bitstamp 18,000 bitcoins stolen? -confirmed

[r0d3r1ck]

i suppose i had a lucky escape, i never saw reason to keep coins in the bitstamp exchange. i traded out of my bitstamp iou's on rippletrade when the prices went out of sync. i had to take a poor ask price in ripples but at least i got my money. the bitstamp gateway was open long after the initial announcement, and i thought i was being a little paranoid by bailing out with a haircut of about 2%.

now my ~bitstamp iou balance is nil, i had some dust in there. will be interesting to see if it comes back. anyone else see this?

Bitstamp has 200,000 BTC in reserves. Unlike Gox, they only lost a small percentage of total bitcoins during this hack so I think customers' deposits are safe. Poloniex suffered a similar hack which saw them lose 12.3 percent of their total BTC. They made it out fine.

Smells like fractional reserves...

yes, i agree. it is similar. now, a hacker cannot steal a digital iou, as they could only redeem it from the issuer who would recognise it as stolen and not accept it. the often cited weakness in ripple iou's has benefit in this case.

[1714746182]

1714746182

[1714746182]

1714746182

[1714746182]

1714746182

[1714746182]

1714746182

[wpalczynski]

VCs might not be happy about it but what choice do they have?  If they don't allow the 5 mil to be used to make users whole then bitstamp dies and they loose 10 mil.  They have to pick the lesser of the two evils.

If they got robbed, you would think they have some form of insurance covering the losses.
Fees they get per trade should IMO cover any flaw or hack that gets exploited.

If they have learned anything from GOX they will give people their money without fuss and bite the bullet.
If they do that trust in Bitcoin will remain and they will be a trusted and respected exchange.

For now they are taking the only valid approach and that is shutting it down to stop any secondary hacks and scan for forensics.

I have no money in Bitstamp but I am looking how Bitstamp resolves this problem.  

I would imagine there would be a run on coins and fiat to get out of bitstamp as soon as f*cking possible.

If I had a hefty sum of BTC and/or fiat I would want 100% of each out of there as soon as possible

If bitstamp doesn't have enough of their own stash to cover the losses and a run on coins and fiat withdraws they will be mtgox 2.

Biting the bullet would be ideal for trust of their customers.

If they don't bite the bullet and cover the losses and allow full BTC and fiat withdrawals with no unnecessary delays... I will never use them again and will do the same as I did with mtgox and post all over this forum how they are hiding their insolvency.

Let us hope they step up to the plate and take the loss from their own funds and let people get their money out.

This article says Bitstamp got $10m investment from Pantera Capital in 2013. That alone's enough to cover a $5m loss.

http://www.coindesk.com/paypal-bitstamp-chief-compliance-officer/

yes im sure their investors will be "okay" with taking half of their capital investment to cover their incompetence in this latest hack. 

[wpalczynski]

I dont think that the police can help at all.  They simply have no experience dealing with cryptocurrencies with the exception of a few people in the DEA and FBI.

I take it that those idiots at Bitstamp contacted some law enforcement

which then are in all likelihood aware of the location of the loot.

[wpalczynski]

If it was an inside job why not say that more of their BTC were stolen?  Go big or go home.  They are claiming that only approx ~12% was absocnded with.

This is bad news, I didn't had anything there but I think the site will most probably be shut-down now, if it isn't already. And there is no way of really knowing whether it was really a loot or just another inside job.

[r0d3r1ck]

m

from the sound of what the ceo said that they are moving the bitstamp environment to a more secure server location means that the physical servers were not so secured.
where do they keep their physical servers ?? in their moms basement ?? seems like bitstamp should at least be PCI compliant which means their servers need to be physically secured.
when they do an 'audit' then they need to do a security audit. if their stuff is not secure then they should not be in the business. hiring the engineer is expensive but cheaper than losing 5M a year.
from what i have read it sounds like someone walked in to their datacenter (or moms basement) and stuck a flash drive into the server and walked away with the wallet.dat file.
i not saying that is what happened but gathering what the ceo said and what i have read it sounds like maybe that what happened. whatever the case is they did not have sufficient security.

and what to do if the engineer or auditor cannot resist £5m?

if someone walked into their datacenter and used a flashdrive, then they are probably in a police cell as we speak. unfortunately the law in the uk takes a long time, which doesn't bode well for a quick resolution.

[chesthing]

Wow, so these stolen btc have been in a wallet during this crash? just a coincidence, not related.
Gee things are looking swell for btc right now. 

