Bitcoin Forum
December 14, 2024, 09:54:09 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 4 5 6 7 8 9 »  All
  Print  
Author Topic: BREAKING: Atlanta based Bitcoin giant BitPay hacked for nearly $2,000,000!  (Read 11160 times)
MicroGuy (OP)
Legendary
*
Offline Offline

Activity: 2506
Merit: 1030


Twitter @realmicroguy


View Profile WWW
September 17, 2015, 03:48:35 AM
Last edit: September 17, 2015, 04:32:33 AM by MicroGuy
 #1

Atlanta's Bitpay Inc. got hacked for more than $1.8 million in bitcoins.

According to a lawsuit filed Sept. 15 in federal court in Atlanta, in December 2014, Bryan Krohn, Bitpay's chief financial officer, got an email from someone purporting to be with a digital currency publication asking Krohn to comment on a bitcoin industry document.

Unknown to Krohn or Bitpay, the email sender's computer had been hacked, and the hacker sent the phony email that directed Krohn to a website controlled by the hacker, where Krohn provided the credentials for his Bitpay corporate email account, according to the lawsuit.

"After capturing Mr. Krohn's Bitpay credentials, the hacker used that information to hack into Mr. Krohn's Bitpay email account to fraudulently cause a transfer of bitcoin" valued at $1,850,000, the lawsuit says.

According to court documents, the transfer was a total of 5,000 bitcoins in three separate transactions.

The fraudster got access to Krohn's email, allowing the fraudster to review Krohn's communications "to learn specific details about how Bitpay transacted business," according to the lawsuit. The fraudster then sent emails to Bitpay CEO Stephen Pair purporting to be from Krohn, asking Pair to transfer 1,000 bitcoins to a Bitpay customer's "wallet," which he did.

A short time later the CEO received a second email requesting the transfer of another 1,000 bitcoins, which he did.

The next day, the imposter sent another email to the CEO asking him to send an additional 3000 bitcoins to the customer. The CEO emailed Krohn to confirm the request, and the imposter sent back an email saying the transfer was valid. The CEO then sent the bitcoins.

The scam was apparently discovered because the CEO copied Bitpay's real customer on the final email about the transfer of the 3,000 coins, and the customer then replied back that they did not purchase the bitcoins.

Bitpay tried to get its insurer to cover $950,000 of the loss, but in June the insurer declined to pay. Bitpay is now suing the insurer.

To read the complete lawsuit, click here. To see Bitpay's insurance policy, read why its insurer has rejected Bitpay's insurance claim (including a detailed play-by-play of the hack), and read emails about the insurance dispute, click here.

In March, the Technology Association of Georgia recognized Bitpay as one of its Top 40 Innovative Technology Companies in Georgia for 2015.

Full Story: http://www.bizjournals.com/atlanta/news/2015/09/16/atlantas-bitpay-got-hacked-for-1-8-million-in.html
tommorisonwebdesign
Sr. Member
****
Offline Offline

Activity: 448
Merit: 251



View Profile
September 17, 2015, 04:21:03 AM
 #2

This reminds me of the Mt. Gox scandal that brought down the price of Bitcoin from $1000 to eventually where it is now. That, plus all of the controversy around BIP 101, I would say the price is going to be low for a while until things cool down.

Signatures? How about learning a skill... I don't care either way. Everybody has to make a living somehow.
Nobitcoin
Legendary
*
Offline Offline

Activity: 966
Merit: 1000


In holiday we trust


View Profile
September 17, 2015, 04:28:47 AM
 #3

Here we go again and people wonder why there isn't more adopters of Bitcoin
r0ach
Legendary
*
Offline Offline

Activity: 1260
Merit: 1000


View Profile
September 17, 2015, 05:09:35 AM
 #4

Did anyone else think this story made no sense?  Is this another "woops, someone hacked our cold storage that wasn't connected to the internet".

......ATLANT......
..Real Estate Blockchain Platform..
                    ▄▄▄▄▄▄▄▄▄
                    ████████████░
                  ▄██████████████░
                 ▒███████▄████████░
                ▒█████████░████████░
                ▀███████▀█████████
                  ██████████████
           ███████▐██▀████▐██▄████████░
          ▄████▄█████████▒████▌█████████░
         ███████▄█████████▀██████████████░
        █████████▌█████████▐█████▄████████░
        ▀█████████████████▐███████████████
          █████▀████████ ░███████████████
    ██████▐██████████▄████████████████████████░
  ▄████▄████████▐███████████████░▄▄▄▄░████████░
 ▄██████▄█████████▐█████▄█████████▀████▄█████████░
███████████████████▐█████▄█████████▐██████████████░
▀████████▀█████████▒██████████████▐█████▀█████████
  ████████████████ █████▀█████████████████████████
   ▀██▀██████████ ▐█████████████  ▀██▀██████████
    ▀▀█████████    ▀▀█████████    ▀▀██████████

