bitcoinmarkets (OP)
Member
Offline
Activity: 103
Merit: 10
www.bitcoinfuturesguide.com
|
|
April 08, 2016, 08:18:11 PM |
|
web http://www.bitcoinfuturesguide.com/bitcoin-blog/shapeshiftio-hacked-loses-unspecified-portion-of-hot-wallet-funds-taken-offlineErik Voorhees' exchange ShapeShift has been hacked and lost an unspecified portion of funds from its hot wallet. They have taken down their website and are rebuilding part of their infrastructure to fix it, they say. They claim that no customer funds have been lost. The full extent of the damage is not known and until customers can actually take their bitcoin out and verify they are safe, we won't know the truth. Cryptsy was able to hide thousands of missing coins from their customers for years, so don't trust anybody out there in this industry.
|
|
|
|
spazzdla
Legendary
Offline
Activity: 1722
Merit: 1000
|
|
April 08, 2016, 08:23:13 PM |
|
You can't store BTC on shapeshift... you cannot compare it to gox or cryptsy.
|
|
|
|
unamis76
Legendary
Offline
Activity: 1512
Merit: 1009
|
|
April 08, 2016, 08:35:59 PM |
|
Oh god, here we go again... So who are the funds in the hot wallet from? Exchange fees?
|
|
|
|
AgentofCoin
Legendary
Offline
Activity: 1092
Merit: 1001
|
|
April 08, 2016, 08:43:28 PM |
|
Oh god, here we go again... So who are the funds in the hot wallet from? Exchange fees?
It was most likely exchange fees plus their own personal btc held for when users "shapeshift" an altcoin to btc. It is not individual users btc, except maybe for those users that transactions were pending at the time.
|
I support a decentralized & unregulatable ledger first, with safe scaling over time. Request a signed message if you are associating with anyone claiming to be me.
|
|
|
unamis76
Legendary
Offline
Activity: 1512
Merit: 1009
|
|
April 08, 2016, 08:45:30 PM |
|
Oh god, here we go again... So who are the funds in the hot wallet from? Exchange fees?
It was most likely exchange fees plus their own personal btc held for when users "shapeshift" an altcoin to btc. It is not individual users btc, except maybe for those users that transactions were pending at the time. I seriously hope this is true, although I doubt it... Let's see how this goes.
|
|
|
|
AliceGored
Member
Offline
Activity: 117
Merit: 10
|
|
April 08, 2016, 08:46:21 PM |
|
Mayhaps now Erik will tone down his shilling and concern trolling about tx capacity. 1MB + segregation witnesses will be plenty for 2017, he should worry about securing his own site instead of trying to make development democratic vs current meritorious autarchy.
|
|
|
|
alyssa85
Legendary
Offline
Activity: 1652
Merit: 1088
CryptoTalk.Org - Get Paid for every Post!
|
|
April 08, 2016, 09:26:03 PM |
|
It's interesting that this is still happening - I would've thought exchanges were getting more and more secure - yet the hackers are one step ahead of them. Perhaps there is room for a bitcoin security consultant firm to do business advising the exchanges how to stay safe.
|
|
|
|
The Sceptical Chymist
Legendary
Offline
Activity: 3388
Merit: 6887
Top Crypto Casino
|
|
April 08, 2016, 09:28:29 PM |
|
It's interesting that this is still happening - I would've thought exchanges were getting more and more secure - yet the hackers are one step ahead of them. Perhaps there is room for a bitcoin security consultant firm to do business advising the exchanges how to stay safe.
And then there's the school of thought that these hackers don't even exist. That the hacksening is an inside job--Gox, Cryptsy, all of those. Interesting, and I'll definitely be following this.
|
|
|
|
calkob
|
|
April 08, 2016, 09:43:49 PM |
|
Surely this means that shapesift is the only one to lose out here, because as has been said they dont hold bitcoin for anyone, it is probably only their float that has been stolen. at least i hope so,
|
|
|
|
gentlemand
Legendary
Offline
Activity: 2590
Merit: 3014
Welt Am Draht
|
|
April 08, 2016, 10:44:10 PM |
|
It's interesting that this is still happening - I would've thought exchanges were getting more and more secure - yet the hackers are one step ahead of them. Perhaps there is room for a bitcoin security consultant firm to do business advising the exchanges how to stay safe.
Hackers vs sites with any type of access to coins will be an eternal battle. It's never going to end. As soon as one hole is plugged another will be found until something super radical is invented.
|
|
|
|
lumeire
Legendary
Offline
Activity: 1848
Merit: 1009
Next-Gen Trade Racing Metaverse
|
|
April 09, 2016, 09:08:45 AM |
|
It's interesting that this is still happening - I would've thought exchanges were getting more and more secure - yet the hackers are one step ahead of them. Perhaps there is room for a bitcoin security consultant firm to do business advising the exchanges how to stay safe.
