Bitcoin Forum
September 26, 2021, 02:50:50 AM *
News: Latest Bitcoin Core release: 22.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 »  All
  Print  
Author Topic: Expert Input Only: How Is A Cold Wallet Bter Exchange Hack Possible?  (Read 3351 times)
Sage
Hero Member
*****
Offline Offline

Activity: 632
Merit: 500


View Profile
February 15, 2015, 10:14:49 PM
 #1

Unless it's an inside job, how could a remote hacker get access to a cold wallet?

"7170 BTC got stolen from our cold wallet in this transaction:

https://blockchain.info/tx/f5b0363f03e1ed8bb812c135361ea93590c831ce9f13a3750be1b93575baccc6"

(quoting from Bter.com)

Please don't comment unless you know what you're talking about.
1632624650
Hero Member
*
Offline Offline

Posts: 1632624650

View Profile Personal Message (Offline)

Ignore
1632624650
Reply with quote  #2

1632624650
Report to moderator
1632624650
Hero Member
*
Offline Offline

Posts: 1632624650

View Profile Personal Message (Offline)

Ignore
1632624650
Reply with quote  #2

1632624650
Report to moderator
1632624650
Hero Member
*
Offline Offline

Posts: 1632624650

View Profile Personal Message (Offline)

Ignore
1632624650
Reply with quote  #2

1632624650
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1632624650
Hero Member
*
Offline Offline

Posts: 1632624650

View Profile Personal Message (Offline)

Ignore
1632624650
Reply with quote  #2

1632624650
Report to moderator
1632624650
Hero Member
*
Offline Offline

Posts: 1632624650

View Profile Personal Message (Offline)

Ignore
1632624650
Reply with quote  #2

1632624650
Report to moderator
1632624650
Hero Member
*
Offline Offline

Posts: 1632624650

View Profile Personal Message (Offline)

Ignore
1632624650
Reply with quote  #2

1632624650
Report to moderator
turvarya
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


View Profile
February 15, 2015, 10:17:46 PM
 #2

It depends on what exactly they call a "cold wallet"
If it was in any way connected to a network, it was just a "normal" hack

https://forum.bitcoin.com/
New censorship-free forum by Roger Ver. Try it out.
zimmah
Legendary
*
Offline Offline

Activity: 1106
Merit: 1005



View Profile
February 15, 2015, 10:23:52 PM
 #3

a cold wallet, by definition, is not connected to the internet.

Therefore, a cold wallet can not be hacked, no matter what.

If it was hacked, it wasnt a cold wallet.
goosoodude
Hero Member
*****
Offline Offline

Activity: 584
Merit: 500



View Profile
February 15, 2015, 10:25:39 PM
 #4

It was not a true cold wallet but rather an wallet which is kept offline most of the time. When the hot wallet needs to be refilled it is brought online and that moment was used by the attacker.






██████████████████████████████████████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████████████████████████████
███████████████████████████████████████████████████████████████████████▄▄▄███████████████████████
███████████████████████████████████████████████████████████████████████▀▀▀████████████████████████
██████████████████████████████████████████████████████████████████████████████████████████████████
█████████████████████████████████████████████████████████████████████████████████████████████████





...INTRODUCING WAVES........
...ULTIMATE ASSET/CUSTOM TOKEN BLOCKCHAIN PLATFORM...






DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218
Merit: 1013


Gerald Davis


View Profile
February 15, 2015, 10:29:34 PM
 #5

Hacking a properly created cold wallet is impossible however it may not have been a properly created cold wallet
a) the wallet may have been created using compromised software (given how long the wallet has existed this is unlikely)
b) the randomly generated keys in the wallet may have had poor entropy (also unlikely)
c) the wallet was compromised due to poor signing with repeat k values (unlikely but can be verified from transaction history)
d) despite the company calling it a 'cold wallet' is wasn't a cold wallet* at all and was compromised just as any other hot wallet would be
e) someone (most likely an employee) with physical access to the cold wallet data file stole the coins

* A 'cold wallet' would be a private key or keys created by an offline machine and the private keys are never used on a machine that is or has been connected to the internet.  Signing of transactions should be done offline as well.  If you create a 'cold wallet' and then move it to a computer which is connected to the internet then it is no longer a cold wallet. 
Nixian
Member
**
Offline Offline

Activity: 81
Merit: 10


View Profile WWW
February 15, 2015, 10:38:36 PM
 #6

What dunno , still newbie , but bter use cold wallets to fill there hots, apparently 7000btc on 1 cold wallet is not done , gess bit lazzy and made redraws from cold wallet with same key multi times , is it then possible to "catch" the key and use it urself?

my 2bit :

Is this the thief ?

http://tools.tracemyip.org/lookup/46.28.204.193

Reverse DNS in-addr.arpa:
193.204.28.46.in-addr.arp­a domain name pointer hosted-by.solarcom.ch.

http://en.utrace.de/ip-address/193.204.28.46


IP Address:       193.204.28.46
ISP:       GARR Italian Research and Academic Network
Organization:       Universita' degli Studi G. D'Annunzio

https://db-ip.com/193.204.28.46

It is most likely a proxy/VPN that leads to another one and so on.
If someone wants to steal so much money, I guess they make sure to stay safe as much as possible.

