Bitcoin Forum
December 10, 2016, 12:45:18 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Bitconica  (Read 1029 times)
albertdemorcerf
Newbie
*
Offline Offline

Activity: 6


View Profile
July 25, 2012, 07:13:07 PM
 #1

Bitconica has been refrenced in about 1 out of every 10 or so posts I've read. Can anyone give me a quick (or long) summary as to what happened? Can anyone explain this whole hack?

thanks
-albertdemorcerf
1481373918
Hero Member
*
Offline Offline

Posts: 1481373918

View Profile Personal Message (Offline)

Ignore
1481373918
Reply with quote  #2

1481373918
Report to moderator
1481373918
Hero Member
*
Offline Offline

Posts: 1481373918

View Profile Personal Message (Offline)

Ignore
1481373918
Reply with quote  #2

1481373918
Report to moderator
The forum strives to allow free discussion of any ideas. All policies are built around this principle. This doesn't mean you can post garbage, though: posts should actually contain ideas, and these ideas should be argued reasonably.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481373918
Hero Member
*
Offline Offline

Posts: 1481373918

View Profile Personal Message (Offline)

Ignore
1481373918
Reply with quote  #2

1481373918
Report to moderator
1481373918
Hero Member
*
Offline Offline

Posts: 1481373918

View Profile Personal Message (Offline)

Ignore
1481373918
Reply with quote  #2

1481373918
Report to moderator
1481373918
Hero Member
*
Offline Offline

Posts: 1481373918

View Profile Personal Message (Offline)

Ignore
1481373918
Reply with quote  #2

1481373918
Report to moderator
Phinnaeus Gage
Legendary
*
Offline Offline

Activity: 1302


Bitcoin: An Idea Worth Spending


View Profile
July 25, 2012, 07:42:44 PM
 #2

Bitconica has been refrenced in about 1 out of every 10 or so posts I've read. Can anyone give me a quick (or long) summary as to what happened? Can anyone explain this whole hack?

thanks
-albertdemorcerf

May I suggest reading a couple of the threads to get your hours in. Not being an ass, but...

~Bruno~
asw0210
Newbie
*
Offline Offline

Activity: 14


View Profile
July 25, 2012, 08:59:20 PM
 #3

The website itself doesn't do a bad job explaining what happened.

From https://bitcoinica.com/:
Quote
As promised we are providing further details surrounding the recent security attack on Bitcoinica.

The hacker was successful able to access an email server. This gave the attacker access to info@bitcoinica.com which in turn allowed them to reset passwords with our hosting provider, Rackspace. From there, they were able to change root passwords, steal the private keys of our hosted bitcoin wallet, and compromise our online database.

In the past, Bitcoinica has been victim to the poor security practices of an irresponsible hosting provider. In this case, the fault was entirely ours. Specifically, here's how things went wrong:

1) We had too many bitcoins in our online wallet.

In light of past experiences you might say this is inexcusable. You would be right. Our practice was to keep online balances to a minimal amount by periodic transfer to offline storage. However, this was a manual process and the online balance could grow quickly and unpredictably from user deposits. We should have had an automatic process or an alert system to prevent the online wallet from growing too large. Indeed, that was planned, but it didn't happen soon enough.

2) Access control and server security did not get the proper attention

Since administrative email accounts can receive password reset links from Rackspace, the administrative contact should have been a secure email address, it was not. Access to this email account should have been limited to administrative personnel.

3) We did not retain needed expertise fast enough

As many of you know, Bitcoinica began as a small project by a solo founder. The advanced trading experience that Bitcoinica brought to the world would not have been possible without Zhou Tong's brave innovation. In light of rapid growth, it was prudent to bring in a larger team with diverse technical specialties, including security. This occurred officially last month when the Bitcoinica Consultancy team stepped in as managers and operators of the business. A transition period ensued. A new platform was conceived which would strengthen Bitcoinica in the long term but took focus away from the present system in the short term. The recent security breach was not beyond our team's skills to prevent. We know better. But we did not address relevant issues as quickly as was needed.

So, what are we going to do about it?

We are choosing to leave Bitcoinica offline until such time as a new platform can be built and tested with security best-practices built-in from scratch. We do not yet have a firm estimate for availability but it will most probably be measured in months.

We will set up a process in the short term for users to withdraw their funds. Further details will be provided once we determine the best approach.

