Instawallet/Bitcoin-Central Security Breach

[uuidman]

I might be confusing people, but isn't davout behind both instawallet and bitcoin-central, who also "detected a security breach"? https://bitcointalk.org/index.php?topic=164132.0

yep, and instawire.org which disappeared
for a while it was showing an error page with a list of all their directories. saw a lot of ruby gems there not good, anybody remember the insecure gems fiasco a few months ago?

No, I only remember that rails had problems and a lot of sites want quick enough, bad processes really. Is that what you referring to ? Or was is something else and bitcoin-related and I missed it.

[Merralea]

Bitcoin users that trust nobody not affected.

Bitcoin users that trust nobody, but chose to move funds around at the worst time humanly possible, very much affected.

[SgtSpike]

Well, this is interesting...

[the founder]

There might be good news to this,  the fact that they had bitcoins in cold storage in the first place to help repopulate what they lost might be a good sign.

[moni3z]

I find it strange that the two big transactions at http://blockchain.info/address/1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy are still unconfirmed.  Any reason for this besides someone trying to spend coin that isn't there?

maybe the theif was too cheap to pay txn fees

[beala]

Someone on HN pointed out that the transfer happened an hour or two before the site went down. Can anyone confirm this? It looks like the transfer happened about an hour before *this thread* appeared, but did this thread start immediately after the site came down?

https://news.ycombinator.com/item?id=5475389

[Nick]

I find it strange that the two big transactions at http://blockchain.info/address/1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy are still unconfirmed.  Any reason for this besides someone trying to spend coin that isn't there?

maybe the theif was too cheap to pay txn fees

Actually the tx fees are 0.10 BTC each. 10 USD!

[keverw]

Maybe the cold storage or some wallet got compromise, and they are moving it to a new wallet... Or maybe the owners of the site are pretending they were hacked, then cash out then go live on an island somewhere... Hard to tell really. Guess time will tell. I didn't use Instawallet but I have a feeling lots of newbies used it since its convenience.

[gbl08ma]

You're supposed to cut+paste the bitcoin address your URL leads to so you can watch it with the blockchain.

That will do nothing but make users panic when they see value moving out of that address. The address Instawallet associates/associated with a certain URL is used only for depositing, increasing your balance in Instawallet's internal DB. Then once the money is throwed into the Instawallet system, it can be taken from these deposit addresses without the having the user send money out of the wallet. In other words, the balance of a Instawallet wallet is unrelated to the balance, verifiable with the blockchain, of the deposit address for that wallet.

Also, before Instawallet and Bitcoin Central went down, users had trouble sending money out - https://bitcointalk.org/index.php?topic=163918.0 . I already said this in another thread about this Instawallet security breach, but now I found the link to that thread. I think this has something to do with the hot wallet being empty - now who or what caused it to empty is another story... what do you think?

[molecular]

I find it strange that the two big transactions at http://blockchain.info/address/1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy are still unconfirmed.  Any reason for this besides someone trying to spend coin that isn't there?

maybe the theif was too cheap to pay txn fees

Actually the tx fees are 0.10 BTC each. 10 USD!

hm, blockexplorer doesn't know about the large transactions: http://blockexplorer.com/address/1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy

[d5000]

[Apr-1 10:30 CET] Bitcoin-Central and Paytunia update: Our customer's bitcoins and euros are safe and will not be affected by the security breach. We have taken the websites off-line for proper investigation.

The address 1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy is under our exclusive control.

We thank you for your patience and will provide updates exclusively on this page as they come in. We are committed to resuming service as soon as possible. Expect normal service to resume within 48 hours.


----

Deep breath ...

[the founder]

They failed to mention instawallet ?   Why?

[steelboy]

Does that include instawallet?

And is this user reliable?

[twolifeinexile]

[Apr-1 10:30 CET] Bitcoin-Central and Paytunia update: Our customer's bitcoins and euros are safe and will not be affected by the security breach. We have taken the websites off-line for proper investigation.

The address 1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy is under our exclusive control.

We thank you for your patience and will provide updates exclusively on this page as they come in. We are committed to resuming service as soon as possible. Expect normal service to resume within 48 hours.


----

Deep breath ...

The wording "exclusive control" is also odd to me, sounds like someone steals it (internal employee?) and they discovered and force the guy give back the key?

[molecular]

I locked my thread https://bitcointalk.org/index.php?topic=164132.msg1717292#msg1717292 (about Bitcoin-Cetnral security breach) and told people to come here.

Injust, can you please change thread title to include "bitcoin central"?

[pof]

[Apr-1 10:30 CET] Bitcoin-Central and Paytunia update: Our customer's bitcoins and euros are safe and will not be affected by the security breach. We have taken the websites off-line for proper investigation.

The address 1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy is under our exclusive control.

We thank you for your patience and will provide updates exclusively on this page as they come in. We are committed to resuming service as soon as possible. Expect normal service to resume within 48 hours.


----

Deep breath ...

What's the site?

[mccorvic]

twolifeinexile, nahh it just means that they and only they control it. Could just as well say "it is our address".

But exclusive control sounds so much COOLER.

[Joost]

They sure kept us in a state of panic for a while there! Glad to see it's all working out fine

[Apr-1 10:30 CET] Bitcoin-Central and Paytunia update: Our customer's bitcoins and euros are safe and will not be affected by the security breach. We have taken the websites off-line for proper investigation.

The address 1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy is under our exclusive control.

We thank you for your patience and will provide updates exclusively on this page as they come in. We are committed to resuming service as soon as possible. Expect normal service to resume within 48 hours.


----

Deep breath ...

What's the site?

It's showing up on https://bitcoin-central.net/

So far it hasn't appeared on Paytunia and Instawallet yet, but as the Instawallet transaction was to the same address I can only assume that those funds are safe as well.

[lucb1e]

either way the lesson will be "trust no one to hold your coins".

Seconded

[uhoh]

Glad this one has panned out OK (or will do once that transaction actually confirms)

As the value of bitcoin goes up, so does the amount (and the combined skillset) of hackers wanting to relieve people and business of coins. There is only so well prepared these companies can be, as seen by the social-engineering hack on BitInstant.