to integrate Bitcoin into their website but don't know what kind of security measures needed to be taken.
Title: Re: BTC-E hacked - still unfolding Post by: cryptoanarchist on July 31, 2012, 07:26:55 PM I think a web-library should be made to help assist those who want to integrate Bitcoin into their website but don't know what kind of security measures needed to be taken. Something like that has been brought up before: https://bitcointalk.org/index.php?topic=93115.0 (https://bitcointalk.org/index.php?topic=93115.0) Title: Re: BTC-E hacked - still unfolding Post by: unclemantis on July 31, 2012, 07:45:40 PM OK people. I think it is about time to create 2 keys to access API shit! If this thing was brute forced then we need to ramp up security.
BTW. If it was brute forced, how did they confirm if it was valid or not without triggering a flag in log reports on either website? Title: Re: BTC-E hacked - still unfolding Post by: proudhon on July 31, 2012, 07:48:23 PM I think a web-library should be made to help assist those who want to integrate Bitcoin into their website but don't know what kind of security measures needed to be taken. Something like that has been brought up before: https://bitcointalk.org/index.php?topic=93115.0 (https://bitcointalk.org/index.php?topic=93115.0) Yep. It's been suggested before. I think Matthew was one of the first to suggest it. Basically, I think the most successful and secure bitcoin businesses should form a bitcoin security forum, maybe include a security expert/crypto guy or two (and pay them a little bit), and publish best practices. Even better, but probably much more difficult to implement, and it comes with its own trust issues, would be for something like that to perform audits and companies could get some sort of certification and be included in a list of companies complying with best practices. Title: Re: BTC-E hacked - still unfolding Post by: coretechs on July 31, 2012, 10:54:06 PM Kudos to BTC-e for handling this situation well. My account issues are all resolved, thanks.
I was cautious of the site prior to this event and kept a minimal balance, but I have a lot more confidence in them after this and will continue to trade BTC & LTC there. :) Title: Re: BTC-E hacked - still unfolding Post by: kiba on July 31, 2012, 11:03:20 PM I am going to wait until they announce a fix to the vulnerability.
|