Students having the know how , intrest, time and equipment , and watch the ISP Research and academic network

inBitweTrust
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500



View Profile
February 15, 2015, 10:41:22 PM
 #7

It likely was simply an inside job.

Any centralized bitcoin exchange that doesn't store a majority of their clients bitcoins in multiple multisig cold wallets with good physical security is acting wildly irresponsible at this point in the game.

redsn0w
Legendary
*
Offline Offline

Activity: 1778
Merit: 1042


#Free market


View Profile
February 15, 2015, 10:46:43 PM
 #8

It likely was simply an inside job.

Any centralized bitcoin exchange that doesn't store a majority of their clients bitcoins in multiple multisig cold wallets with good physical security is acting wildly irresponsible at this point in the game.

Indeed if these exchanges will not start to use multiSig I think a lot of people will start to keep their coin in own wallets. Remember : an exchange is not a bank.

For example why aren't they using greenAddress for their cold wallet ?
VOR
Newbie
*
Offline Offline

Activity: 21
Merit: 0


View Profile
February 15, 2015, 10:51:08 PM
 #9

they are either from the future and computed the corresponding private key to the cold wallet using an array of quantum computers, or it was an inside job.

i dont get how its finally possible to control your own funds such as with bitcoin, and people go and relinquish that control to someone else. 
Q7
Sr. Member
****
Offline Offline

Activity: 448
Merit: 250


View Profile WWW
February 15, 2015, 10:56:03 PM
 #10

It shouldn't be too difficult to figure out who did this. If it has multi sig or multiple factor authentication enabled on a cold wallet, it would be almost impossible to pull off that stunt.

leopard2
Legendary
*
Offline Offline

Activity: 1372
Merit: 1011



View Profile
February 15, 2015, 11:03:02 PM
 #11

Hacking a properly created cold wallet is impossible however it may not have been a properly created cold wallet
a) the wallet may have been created using compromised software (given how long the wallet has existed this is unlikely)
b) the randomly generated keys in the wallet may have had poor entropy (also unlikely)
c) the wallet was compromised due to poor signing with repeat k values (unlikely but can be verified from transaction history)
d) despite the company calling it a 'cold wallet' is wasn't a cold wallet* at all and was compromised just as any other hot wallet would be
e) someone (most likely an employee) with physical access to the cold wallet data file stole the coins

* A 'cold wallet' would be a private key or keys created by an offline machine and the private keys are never used on a machine that is or has been connected to the internet.  Signing of transactions should be done offline as well.  If you create a 'cold wallet' and then move it to a computer which is connected to the internet then it is no longer a cold wallet. 

a==b) was the case with the blockchain hack, wasn't it? Just that it was a white hat hacker at the time.

Truth is the new hatespeech.
redsn0w
Legendary
*
Offline Offline

Activity: 1778
Merit: 1042


#Free market


View Profile
February 15, 2015, 11:06:55 PM
 #12

Hacking a properly created cold wallet is impossible however it may not have been a properly created cold wallet
a) the wallet may have been created using compromised software (given how long the wallet has existed this is unlikely)
b) the randomly generated keys in the wallet may have had poor entropy (also unlikely)
c) the wallet was compromised due to poor signing with repeat k values (unlikely but can be verified from transaction history)
d) despite the company calling it a 'cold wallet' is wasn't a cold wallet* at all and was compromised just as any other hot wallet would be
e) someone (most likely an employee) with physical access to the cold wallet data file stole the coins

* A 'cold wallet' would be a private key or keys created by an offline machine and the private keys are never used on a machine that is or has been connected to the internet.  Signing of transactions should be done offline as well.  If you create a 'cold wallet' and then move it to a computer which is connected to the internet then it is no longer a cold wallet. 

a==b) was the case with the blockchain hack, wasn't it? Just that it was a white hat hacker at the time.


Yes, 1000 btc sent back to blockchain.info. Here the thread : https://bitcointalk.org/index.php?topic=581411.0
RocketSingh
Legendary
*
Offline Offline

Activity: 1627
Merit: 1038


View Profile
February 15, 2015, 11:21:31 PM
 #13

Hacking a properly created cold wallet is impossible however it may not have been a properly created cold wallet
a) the wallet may have been created using compromised software (given how long the wallet has existed this is unlikely)
b) the randomly generated keys in the wallet may have had poor entropy (also unlikely)
c) the wallet was compromised due to poor signing with repeat k values (unlikely but can be verified from transaction history)
d) despite the company calling it a 'cold wallet' is wasn't a cold wallet* at all and was compromised just as any other hot wallet would be
e) someone (most likely an employee) with physical access to the cold wallet data file stole the coins

* A 'cold wallet' would be a private key or keys created by an offline machine and the private keys are never used on a machine that is or has been connected to the internet.  Signing of transactions should be done offline as well.  If you create a 'cold wallet' and then move it to a computer which is connected to the internet then it is no longer a cold wallet. 