..INVEST  ●  RENT  ●  TRADE..
 ✓Assurance     ✓Price Discovery     ✓Liquidity     ✓Low Fees





███
███
███
███
███
███





███
███
███
███
███
███
███
███
███
███
███
███

◣Whitepaper ◣ANN ThreadTelegram
◣ Facebook     ◣ Reddit          ◣ Slack


███
███
███
███
███
███
███
███
███
███
███
███





███
███
███
███
███
███








Hero/Legendary members
Kakmakr
Legendary
*
Offline Offline

Activity: 3542
Merit: 1966

Leading Crypto Sports Betting & Casino Platform


View Profile
September 17, 2015, 05:41:03 AM
 #5

So these people have no telephones to confirm these types of transactions? Everyone know email is the easiest platform to hack. How can they simply trust a email to transfer $2 000 0000 worth of Bitcoin? I hope a full investigation will be launched and some people will get fired for this.

Every time something like this happens, people lose faith in the technology. I will never trust a 3rd party to keep any large amount of my coins. A central organization have many weak links! and they become a easy target for hackers.

..Stake.com..   ▄████████████████████████████████████▄
   ██ ▄▄▄▄▄▄▄▄▄▄            ▄▄▄▄▄▄▄▄▄▄ ██  ▄████▄
   ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██  ██████
   ██ ██████████ ██      ██ ██████████ ██   ▀██▀
   ██ ██      ██ ██████  ██ ██      ██ ██    ██
   ██ ██████  ██ █████  ███ ██████  ██ ████▄ ██
   ██ █████  ███ ████  ████ █████  ███ ████████
   ██ ████  ████ ██████████ ████  ████ ████▀
   ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
   ██            ▀▀▀▀▀▀▀▀▀▀            ██ 
   ▀█████████▀ ▄████████████▄ ▀█████████▀
  ▄▄▄▄▄▄▄▄▄▄▄▄███  ██  ██  ███▄▄▄▄▄▄▄▄▄▄▄▄
 ██████████████████████████████████████████
▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█  ▄▀▄             █▀▀█▀▄▄
█  █▀█             █  ▐  ▐▌
█       ▄██▄       █  ▌  █
█     ▄██████▄     █  ▌ ▐▌
█    ██████████    █ ▐  █
█   ▐██████████▌   █ ▐ ▐▌
█    ▀▀██████▀▀    █ ▌ █
█     ▄▄▄██▄▄▄     █ ▌▐▌
█                  █▐ █
█                  █▐▐▌
█                  █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█
▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀       ▐█▌       ▀█▄
██         ▐█▌         ██
████▄     ▄█████▄     ▄████
████████▄███████████▄████████
███▀    █████████████    ▀███
██       ███████████       ██
▀█▄       █████████       ▄█▀
▀█▄    ▄██▀▀▀▀▀▀▀██▄  ▄▄▄█▀
▀███████         ███████▀
▀█████▄       ▄█████▀
▀▀▀███▄▄▄███▀▀▀
..PLAY NOW..
kelsey
Legendary
*
Offline Offline

Activity: 1876
Merit: 1000


View Profile
September 17, 2015, 05:48:59 AM
 #6

can't blame the insurer for not wanting to cover for such incompetence (and can't say i've sided with an insurer before).

smoothie
Legendary
*
Offline Offline

Activity: 2492
Merit: 1491


LEALANA Bitcoin Grim Reaper


View Profile
September 17, 2015, 05:53:10 AM
 #7

Wow just wow.

Don't you think when sending that much Bitcoin they would triple check that everything is legit before moving forward?

Good lord. How many times do companies need to be hacked before they get their shit together and secure every aspect of their business down?

