Bitcoin Forum
April 21, 2014, 02:41:29 PM *
News: Due to the OpenSSL heartbleed bug, changing your forum password is recommended.
 
   Home   Help Search Donate Login Register  
Pages: 1 [2] 3 4 5 6 7 8  All
  Print  
Author Topic: Bitcoinica lost 43,554 BTC from Linode compromise, suspicious TXIDs publicized  (Read 35892 times)
kiba
Hero Member
*****
Offline Offline

Activity: 980


View Profile

Ignore
March 02, 2012, 04:22:05 AM
 #21

Maybe you should consider reducing your hot wallet? A little inconvenience is a lot better than losing that much money.

1398091289
Hero Member
*
Offline Offline

Posts: 1398091289

View Profile Personal Message (Offline)

Ignore
1398091289
Reply with quote  #2

1398091289
Report to moderator
Unbeatable Service & Product Support
Grab Your Miners at GAWMiners.com
Order Before April 25th to receive
Double your Hashing Power for 1 week!

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1398091289
Hero Member
*
Offline Offline

Posts: 1398091289

View Profile Personal Message (Offline)

Ignore
1398091289
Reply with quote  #2

1398091289
Report to moderator
1398091289
Hero Member
*
Offline Offline

Posts: 1398091289

View Profile Personal Message (Offline)

Ignore
1398091289
Reply with quote  #2

1398091289
Report to moderator
cablepair
SCAMMER
Hero Member
*****
Offline Offline

Activity: 672


http://www.BTCFPGA.com


View Profile WWW

Ignore
March 02, 2012, 04:23:08 AM
 #22

i mean seriously, could not this whole thing been prevented if the wallet was just encrypted?
cypherdoc
Hero Member
*****
Offline Offline

Activity: 1120



View Profile

Ignore
March 02, 2012, 04:24:26 AM
 #23

i mean seriously, could not this whole thing been prevented if the wallet was just encrypted?

you would think so  Roll Eyes

whats the excuse for not doing this?
stick_theman
Sr. Member
****
Offline Offline

Activity: 372


View Profile

Ignore
March 02, 2012, 04:24:42 AM
 #24

Wow that's one heck of an attack.  Terribly sorry to hear about the loss but hopefully you can recouperate in some way with the company or community.  

Is Linode like a version of Linux or server software, or just a hosting company such as 1&1, Dreamhost, GoDaddy etc.?  I suppose whether it is Windows, Linux, or Mac, if someone knows what they are doing it doesn't matter what software runs the wallet.  A user could get to the right files if they know.  

Looks like Linode is just a hosting company.  Link: http://en.wikipedia.org/wiki/Linode

I heard from Slush's thread that the Super Admin at Linode can login to any of the virtual server/websites, including Slush's mining pool and Bitcoinica.

I think MtGox should take note... possibly migrate to a non-US server??  

I bet there's a team of people, be it insider or outsider, poppin' toasting champagne right now, as this is a concerted effort to bring down bitcoins.

zhoutong
VIP
Hero Member
*
Offline Offline

Activity: 490


View Profile WWW

Ignore
March 02, 2012, 04:24:49 AM
 #25

You’re a class act for standing behind your business and accepting the burden of loss yourself.

Your losses can be decreased substantially if you wait to reimburse your clients until after the associated market drop that will follow this event.


+1

but I have to ask, is there something I am missing here, why was this wallet with over $200k worth of bitcoins not encrypted with a strong password?

The root password has been changed via the customer service interface at Linode. The ruby gem we were using to process Bitcoin withdrawals did not support encrypted wallets. We have already migrated to a secure hosting with only intranet incoming access.