And then there's the school of thought that these hackers don't even exist. That the hacksening is an inside job--Gox, Cryptsy, all of those. Interesting, and I'll definitely be following this. It doesn't add up much for ShapeShift, as far as I know they don't store customer funds in there. No sense in trying to steal your own funds.
|
|
|
|
mirana12345
|
|
April 09, 2016, 09:12:42 AM |
|
Don't get too stressed out about this, shapeshift isn't gonna go under due to this because customer funds are not questioned here. Just let them some time to sort out what exactly happened in the security breach. It's good that they were capable enough to notice something is off.
|
|
|
|
Kprawn
Legendary
Offline
Activity: 1904
Merit: 1074
|
|
April 09, 2016, 09:47:28 AM |
|
How many of these centralized services has to go down, before people stop using them to store their wealth? We hardly recovered from Mt Gox, and then Crypsy got
compromised... Now it is ShapeShift. Just keep the majority of your wealth offline in cold storage and you will be fine. Bitcoin is decentralized for a reason and it worked out
pretty good thus far. It is fine to experiment, but only use limited amounts to do this... dump all coins in these services and you opening yourself up for a world of hurt.
|
|
|
|
franky1
Legendary
Offline
Activity: 4270
Merit: 4538
|
|
April 09, 2016, 10:26:41 AM |
|
cant any of these exchanges learn
stop having hot wallets on the same server that the front-end website is on. the solution is dead simple any front end order should not go straight to a hotwallet. instead it should sit on a database, call it what you like a 'pending request list', or whatever.
and a separate system unknown to the world views the database and processes the orders separately. there does not need to be any IP address stored on the front-end. because it does not push out requests. there does not need to be any hot wallets stored on the front-end because that server doesnt move coins. its just a display purpose only.
the separate system just looks in and processes the orders it see's.
knowing bitcoin takes 10 minutes+, means the milliseconds of separated communication between 2 systems instead of 1 combined system is meaningless.
no one should be running a hot-wallet on the server. there are no excuses
|
I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER. Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
|
|
|
Carlton Banks
Legendary
Offline
Activity: 3430
Merit: 3074
|
|
April 09, 2016, 10:37:15 AM |
|
ROFL @ Franky, IT Security Consultant
Are you available for hire? Do you refund clients when they discover your "advice" sounds too much like a page from "How to Setup and Secure Web Servers.... For Dummies!"
|
Vires in numeris
|
|
|
franky1
Legendary
Offline
Activity: 4270
Merit: 4538
|
|
April 09, 2016, 10:57:08 AM |
|
ROFL @ Franky, IT Security Consultant
Are you available for hire? Do you refund clients when they discover your "advice" sounds too much like a page from "How to Setup and Secure Web Servers.... For Dummies!"
keep dancing around like a fairy. (lowering myself down to your level for one sentance)its funny that you use insults, but never use technical explanations to prove me wrong. so goodluck with the insults, but maybe time you actually researched some technicals more. im sorry that i dont use your favourite buzzwords and prefer to speak laymens. but you will find that on a public forum generally its better to reword the bzzwords into simple english. so next time you see that i am not using buzzwords. its not because i simply dont know what im talking about. its because i know what im talking about but then translate it into simple english. EG, you may love your leaders if they say UTXO.. but i just say "unspents".. sorry if you think thats not acceptable. but you will get over it one day afterall, they mean the same thing. but atleast when i talk about them, im not trying to boost my ego and instead just trying to provide people what they need to know. so if you want to prove me wrong in the future. have a coffee, settle your emotions and reply with some rebuttle thats about the technicals rather then the personal. i welcome the day when you can be technical and provide accurate and informative information for once. have a nice day
|
I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER. Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
|
|
|
Carlton Banks
Legendary
Offline
Activity: 3430
Merit: 3074
|
|
April 09, 2016, 11:26:37 AM |
|
i welcome the day when you can be technical and provide accurate and informative information for once.
How about you stop misleading people about abstract technical challenges of developing Bitcoin software, and take a look at what really helping a real person with a real problem looks like. You have that nice day also. p.s. I don't expect to find Franky helping software users with their issues at all, he would have to sacrifice too much of the valuable time he spends propagandising with his faux-technical bilge
|
Vires in numeris
|
|
|
idev
|
|
April 09, 2016, 11:40:49 AM |
|
An unfortunate circumstance but like most things online it's not immune to hacking with hackers trying to exploit these sites daily. But as stated by ShapeShift, their platform is designed to protect customer funds in events like these so it would seem that only their company funds may have been taken.
|
|
|
|
franky1
Legendary
Offline
Activity: 4270
Merit: 4538
|
|
April 09, 2016, 11:43:10 AM Last edit: April 09, 2016, 12:07:43 PM by franky1 |
|
i welcome the day when you can be technical and provide accurate and informative information for once.
How about you stop misleading people about abstract technical challenges of developing Bitcoin software, and take a look at what really helping a real person with a real problem looks like. You have that nice day also. p.s. I don't expect to find Franky helping software users with their issues at all, he would have to sacrifice too much of the valuable time he spends propagandising with his faux-technical bilge lol ok carlton. you unsuccessfully helped someone update a program. keep up with that @cypherdoc
If you just want to erase the 0.93.3 location and replace it with 0.94.1:
appears to have failed. ran thru above steps and seemed ok. but when launching, i still get 0.93.3: by the way if you want to hijack a topic, atleast try keeping the posts about the topic. instead of your meandering offtopic crap that are full of insults and lack of real information.
|
I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER. Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
|
|
|
Carlton Banks
Legendary
Offline
Activity: 3430
Merit: 3074
|
|
April 09, 2016, 11:46:16 AM |
|
i welcome the day when you can be technical and provide accurate and informative information for once.
How about you stop misleading people about abstract technical challenges of developing Bitcoin software, and take a look at what really helping a real person with a real problem looks like. You have that nice day also. p.s. I don't expect to find Franky helping software users with their issues at all, he would have to sacrifice too much of the valuable time he spends propagandising with his faux-technical bilge lol ok carlton. you helped someone undate a program. keep up with that and you would have been completely out of your depth in that situation, as ever. You can't even compile a legible sentence
|
Vires in numeris
|
|
|
|