How does the creator of a cold wallet will know that his generated keys are not of poor entropy ?
BlindMayorBitcorn
Legendary
*
Offline Offline

Activity: 1260
Merit: 1107



View Profile
February 15, 2015, 11:25:20 PM
 #14

they are either from the future and computed the corresponding private key to the cold wallet using an array of quantum computers, or it was an inside job.

i dont get how its finally possible to control your own funds such as with bitcoin, and people go and relinquish that control to someone else.  

...so they are from the future? Shocked

Forgive my petulance and oft-times, I fear, ill-founded criticisms, and forgive me that I have, by this time, made your eyes and head ache with my long letter. But I cannot forgo hastily the pleasure and pride of thus conversing with you.
cryptworld
Hero Member
*****
Offline Offline

Activity: 714
Merit: 503



View Profile
February 15, 2015, 11:27:43 PM
 #15

Hacking a properly created cold wallet is impossible however it may not have been a properly created cold wallet
a) the wallet may have been created using compromised software (given how long the wallet has existed this is unlikely)
b) the randomly generated keys in the wallet may have had poor entropy (also unlikely)
c) the wallet was compromised due to poor signing with repeat k values (unlikely but can be verified from transaction history)
d) despite the company calling it a 'cold wallet' is wasn't a cold wallet* at all and was compromised just as any other hot wallet would be
e) someone (most likely an employee) with physical access to the cold wallet data file stole the coins

* A 'cold wallet' would be a private key or keys created by an offline machine and the private keys are never used on a machine that is or has been connected to the internet.  Signing of transactions should be done offline as well.  If you create a 'cold wallet' and then move it to a computer which is connected to the internet then it is no longer a cold wallet. 

thanks for that explanation, I was wondering what could happen
itod
Legendary
*
Offline Offline

Activity: 1750
Merit: 1034


^ Will code for Bitcoins


View Profile
February 16, 2015, 12:02:37 AM
 #16

When the hot wallet needs to be refilled it is brought online and that moment was used by the attacker.

Hot wallets are refiled without bringing cold wallet online. You sign the refill transaction on the cold wallet machine, copy it to the USB drive without ever bringing it online, and then broadcast signed transaction from any other computer which is connected to the internet. Cold wallet by definition cannot be "hacked" in the strict sense, unless you call hacking gaining physical access to the offline computer and copying private key from it on some media, or changing it's software to use weak random number generator.
charleshoskinson
Legendary
*
Offline Offline

Activity: 1134
Merit: 1008

CEO of IOHK


View Profile WWW
February 16, 2015, 02:29:05 AM
 #17

We spent months thinking about vectors of attack at Ethereum regarding the ether sale funds. Generally speaking, if the funds are in a cold wallet then either social engineering or inside theft are the two viable attacks. this said, it is possible if the cold wallet is stored in a digital format on a computer not connected to the internet that one could perform a stuxnet style attack piggybacking on a flash drive to introduce an APT. But no, someone internal stole the funds most likely. 

The revolution begins with the mind and ends with the heart. Knowledge for all, accessible to all and shared by all
Beymond
Sr. Member
****
Offline Offline

Activity: 462
Merit: 250



View Profile
February 16, 2015, 02:59:48 AM
 #18

Their Cold wallet was really messed up , obviously being using to transfer funds to hot wallet's at time's
For that they should have kept two cold wallet's , one with small amount and other main cold wallet
Troonetpt
Sr. Member
****
Offline Offline

Activity: 322
Merit: 250


View Profile
February 16, 2015, 03:33:40 AM
 #19

A. It's not a really cold wallet.
B. It's a inside job.
Must one of them.
hilariousandco
Global Moderator
Legendary
*
Offline Offline

Activity: 2856
Merit: 2047


Join the world-leading crypto sportsbook NOW!


View Profile
February 16, 2015, 06:17:08 AM
 #20

Hacking a properly created cold wallet is impossible however it may not have been a properly created cold wallet
a) the wallet may have been created using compromised software (given how long the wallet has existed this is unlikely)
d) despite the company calling it a 'cold wallet' is wasn't a cold wallet* at all and was compromised just as any other hot wallet would be
e) someone (most likely an employee) with physical access to the cold wallet data file stole the coins

Most likely one of these but I'm more inclined to believe an inside job.

  ▄▄█████▄▄███████▄▄
 ███████████
     ▀▀███▄
█████████████        ▀██▄
█████████████          ██▄
███████████            ██▄
██▀▀█████▀▀              ██
██                       ██
██                       ██
▀██                     ██▀
 ▀██                   ██▀
  ▀██▄               ▄██▀
    ▀███▄▄       ▄▄███▀
       ▀▀█████████▀▀
███████████    LEADING CRYPTO SPORTSBOOK & CASINO    ███████████
MULTI
CURRENCY
1500+
CASINO GAMES
CRYPTO EXCLUSIVE
CLUBHOUSE
FAST & SECURE
PAYMENTS
..PLAY NOW!..
Pages: [1] 2 3 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!