Founder of NameTerrific (https://www.nameterrific.com/). Co-founder of CoinJar (https://coinjar.io/)

Donations for my future Bitcoin projects: 19Uk3tiD5XkBcmHyQYhJxp9QHoub7RosVb
kiba
Hero Member
*****
Offline Offline

Activity: 980


View Profile

Ignore
March 02, 2012, 04:26:04 AM
 #26

Looks like Linode is just a hosting company.  Link: http://en.wikipedia.org/wiki/Linode

I heard from Slush's thread that the Super Admin at Linode can login to any of the virtual server/websites, including Slush's mining pool and Bitcoinica.

I think MtGox should take note... possibly migrate to a non-US server??  

I bet there's a team of people, be it insider or outsider, poppin' toasting champagne right now, as this is a concerted effort to bring down bitcoins.

This doesn't hurt bitcoin. It makes bitcoin stronger. What doesn't kill us makes us stronger, more aware of the danger.

chrisrico
Sr. Member
****
Offline Offline

Activity: 425


View Profile

Ignore
March 02, 2012, 04:26:12 AM
 #27

i mean seriously, could not this whole thing been prevented if the wallet was just encrypted?

you would think so  Roll Eyes

whats the excuse for not doing this?

If payments were automated, it would have to decrypt the keys at some point...

What may have prevented this is multi sig transactions.
bearbones
Sr. Member
****
Offline Offline

Activity: 317



View Profile WWW

Ignore
March 02, 2012, 04:26:43 AM
 #28

i mean seriously, could not this whole thing been prevented if the wallet was just encrypted?

Obviously the software running against the hot wallet has to have access to it. This means that if someone roots the server, they'll be able to have the same access to the hot wallet. Encryption would not have entered into it.

Zhou, good on you for covering this! I'm having a hard enough time covering the BTCinch theft; I can only imagine how pissed you are at linode.

Feed Ze Birds Pay and get paid for tweets
Coinapult Send Bitcoins easily over email or text message
kiba
Hero Member
*****
Offline Offline

Activity: 980


View Profile

Ignore
March 02, 2012, 04:27:43 AM
 #29

Obviously the software running against the hot wallet has to have access to it. This means that if someone roots the server, they'll be able to have the same access to the hot wallet. Encryption would not have entered into it.

Zhou, good on you for covering this! I'm having a hard enough time covering the BTCinch theft; I can only imagine how pissed you are at linode.

Zhou could have reduced his loss significantly by reducing the amount of bitcoin that were in the hot wallet. It could be 10,000 bitcoin, for example.

cablepair
SCAMMER
Hero Member
*****
Offline Offline

Activity: 672


http://www.BTCFPGA.com


View Profile WWW

Ignore
March 02, 2012, 04:27:59 AM
 #30

so basically the problem here is no one was using encrypted wallets because the web apps they were connected to were not compatible

damn what a shame thats a lot of money Sad props to the OP for doing the right thing.
smickles
Sr. Member
****
Offline Offline

Activity: 446



View Profile WWW

Ignore
March 02, 2012, 04:31:49 AM
 #31

so basically the problem here is no one was using encrypted wallets because the web apps they were connected to were not compatible
yeah... no

Clipse
SCAMMER
Hero Member
*****
Offline Offline

Activity: 504


View Profile

Ignore
March 02, 2012, 04:33:32 AM
 #32

Not trying to heat up the waves but whats the chances the recent dump is related to these coins.

As much as I hate regulation of any kind, I hope Mark can look at the person(s) dumping right now and see if the coins they moved is part of the coins stolen.

...In the land of the stale, the man with one share is king... >> Clipse

We pay miners at 130% PPS | Signup here : Bonus PPS Pool (Please read OP to understand the current process)
cablepair
SCAMMER
Hero Member
*****
Offline Offline

Activity: 672


http://www.BTCFPGA.com


View Profile WWW

Ignore
March 02, 2012, 04:33:41 AM
 #33

yeah .... no?

explain to me how I am wrong.
bitcoinBull
Hero Member
*****
Offline Offline

Activity: 812


rippleFanatic


View Profile

Ignore
March 02, 2012, 04:34:11 AM
 #34

i mean seriously, could not this whole thing been prevented if the wallet was just encrypted?