[celebreze32]

m

from the sound of what the ceo said that they are moving the bitstamp environment to a more secure server location means that the physical servers were not so secured.
where do they keep their physical servers ?? in their moms basement ?? seems like bitstamp should at least be PCI compliant which means their servers need to be physically secured.
when they do an 'audit' then they need to do a security audit. if their stuff is not secure then they should not be in the business. hiring the engineer is expensive but cheaper than losing 5M a year.
from what i have read it sounds like someone walked in to their datacenter (or moms basement) and stuck a flash drive into the server and walked away with the wallet.dat file.
i not saying that is what happened but gathering what the ceo said and what i have read it sounds like maybe that what happened. whatever the case is they did not have sufficient security.

and what to do if the engineer or auditor cannot resist £5m?

if someone walked into their datacenter and used a flashdrive, then they are probably in a police cell as we speak. unfortunately the law in the uk takes a long time, which doesn't bode well for a quick resolution.

They could have installed simple software that blocks access to USB devices. It's basic security for secure servers and I would be surprised if Bitstamp's servers wern't protected. Here is a very basic example of such software.

http://www.snapfiles.com/get/giliusb.html

GiliSoft USB Lock enables you to block access to USB and CD/DVD drives as well as other PC devices, including printers, modems, Bluetooth adapters and more.

[wpalczynski]

People are speculating that the crash was caused by people with inside knowledge selling their BTC in anticipation of a crash due to the news of BitGox being revealed and not due to the actual stolen coins being sold off.

Wow, so these stolen btc have been in a wallet during this crash? just a coincidence, not related.
Gee things are looking swell for btc right now. 

[mlferro]

definitely a very sad story.
luckily I had no bitcoin in  bitstamp.
anyone have any news on how walking the investigation (if, there is some investigation)?

[mike81]

I dont think that the police can help at all.  They simply have no experience dealing with cryptocurrencies with the exception of a few people in the DEA and FBI.

Maybe not directly with cryptocurrency but if this is a result of a serverhack there is some real expertise nowadays. We need to consider those BTC lost but there is real experience with internet crime.

[wpalczynski]

They do have expertise with Internet crime you are right however I am betting that whoever was sophisticated enough to perform this hack would be sophisticated enough to cover their tracks ex: TOR, VPN, etc.

If this was perpetrated by an individual gaining physical access to their server(s) then its likely that it could result in a fruitful investigation.  Access to most data centers is logged and monitored.  I cannot see VC investing 10 mil without performing due dilligence which would at the very least uncover sub-standard hosting practices.

I dont think that the police can help at all.  They simply have no experience dealing with cryptocurrencies with the exception of a few people in the DEA and FBI.

Maybe not directly with cryptocurrency but if this is a result of a serverhack there is some real expertise nowadays. We need to consider those BTC lost but there is real experience with internet crime.

[aztecminer]

m

from the sound of what the ceo said that they are moving the bitstamp environment to a more secure server location means that the physical servers were not so secured.
where do they keep their physical servers ?? in their moms basement ?? seems like bitstamp should at least be PCI compliant which means their servers need to be physically secured.
when they do an 'audit' then they need to do a security audit. if their stuff is not secure then they should not be in the business. hiring the engineer is expensive but cheaper than losing 5M a year.
from what i have read it sounds like someone walked in to their datacenter (or moms basement) and stuck a flash drive into the server and walked away with the wallet.dat file.
i not saying that is what happened but gathering what the ceo said and what i have read it sounds like maybe that what happened. whatever the case is they did not have sufficient security.

and what to do if the engineer or auditor cannot resist £5m?

if someone walked into their datacenter and used a flashdrive, then they are probably in a police cell as we speak. unfortunately the law in the uk takes a long time, which doesn't bode well for a quick resolution.

well that is why we only have one engineer and we keep everything in house rather than in someone elses "cloud" .
if you have your stuff in someone elses 'cloud' then you have a security weakness right there.
if you have a 5M file then that datacenter should have guards behind plexi glass, metal detectors, revolving doors, badge swipes, and video surveillance.
if your running a fly by night operation then you got your stuff in moms basement or in someone's cloud who promised your stuff was secure.
if these guys had their physical servers secured then no one could walk in and insert a flash drive and take their stuff.
of course if your security is too good then nothing could happen to the bitcoins. i mean its not their fault they were hacked right ??

[aztecminer]

I dont think that the police can help at all.  They simply have no experience dealing with cryptocurrencies with the exception of a few people in the DEA and FBI.

Maybe not directly with cryptocurrency but if this is a result of a serverhack there is some real expertise nowadays. We need to consider those BTC lost but there is real experience with internet crime.

from the sounds of what the ceo was saying these guys security was seriously lacking.
these guys probably were not even close to PCI compliant. (they probably dont have to be by law but they should strive for it anyways)
if they were then they wouldnt need to move their servers to.... "a more secure server space" -bitstram CEO
these guys have not been taking security seriously.

