Bitcoin Forum
November 08, 2024, 08:17:34 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Warning: One or more bitcointalk.org users have reported that they strongly believe that the creator of this topic is a scammer. (Login to see the detailed trust ratings.) While the bitcointalk.org administration does not verify such claims, you should proceed with extreme caution.
Pages: « 1 2 3 4 5 [6] 7 8 »  All
  Print  
Author Topic: BIPS, Payment Service Provider (PSP) for Merchants  (Read 75398 times)
allincoin
Newbie
*
Offline Offline

Activity: 42
Merit: 0


View Profile
November 25, 2013, 02:53:40 AM
 #101

doesn't seem like bips plans to do anything except continue business as usual and pretend nothing happened
assortmentofsorts
Member
**
Offline Offline

Activity: 91
Merit: 10



View Profile
November 25, 2013, 03:56:52 AM
 #102

So has no one got their BTC back from the BIPS wallets? Is it even worth submitting a helpdesk ticket right now?

Nope. Kris isn't even replying to my messages. But he is coming online atleast twice every day. I'm absolutely disappointed with his attitude. So much for professionalism!

If you want to tip: BTC 1KbjTUEfcziwMv7BMXcjmvNAKEpTJbZCsF
assortmentofsorts
Member
**
Offline Offline

Activity: 91
Merit: 10



View Profile
November 25, 2013, 04:27:15 AM
 #103

It is imperative to understand that everything was wiped out from our servers and getting functionality back is priority #1.

It is not imperative for us to understand that getting functionality back is your priority #1.

Quote
The wallet part of BIPS was a free service to make payments easier for users.
Web Wallets are like a regular wallet that you carry cash in and not meant to keep large amounts in.

Then why did you provide this feature? The funny thing is in your Press release you are promising to bring out a "better" and more "secure" wallet in the near future. Are you planning to rob more people with this new "better" and "secure" wallet of yours?

Quote
Hence we offered a paper wallet as a cold storage alternative for those who wanted a safe storage solution.
We will be contacting all affected users as already proclaimed.
We will need their consent to hand over information to the authorities for further investigation, which hopefully can assist in catching the thief.
Those who were not affected and have a bitcoin balance will also be contacted.
Most balances left are minuscule, but if you had more than a few satoshi’s in your wallet you are affected, and will be contacted.

Another priority is doing forensics data recovery to be able to investigate and assist authorities in finding the attacker.

Quote
Technical information will not be disclosed for security reasons.

As a customer I have every right to know all the technical information involving this hack. All I have got from you is 1 graph of load spike which says nothing about the hack.

Quote
Stolen coins have been isolated and server logs have been retrieved from data recovery:
https://blockchain.info/address/1LuG91tcSQxKj32BsCoRkX7yQLfj9LtkCs

Please be advised that attacks are not isolated to us and if you are storing larger amounts of coins with any third party you may want to find alternative storage solutions as soon as possible, preferably cold storage if you do not need immediate access to those coins:
www.coindesk.com/hacker-attack-polands-bitcoin-exchange/
www.coindesk.com/czech-bitcoin-exchange-bitcash-cz-hacked-4000-user-wallets-emptied/

You sound more like TradeFortress here. We don't need to be educated about alternative storage solutions. We already know about them. We store coins online for a reason. There are plenty of times where we don't have access to our offline wallets and we need money to immediately initiate a transfer. If you guys start stealing our coins by calling it a "hack" you are just contributing to ruining the bitcoin ecosystem.

I wanted to settle this issue without resorting to a rant but you have left me with no choice. You haven't yet replied to any of my messages or even on the helpdesk.

Also I digged further into BIPS activities and I realized something really surprising. It was sending some of my coins to EasyCoin (a scam site that promises to mix coins but steals users coins instead). Its unfortunate that I did not do my investigations before this and I trusted BIPS with my coins. I mean who in the right mind would send customers coins to a scam site? And why would BIPS need to do that? It already had its own coin mixing system in place.

Here is the address generated by BIPS: https://blockchain.info/address/1PGXTsbbrnXBnTgEdssRCH8Ukc57DvapcP that was used by me to deposit my coins.

The way BIPS works is that it moves the coins you deposit to its address to another collecting address. I made a deposit of 1.5BTC (transaction here: https://blockchain.info/tx/37b7e6df916b32113e9dda776d6127c0566106fcca89a750537ad27ccab11462) on 31st October 2013.

As usual it was immediately moved to another address. This time it was to 1EGm7XaUVK2iAX1TzZy4i8w7BZ9kybF59B (https://blockchain.info/tx/fcd34fecf7898c2420e7a5b36a8ffd34d5583c1a73428f63d6d64eb7639af06a) with the remaining amount returned to 14xMNNgzDtkmrPhkEZohGg3nHkPFw96hDz. Now if you inspect 14xMNNgzDtkmrPhkEZohGg3nHkPFw96hDz you'll see only 1 input and 1 output. The output is to the EasyCoin deposit address (see transaction: https://blockchain.info/tx/396d954b416c18a8034d4677e95628841b7d45324afdedbc0db43c04f16bbddf).


