It is most likely a proxy/VPN that leads to another one and so on. If someone wants to steal so much money, I guess they make sure to stay safe as much as possible. Students having the know how , intrest, time and equipment , and watch the ISP Research and academic network It is not the ip of the hacker but only the ip of the bitcoin node that saw/forwarded the tx for "first" : https://blockchain.info/it/ip-address/46.28.204.193The 7120 Bitcoins are distributed equally to 7 accounts, all of them were operated from a Swiss Based IP “46.28.204.193” source : http://247cryptonews.com/bter-got-hacked-7000-bitcoins-stolen-7-different-accounts/Was just opinion ,i'm still new at this bitcoin stuff, keep my bet open tho ![Wink](https://bitcointalk.org/Smileys/default/wink.gif) That ip (46.28.204.193) is of the bitcoin node It is not the ip of the "hacker".
|
|
|
It likely was simply an inside job.
Any centralized bitcoin exchange that doesn't store a majority of their clients bitcoins in multiple multisig cold wallets with good physical security is acting wildly irresponsible at this point in the game.
Indeed if these exchanges will not start to use multiSig I think a lot of people will start to keep their coin in own wallets. Remember : an exchange is not a bank.For example why aren't they using greenAddress for their cold wallet ?
|
|
|
It is most likely a proxy/VPN that leads to another one and so on. If someone wants to steal so much money, I guess they make sure to stay safe as much as possible. Students having the know how , intrest, time and equipment , and watch the ISP Research and academic network It is not the ip of the hacker but only the ip of the bitcoin node that saw/forwarded the tx for "first" : https://blockchain.info/it/ip-address/46.28.204.193
|
|
|
He (OP) can't be stupid . . . / sarcasm ![](https://ip.bitcointalk.org/?u=http%3A%2F%2Fnodownloadzoneforum.net%2Fpublic%2Fstyle_emoticons%2Fdefault%2FAsd.gif&t=663&c=L8MmzdOA-lo3KQ)
|
|
|
A safe place to store BTC is in bitBTC, which earns interest, by using metaexchange.info as an instant bridge. Keeping it on the bitshares decentralised exchange as bitBTC is the future, then people can trade it against bitUSD without hacking risk while getting exposure to the same market.
I hope these thieves are caught and the money returned.
Do you agree that it is more safe a personal wallet with multiSig (+ hardware wallet)? Or not ? Nothing is safter than a cold wallet or hardware wallet. As for a personal wallet, that depends on the type of personal wallet, a light wallet is probably less secure but others may be just as secure or more secure with multisig. But it's mainly about exchanges for trading. You can't trade BTC against USD or anything at all from the relative safety of a personal bitcoin wallet (yet), but you trade against the USD with bitBTC, because the exchange is in the wallet. bitBTC can be traded against bitUSD, bitGOLD, bitSILVER, etc. So for people who want to get exposure to the BTC/USD market, the bitBTC/bitUSD market is the most secure way to trade. "Plausible" but if someone want to exchange his altcoin for bitcoin and viceversa ? The real purpose of an exchange is : send your coin >> exchange it >> withdraw to your personal desktop/online wallet (all this in 20-30 min, if you are so unlucky to not deposit your coin "while" the attack is being). More simple , without any type of problem. Remember an exchange is not a bank.
|
|
|
I wonder how did a cold storage got stolen. And also a comment on the reddit post "This reminds me that Bitstamp still hasn't provided any kind update as to how their hot wallet was compromised last month"
A cold wallet supposed to be " disconnected" from the internet, I'm still thinking how that is possible.
|
|
|
A safe place to store BTC is in bitBTC, which earns interest, by using metaexchange.info as an instant bridge. Keeping it on the bitshares decentralised exchange as bitBTC is the future, then people can trade it against bitUSD without hacking risk while getting exposure to the same market.
I hope these thieves are caught and the money returned.
Do you agree that it is more safe a personal wallet with multiSig (+ hardware wallet)? Or not ?
|
|
|
Doesn't seem worthy of all the hype they have created for this long. Dev's are not active as they need to be just because of this its going to drop more and hope very soon in list of dead coins ![Cry](https://bitcointalk.org/Smileys/default/cry.gif) The various devs aren't active in the forum (stellartalk.org) but they are active and "code" .
|
|
|
I sincerely hope that BTER manages to recover some of the stolen funds. I'm developing a storage solution called Karabraxos (and am looking for co-founders) at the moment. I think it's time for companies who need custodial wallets (exchanges, casinos, etc) to stop reinventing the wheel in-house. As we can see it's very difficult to get it right when security is not their core business and resources are scarce. So this was me doing a shameless plug here to raise some awareness of what I'm currently working on. With a simple multiSig you are "safe" at 99%, because you know that the 100% of security doesn't exist. [DON'T KEEP YOUR MONEY ON AN EXCHANGE]
Do they keep fiat (USD) after egopay suspended operation? I don't know, I've used bter only 1-2 times a lot of months ago.
|
|
|
If it was a cold wallet, how the hell was it stolen?
Somebody physically entered their facilities?
Obviously not cold, if you go back and look at the pattern of the coin movement before the hack, it is typical hot wallet pattern. What a mistake to keep all the funds in a hot wallet. More than 7000 coins in hot wallet, WOW, that is living dangerously... Maybe their definition of cold wallet is a "little bit" different from our. The cold wallet must not be *connected* to internet (indeed the tx is pushed up by a secondary pc/device) or maybe it is only an "inside jobs".
|
|
|
Thanks , I've added the link in the OP, 7'000 bitcoins aren't peanuts. Someone from you had coins on it ?
|
|
|
There isn't anything in this world that is sure at 100% , I think you know that. With greenAddress (GA) you can rise your level of security much more than the other webWallets.
If you want more security use an hardwallet with greenAddress and you are more safe.
Yeah thanks what about btc-e which is an exchange site and also coinbase because i wanted to use some simple and secure site for saving my btc I already suggest you greenAddress as webWallet for store your bitcoin, I've never used btc-e so I can't help you (but the rule is always the same : don't keep your money on an exchange). For coinbase, I would like to tell you this thing : If you don't know the private key of the address , you don't really "own" the BTC contained in that bitcoin address.
|
|
|
I think because with these exchanges you can easily convert your altcoin to bitcoin and viceversa. The real purpose of an exchange is not to "keep" your coin for a long time (also 1-2 days are long "time") but it is to exchange your coin and after withdraw it. An exchange is not a bank, I hope now a lot of users will start to think about this fact.
|
|
|
Can't we get the reversal done incase an exchange like BTER is hacked ?
No, the transaction is always irreversible. In each case no one is able to reverse it (/except double spend).
|
|
|
When will trading websites start taking security seriously ? Users trust them with their hard earned money and they don't have even time to audit their websites.
Maybe we should start to "not trust" the exchanges for keep our coins, or maybe until they will start using coldWallet with multiSignature. The only exchanges that I know that they are using multiSig are : bitStamp.com and theRocktrading.com . BIT-X.com
Oh I forgot, also BIT-X.com is using multiSig addresses. I've added it on the OP as example of valid exchange.
|
|
|
When will trading websites start taking security seriously ? Users trust them with their hard earned money and they don't have even time to audit their websites.
Maybe we should start to "not trust" the exchanges for keep our coins, or maybe until they will start using coldWallet with multiSignature. The only exchanges that I know that they are using multiSig are : bitStamp.com and theRocktrading.com & also bit-x.com
|
|
|
|