Obviously the software running against the hot wallet has to have access to it. This means that if someone roots the server, they'll be able to have the same access to the hot wallet. Encryption would not have entered into it.

Zhou, good on you for covering this! I'm having a hard enough time covering the BTCinch theft; I can only imagine how pissed you are at linode.

In this case, encryption would have protected the wallet because the attacker was only able to get root access after a reboot.

College of Bucking Bulls Knowledge
cablepair
SCAMMER
Hero Member
*****
Offline Offline

Activity: 672


http://www.BTCFPGA.com


View Profile WWW

Ignore
March 02, 2012, 04:34:35 AM
 #35

i mean seriously, could not this whole thing been prevented if the wallet was just encrypted?

Obviously the software running against the hot wallet has to have access to it. This means that if someone roots the server, they'll be able to have the same access to the hot wallet. Encryption would not have entered into it.

Zhou, good on you for covering this! I'm having a hard enough time covering the BTCinch theft; I can only imagine how pissed you are at linode.

In this case, encryption would have protected the wallet because the attacker was only able to get root access after a reboot.

thank you.
drakahn
Hero Member
*****
Offline Offline

Activity: 504



View Profile WWW

Ignore
March 02, 2012, 04:35:29 AM
 #36

so basically the problem here is no one was using encrypted wallets because the web apps they were connected to were not compatible

damn what a shame thats a lot of money Sad props to the OP for doing the right thing.

even if the 'web apps' were compatible, they would need to know the encryption key, so anyone with access would also have the encryption key

░▒▓█ Coinroll.it - 1% House Edge Dice Game █▓▒░ • Coinroll Thread • *FREE* 100 BTC Raffle
14ga8dJ6NGpiwQkNTXg7KzwozasfaXNfEU
smickles
Sr. Member
****
Offline Offline

Activity: 446



View Profile WWW

Ignore
March 02, 2012, 04:36:00 AM
 #37

yeah .... no?

explain to me how I am wrong.
as was mentioned before, the wallet would have to be decrypted at some point in time to use it, the attacker had root access so they would see the unencrypted wallet. This means that an encrypted wallet would not have help out at all.

kiba
Hero Member
*****
Offline Offline

Activity: 980


View Profile

Ignore
March 02, 2012, 04:36:23 AM
 #38

In this case, encryption would have protected the wallet because the attacker was only able to get root access after a reboot.

AND mutlisignature

AND low amount of BTC in your hot wallet in case your defense in depth got bypassed.

smickles
Sr. Member
****
Offline Offline

Activity: 446



View Profile WWW

Ignore
March 02, 2012, 04:38:02 AM
 #39

i mean seriously, could not this whole thing been prevented if the wallet was just encrypted?

Obviously the software running against the hot wallet has to have access to it. This means that if someone roots the server, they'll be able to have the same access to the hot wallet. Encryption would not have entered into it.

Zhou, good on you for covering this! I'm having a hard enough time covering the BTCinch theft; I can only imagine how pissed you are at linode.

In this case, encryption would have protected the wallet because the attacker was only able to get root access after a reboot.
why would a reboot stop the attacker from seeing the wallet being unencrypted during the next use?

bbit
Hero Member
*****
Offline Offline

Activity: 1050


Bitcoin


View Profile

Ignore
March 02, 2012, 04:38:08 AM
 #40

In this case, encryption would have protected the wallet because the attacker was only able to get root access after a reboot.

AND mutlisignature

AND low amount of BTC in your hot wallet in case your defense in depth got bypassed.

this ^^

BitcoinStarter.com - The First Bitcoin CrowdFunding site!
Videos4BTC.info - Video clips of girls stripping for BTC!
DopeCoin.com - A Billion Dollar Market!
Pages: 1 [2] 3 4 5 6 7 8  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!