If you want to tip: BTC 1KbjTUEfcziwMv7BMXcjmvNAKEpTJbZCsF
daibasen
Newbie
*
Offline Offline

Activity: 30
Merit: 0


View Profile
November 25, 2013, 11:39:38 AM
 #104

Did a story about it:

Bitcoin Payment Processor BIPS Attacked, Over $1m Stolen
http://www.coindesk.com/bitcoin-payment-processor-bips-attacked-1m-stolen/
bnjmnkent
Full Member
***
Offline Offline

Activity: 196
Merit: 100


View Profile
November 25, 2013, 07:27:28 PM
Last edit: November 25, 2013, 08:25:06 PM by bnjmnkent
 #105

F* Sad
For Bitcoin and everybody involved, I hope this gets resolved properly FWIW
moderate
Member
**
Offline Offline

Activity: 98
Merit: 10

nearly dead


View Profile
November 25, 2013, 09:05:37 PM
 #106

On November 15th BIPS was the target of a massive DDoS attack,

All good so far, it happens to everyone.

which is now believed to have been the initial preparation for a subsequent attack on November 17th that overloaded our managed switches and disconnected the iSCSI connection to the SAN on BIPS servers.

huh, what ? who is the idiot that setup this network ?

Regrettably, despite several layers of protection, the attack caused vulnerability to the system, which has then enabled the attacker/s to gain access and compromise several wallets.

Wait wait wait. There is some huge step missing there, what are you omitting ? How do go you from DDoS, to network failure, to XXX, to access breach ?
Please don't get into the same territory as TF.
Pierre
Full Member
***
Offline Offline

Activity: 207
Merit: 100


View Profile
November 25, 2013, 10:08:36 PM
 #107

...attack on November 17th that overloaded our managed switches and disconnected the iSCSI connection to the SAN on BIPS servers. ... the attack caused vulnerability to the system, which has then enabled the attacker/s to gain access and compromise several wallets.

This it utter bullshit. Overloading a SAN 'caused vulnerability'? No that is nonsense. Please elaborate because this looks like BIPS is just making shit up.
allincoin
Newbie
*
Offline Offline

Activity: 42
Merit: 0


View Profile
November 25, 2013, 10:54:43 PM
 #108

Glad there are others with enough technical knowledge to call them out if indeed thats the case...
Abdussamad
Legendary
*
Offline Offline

Activity: 3682
Merit: 1580



View Profile
November 25, 2013, 11:26:12 PM
 #109

Who the hell puts 90 BTC in a web wallet? I had ~0.13 BTC there and I'm waiting to get it back as I think BIPS is a little bit trustworthy. But I can also learn to finally switch out from web wallets, get an Android and install Electrum on it instead of using web wallet even for cents.

Sorry to read this. I've seen you in the Electrum forums and you're always helping people. I hope you get your coins back.
cubicdissection
Member
**
Offline Offline

Activity: 231
Merit: 10


View Profile WWW
November 26, 2013, 06:31:50 AM
 #110

On November 15th BIPS was the target of a massive DDoS attack,

All good so far, it happens to everyone.

which is now believed to have been the initial preparation for a subsequent attack on November 17th that overloaded our managed switches and disconnected the iSCSI connection to the SAN on BIPS servers.

huh, what ? who is the idiot that setup this network ?

Regrettably, despite several layers of protection, the attack caused vulnerability to the system, which has then enabled the attacker/s to gain access and compromise several wallets.

Wait wait wait. There is some huge step missing there, what are you omitting ? How do go you from DDoS, to network failure, to XXX, to access breach ?
Please don't get into the same territory as TF.

Agree.  I do woodworking now but I used to be in IT. I sent this to a buddy of mine who ran pen testing for a large security corporation...I'll let you guys know what he says.
Pierre
Full Member
***
Offline Offline

Activity: 207
Merit: 100


View Profile
November 26, 2013, 09:19:41 AM
 #111

There's is definitely something fishy here. DDoS attacks don't just 'cause vulnerability' in a system. Either a very important part of the story is being left out or BIPS is making it all up. I don't see how a disconnected or overloaded iSCSI connected SAN can 'cause vulnerability' leaving their system open for hackers?

BIPS please explain.
cubicdissection
Member
**
Offline Offline

Activity: 231
Merit: 10


View Profile WWW
November 26, 2013, 09:39:26 PM
 #112

I have been in touch with Kris and while I cannot share any details, he has convinced me that he is taking this very seriously.  I retract my earlier implications that he stole the coins himself.  I'm convinced now that they were hacked, and that he is working hard to fix things and make them right.