███████████████████████████████████████

            ,╓p@@███████@╗╖,           
        ,p████████████████████N,       
      d█████████████████████████b     
    d██████████████████████████████æ   
  ,████²█████████████████████████████, 
 ,█████  ╙████████████████████╨  █████y
 ██████    `████████████████`    ██████
║██████       Ñ███████████`      ███████
███████         ╩██████Ñ         ███████
███████    ▐▄     ²██╩     a▌    ███████
╢██████    ▐▓█▄          ▄█▓▌    ███████
 ██████    ▐▓▓▓▓▌,     ▄█▓▓▓▌    ██████─
           ▐▓▓▓▓▓▓█,,▄▓▓▓▓▓▓▌          
           ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▌          
    ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓─  
     ²▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓╩    
        ▀▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀       
           ²▀▀▓▓▓▓▓▓▓▓▓▓▓▓▀▀`          
                   ²²²                 
███████████████████████████████████████

. ★☆ WWW.LEALANA.COM        My PGP fingerprint is A764D833.                  History of Monero development Visualization ★☆ .
LEALANA BITCOIN GRIM REAPER SILVER COINS.
 
smoothie
Legendary
*
Offline Offline

Activity: 2492
Merit: 1491


LEALANA Bitcoin Grim Reaper


View Profile
September 17, 2015, 05:54:49 AM
 #8

can't blame the insurer for not wanting to cover for such incompetence (and can't say i've sided with an insurer before).



How do you claim to be insured when it is an obviously internal fuck up?

"Hey I deleted my wallet.dat..... Can you insure the loss please?"

███████████████████████████████████████

            ,╓p@@███████@╗╖,           
        ,p████████████████████N,       
      d█████████████████████████b     
    d██████████████████████████████æ   
  ,████²█████████████████████████████, 
 ,█████  ╙████████████████████╨  █████y
 ██████    `████████████████`    ██████
║██████       Ñ███████████`      ███████
███████         ╩██████Ñ         ███████
███████    ▐▄     ²██╩     a▌    ███████
╢██████    ▐▓█▄          ▄█▓▌    ███████
 ██████    ▐▓▓▓▓▌,     ▄█▓▓▓▌    ██████─
           ▐▓▓▓▓▓▓█,,▄▓▓▓▓▓▓▌          
           ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▌          
    ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓─  
     ²▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓╩    
        ▀▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀       
           ²▀▀▓▓▓▓▓▓▓▓▓▓▓▓▀▀`          
                   ²²²                 
███████████████████████████████████████

. ★☆ WWW.LEALANA.COM        My PGP fingerprint is A764D833.                  History of Monero development Visualization ★☆ .
LEALANA BITCOIN GRIM REAPER SILVER COINS.
 
hedgy73
Legendary
*
Offline Offline

Activity: 1414
Merit: 1077



View Profile
September 17, 2015, 06:05:11 AM
 #9

What a mess and yet another negative story hits the press about bitcoin Sad.

I don't blame the insurer for disputing the claim either, sounds like incompetence to me.
killerjoegreece
Legendary
*
Offline Offline

Activity: 1680
Merit: 1010


Professional Native Greek Translator (2000+ done)


View Profile
September 17, 2015, 06:06:56 AM
 #10

Bitpay wow! that surely is a lot of money. i hope they find out who did this and bring him to justice.
gogxmagog
Legendary
*
Offline Offline

Activity: 1456
Merit: 1010

Ad maiora!


View Profile
September 17, 2015, 06:30:31 AM
 #11

Stories like this should BOOST mainstream adoption of btc about 1000%
Where else can you rip off a couple million with three emails? It's stupid-simple. Everybody should be getting in on this crazy train. Lol @ bitpay... Retards
Amph
Legendary
*
Offline Offline

Activity: 3248
Merit: 1070



View Profile
September 17, 2015, 07:42:16 AM
 #12

Here we go again and people wonder why there isn't more adopters of Bitcoin

well this isn't bitcoin fault at all, if they can't handle their security well it's only their fault, but as usual they blame bitcoin for everything
coinpr0n
Hero Member
*****
Offline Offline

Activity: 910
Merit: 1000



View Profile
September 17, 2015, 08:31:32 AM
 #13

Not sure who to side with on this one. Seems like a total screw-up on BitPay's part. Better security systems need to be in place for these kinds of things. Wow.

Kprawn
Legendary
*
Offline Offline

Activity: 1904
Merit: 1074


View Profile
September 17, 2015, 08:49:28 AM
 #14

When MtGox did this... they blamed a hacker.... Now it's a hacker again... Seeing any pattern here? It's never the owner or the operator... It's always a unknown external entity.  Roll Eyes

Some of these companies add a lot of value and incorporate a lot of genius, but when they fall, we fall with them. I prefer not to use many of these services for that exact reason. I can already see my friends

running over to my house, with the bad news about Bitcoin. The last time, it was " Did you hear... The CEO of Bitcoin was arrested "  Huh Roll Eyes Huh

THE FIRST DECENTRALIZED & PLAYER-OWNED CASINO
.EARNBET..EARN BITCOIN: DIVIDENDS
FOR-LIFETIME & MUCH MORE.
. BET WITH: BTCETHEOSLTCBCHWAXXRPBNB
.JOIN US: GITLABTWITTERTELEGRAM
3888
Newbie
*
Offline Offline

Activity: 20
Merit: 0


View Profile
September 17, 2015, 09:00:38 AM
 #15

The checks and balances BitPay had in place clearly leaves a lot to be desired.