[Pustul]

Apparently they say they will resume operations in the next 24 hours:

https://www.cryptocoinsnews.com/bitstamp-resume-operations-next-24-hours/

[celebreze32]

Apparently they say they will resume operations in the next 24 hours:

https://www.cryptocoinsnews.com/bitstamp-resume-operations-next-24-hours/

That webpage refers to a translation of this link as it's source.

http://www.rtvslo.si/gospodarstvo/bitstampu-hekerji-ukradli-za-stiri-milijone-evrov-bitcoinov-borza-zacasno-zaprta/355142

Chrome could not directly translate that webpage, so I ran the text directly through Google translate. This is the result.

Bitstampu hackers stole four million euros bitcoins , exchange temporarily closed
The coins are stored on servers that are not connected to the Internet
January 6th, 2015 at 10:25 ,
The last intervention : January 6, 2015 at 11:14
Kranj - Reuters / STA
Slovenian Stock Exchange of coins bit Bitstamp remains closed - to hackers would steal from its servers bit about 19,000 coins ( € 4.3 million ) .

" Bitstamp remains liquid, more because of the investigation itself difficult to tell , " said co-founder Exchange Damijan Merlak , adding that the site stopped , " because it is the continuation of the operation of the servers erase important tracks" . " Currently in San Francisco with experts put a duplicate of the entire infrastructure, which is expected to be regulated in the next 24 hours . Then we can restore service " for clarification Merlak .

The stock market has asserted that " more than enough reserves " to cover the lost coin bit . Hackers should be taken away only " small proportion " bit of coins - Stock Exchange of Bitcoin is precisely because such cases the majority bit of coins stored on computers that are not connected to the Internet .

As they wrote on the website , you should restore the functioning of the stock exchange within a few days of the invasion have already informed the competent authorities .

Based in Kranj , now works in London
Bitstamp was created in Kranj in 2011 , and then as the founder Nejc Kodrič and Damijan Merlak headquarters moved to London . After the collapse of the Japanese stock exchange Mt Gox at the beginning of last year, Bitstamp some time held the position of largest stock exchange in the world in the last month with a market share of around šestodstotnim occupied third place.

Bit coins peaked in December predlani when the value of one bit of the coin rose to more than 1100 dollars. This was followed by a sharp decline and collapse of some of the exchanges, including even the largest stock exchange Mt Gox , in April last year declared the course. Today, it is a bit coin worth about 270 dollars.

Digital currency in spite of difficulties starting to take off . Payments to accept all coins bit more established companies - in mid-December the payment of Bitcoin allow US technology giant Microsoft , online encyclopedia Wikipedia but donations bit accepts coins since August last year.

T. K. B.

[piramida]

so they are actually running forensics, good, about time some exchange hacker left a footprint and got caught, maybe will cool other young heads a little.

[mike81]

So 24 - 48 hours to go.
https://twitter.com/nejc_kodric/status/552615256452001792

[celebreze32]

So 24 - 48 hours to go.
https://twitter.com/nejc_kodric/status/552615256452001792

Thanks, I was looking on the website which is only showing the statement from last night. If they simultaneously put their tweets on the website it might calm a few nerves faster.

[DoM P]

Smells like fractional reserves...

Bitstamp was audited by Mike Hearn, a Bitcoin dev back in May 2014. He said that everything seemed OK and all the funds were fully backed in their cold storage wallets. This was just 8 months ago and I'd be surprised if the situation has changed since then.

Yeah, well... This was before the hack, huh...

Now, there are not a million options here:
1. Bitstamp pays $5M with the fees they charged. That's tough, because they had about $1.5M worth of trading each day. At a 0.3% average, that gives $4500 per day. It would take them 1111 days of such fees to pay for those $5M, running costs non accounted for. Impossible.
2. They get $5M from their insurance. I've been working with insurers for such matters myself. Can't find one that would do that, so I'd bet they weren't insured for such a hack.
3. They get $5M from investors. That's tricky. New investors won't be stepping into this mess, so that leaves the previous VC that brought $10M. But this money was probably spent. If not, why bringing it in in the first place? Maybe they'd add $5M to protect the $10M they invested prior to the hack, but that's a dangerous move. Not impossible, but doubtful...
4. They run on fractional reserves. Easy, as long as 88% of the funds remain there.

On which option would you bet?

[Nrcewker]

would bitstamp be relaunched in 24h~48h?
https://twitter.com/nejc_kodric/status/552615256452001792

How shall them deal with this loss? BTC18,000