That's all I got, but I thought I would let you guys know.  This is a shit situation for everyone  Embarrassed
bitpop
Legendary
*
Offline Offline

Activity: 2912
Merit: 1060



View Profile WWW
November 27, 2013, 01:42:33 AM
 #113

Lol what idiots use web wallets? You were warned LONG AGO by instawallet.
I only use blockchain and even left them.
At least blockchain never held your private keys unencrypted.
An attack there would only get people who log in over a time period by comprising the javascript to get the unencrypted private keys.

stormlighter
Full Member
***
Offline Offline

Activity: 152
Merit: 100


View Profile
November 27, 2013, 08:38:44 PM
 #114

"Stolen"... Thats a bunch of BS!

This is the second time the owner, Kris Henriksen, has pulled of a stunt like this!
assortmentofsorts
Member
**
Offline Offline

Activity: 91
Merit: 10



View Profile
November 27, 2013, 08:53:17 PM
 #115

"Stolen"... Thats a bunch of BS!

This is the second time the owner, Kris Henriksen, has pulled of a stunt like this!

When was the first time?

If you want to tip: BTC 1KbjTUEfcziwMv7BMXcjmvNAKEpTJbZCsF
bernard75
Legendary
*
Offline Offline

Activity: 1316
Merit: 1003



View Profile
November 27, 2013, 08:57:01 PM
 #116

"Stolen"... Thats a bunch of BS!

This is the second time the owner, Kris Henriksen, has pulled of a stunt like this!

Was it with BIPS?
stormlighter
Full Member
***
Offline Offline

Activity: 152
Merit: 100


View Profile
November 27, 2013, 09:08:18 PM
 #117

With BIPS, Kris Henriksen pulled a Inputs.io (Tradefortress) claiming ddos attacks overloaded some switches and the hackers gained access. Bitch please....
His last wallet service https://bitcointalk.org/index.php?topic=249751.new

cubicdissection
Member
**
Offline Offline

Activity: 231
Merit: 10


View Profile WWW
November 28, 2013, 12:04:48 AM
 #118

With BIPS, Kris Henriksen pulled a Inputs.io (Tradefortress) claiming ddos attacks overloaded some switches and the hackers gained access. Bitch please....
His last wallet service https://bitcointalk.org/index.php?topic=249751.new

WalletBit was not a scam. I asked for my balance to be transferred months after the service closed and they did it immediately.
grantbdev
Sr. Member
****
Offline Offline

Activity: 292
Merit: 250



View Profile
December 09, 2013, 07:45:45 PM
 #119

So...any refunds yet?

Don't use BIPS!
allincoin
Newbie
*
Offline Offline

Activity: 42
Merit: 0


View Profile
December 09, 2013, 07:58:35 PM
 #120

no refunds, the update below from the 4th basically stated they are not responsable we shouldn't have trusted them to hold any of our coins.

Wallet Status Update
04 December 2013 12:25 AM
We sincerely apologise for the limited information that has been available up to now, but we have not had and are still short of facts to be able to make sufficient thorough official statements.

 

Most of what was recoverable from our servers and backups has now been restored and we are currently working on retrieving more information to get a better understanding of what exactly happened, and most of all what can be done to track down who did it.

 

1295 bitcoins in total were sent to an external wallet by the attackers.

https://blockchain.info/address/1LuG91tcSQxKj32BsCoRkX7yQLfj9LtkCs

Those bitcoins are not retrievable unless we can find the perpetrators and somehow make a demand they return the coins.

The Danish National IT Forensic Police department have agreed to assist us examining what data there is.

 

It appears that in order to file a police report for theft, we may need consent from all affected parties to lodge, as according to the police they can not classify this as a theft due to the current non regulation of bitcoin. We are currently looking in to details surrounding this further, awaiting a response from our lawyers and the police department.

Will there be any reimbursement available?

Please bear in mind that the wallet service was a free service and thus there has been 0 revenue generated from it. Hence BIPS is unable to reimburse bitcoins lost unless the stolen coins are retrieved.

We are discussing the possibility of a compensation plan with our legal advisors, but are unable to comment further on this for now.



Practical information:

 
There are a few account holders who have a small balance of bitcoins in their wallets after the attack. Some have also had payments sent to their BIPS wallet bitcoin addresses and we recovered these on November 19th sending them to an external wallet for safety reasons. These coins will naturally be available for withdrawal by the respective owners. Any bitcoins sent to old addresses after November 19th will also be available to withdraw by those they belong to.

 

Some merchants have accumulated sales that have been converted to Fiat over time, but not yet reached their minimum payouts. Their balances will also be available in their chosen currency with an option to have them paid out immediately or paid manually together with their new accumulated balance.

 

For all of the above instances, we are currently working on setting up a clone containing old wallet info and transactions, please grant us patience ..

 

Notice:

 

Our mailing system was wiped out during the attack and is still not restored. That means that if we send out mass emails, a large number of these will never reach their destination or end up in Spam folders (some email providers will even auto delete them).

Please check the news section of our helpdesk for more updates and information regularly in case you are amongst the ones who are not receiving our emails.


 
Pages: « 1 2 3 4 5 [6] 7 8 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!