The fact that a company can just make payments valued at close to $2m just on the basis of an email clearly shows that their internal security and systems are not up to scratch.

I've I was the insurer I would also decline to pay.
Lauda
Legendary
*
Offline Offline

Activity: 2674
Merit: 3000


Terminated.


View Profile WWW
September 17, 2015, 09:06:16 AM
 #16

Here we go again and people wonder why there isn't more adopters of Bitcoin
This should not be blamed on Bitcoin at all. This was the result of humans making mistakes. Who in the right mind would let the CEO alone initiate a transfer of so many coins?

When MtGox did this... they blamed a hacker.... Now it's a hacker again... Seeing any pattern here? It's never the owner or the operator... It's always a unknown external entity.  Roll Eyes
Do you need a tinfoil hat with that?



People need to relax right now and stop panicking. This happened in 2014. Bitpay is okay, they are only suing their insurer because they do not want to cover some of the damages. This is hardly what I would call breaking news. Maybe one day all these companies will learn their lesson (keep only 0.1% outside of a multi-signature cold wallet).

"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks"
😼 Bitcoin Core (onion)
NorrisK
Legendary
*
Offline Offline

Activity: 1946
Merit: 1007



View Profile
September 17, 2015, 09:14:58 AM
 #17

In theory This could also happen to a bank after such a social engineering attack. This has nothing to do with usong bitcoin, except for the anonimity regarding the coins. (bank accounts are easier to trace).

Agree with everybody that sendimg 1000 btc without double checking in anyway is a massive failure and a complete lack of common sense.
HCLivess
Legendary
*
Offline Offline

Activity: 2114
Merit: 1090


=== NODE IS OK! ==


View Profile WWW
September 17, 2015, 09:20:30 AM
 #18

How come I have better security procedures than BitPay  Huh

LFC_Bitcoin
Legendary
*
Offline Offline

Activity: 3752
Merit: 10670


#1 VIP Crypto Casino


View Profile
September 17, 2015, 09:22:40 AM
 #19

Is this confirmed by a better source? If so it's pretty horrific publicity for bitcoin. Gross negligence by Bitpay if true it really is, how can a company be so unprofessional. That is a hell of a lot of money to lose.

No wonder adoption has stalled when shit like this keeps happening.

█████████████████████████
███████████▄█████████████
██████▀░▀█▀░▀█▀░▀████████
███████▄███▄███▄█████████
████▀██▀██▀░▀████▀░▀█████
███████████░███▀██▄██████
████▀██▀██░░░█░░░████████
███████████░███▄█▀░▀█████
████▀██▀██▄░▄███▄░░░▄████
███████▀███▀███▀██▄██████
██████▄░▄█▄░▄█▄░▄████████
███████████▀█████████████
█████████████████████████
 
.Bitcasino.io.
 
.BTC  ✦  Where winners play  BTC.
.
..
.
    ..





████
████
░░▄████▄████████████▄███▄▄
░███████▄██▄▄▄▄▄▄█████████▄
███████████████████████████
▀████████████████████████▀
░░▀▀████████████████████
██████████████████▄█████████
██
▐███████▀███████▀██▄██████
███████▄██▄█▀████▀████████
░░██████▀▀▀▄▄▄████▀▀████
██▐██████████▀███▀█████████████    ████
███
████████████
███████████████    ████
█████▀████████████████▀
███████▀▀▀█████████▀▀
..
....
 
 ..✦ Play now... 
.
..
Snorek
Legendary
*
Offline Offline

Activity: 1400
Merit: 1001



View Profile
September 17, 2015, 09:26:39 AM
 #20

Here we go again and people wonder why there isn't more adopters of Bitcoin
This should not be blamed on Bitcoin at all. This was the result of humans making mistakes. Who in the right mind would let the CEO alone initiate a transfer of so many coins?

-snip-
My thoughts exactly. There is almost always human factor and error included in every hacking attempt. It is their own fault they were hacked.
And secondly - there should be some sort of failsafe system to prevent ONE person to have access to all funds.
Pages: [1] 2 3 4 5 6 7 8 9 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!