We thank you in advance for your patience. And we humbly apologize for this incident.
aimbot
Newbie
*
Offline Offline

Activity: 5



View Profile
July 25, 2012, 10:30:57 PM
 #4

Wow!  Thanks for the info on Bitcoinica.  If a thief wants something bad enough, than they will eventually find a way to get it. 
Taz
Full Member
***
Offline Offline

Activity: 210



View Profile
July 25, 2012, 10:57:21 PM
 #5

Sure everyone involved is still real pissed,
but will they hold it against bitcoinica forever?
Bastone
Newbie
*
Offline Offline

Activity: 29


View Profile
July 26, 2012, 12:42:41 AM
 #6

Is bitcoinica currently operating?
BitcoinNational
Legendary
*
Offline Offline

Activity: 1064


Cryptocurrency Calculator


View Profile WWW
July 26, 2012, 12:13:02 PM
 #7

The website itself doesn't do a bad job explaining what happened.

 Shocked

PRoTIGERopenUNOsmartGLOBALzeitTALKBCCBCTemdASIC<<>>::TOP50 :: BCC directory :: the media :: charity :: op420 :: 2.0 ::  diction :: UNO/XMR :: top20cons :: SMART Observer :: UNO tech :: UN<>EX :::CCtalk::sleepers<<>>✪ Pledges on the Record ✪ ✪ The Social Code of Noble Men of New & Old ✪ May2020BTC#18M
 ◣◥◣◥◣◣◥◣◥ TALK CRjt8BZu5a7YYNc4yCXD9SqztQcSjwn5eZ ◣◥◣◥◣◣◥◣◥
BadBear
v2.0
Administrator
Legendary
*
Offline Offline

Activity: 1652



View Profile WWW
July 26, 2012, 12:16:27 PM
 #8

Is bitcoinica currently operating?

No it's been shut down.

1Kz25jm6pjNTaz8bFezEYUeBYfEtpjuKRG | PGP: B5797C4F

Tired of annoying signature ads? Ad block for signatures
Taz
Full Member
***
Offline Offline

Activity: 210



View Profile
July 26, 2012, 06:48:58 PM
 #9

Quote
Claims
We apologize for this incident and the inconveniences it has caused. The incident happened during a transition period, which was initiated to bring Bitcoinica up to a professional level of security. Bitcoinica will not continue operations until the transitional process been completed.

I think they plan on starting up again if they can pay it all back first.
Would you trust them?
c0in$
Jr. Member
*
Offline Offline

Activity: 33


View Profile
July 26, 2012, 07:20:12 PM
 #10

No
asw0210
Newbie
*
Offline Offline

Activity: 14


View Profile
July 27, 2012, 07:39:35 PM
 #11


I think they plan on starting up again if they can pay it all back first.
Would you trust them?

I would trust them. I think an incident like that would be akin to breaking a bone. When the bone is healed it's stronger than it was before.

Unless it were an inside job like an autoimmune disease Cheesy
Phinnaeus Gage
Legendary
*
Offline Offline

Activity: 1302


Bitcoin: An Idea Worth Spending


View Profile
July 28, 2012, 06:47:46 AM
 #12

Quote
...blah, blah, blah...We thank you in advance for your patience. And we humbly apologize for this incident.

Update: Bitcoinica is currently considering selling Chinese relics to help compensate those... Nevermind! It seems some hacker just stole our relics.
Taz
Full Member
***
Offline Offline

Activity: 210



View Profile
July 28, 2012, 02:03:15 PM
 #13

Quote
...blah, blah, blah...We thank you in advance for your patience. And we humbly apologize for this incident.

Update: Bitcoinica is currently considering selling Chinese relics to help compensate those... Nevermind! It seems some hacker just stole our relics.

Yes Yes, learned my lesson:
"Do not talk about things of which you have no understanding."
Bitcoin Oz
Hero Member
*****
Offline Offline

Activity: 700


Wat


View Profile WWW
July 28, 2012, 02:06:05 PM
 #14

http://zhoutong.me is also down. Maybe it was all the visits from relic hunters  Cheesy

BitBuster
Member
**
Offline Offline

Activity: 101


View Profile
July 28, 2012, 03:44:55 PM
 #15

Bitcoinica tl;dr = 17 year old kid built an exchange, took everyone's money, and continues to invent spurious lies to the contrary.


BB.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!