Bitcoinica Breach Nets Hackers $87,000 In Bitcoins 196
dynamo52 sends this quote from Ars about a breach involving a Bitcoin exchange:
"More than $87,000 worth of the virtual currency known as Bitcoin was stolen after online bandits penetrated servers belonging to Bitcoinica, prompting its operators to temporarily shutter the trading platform to contain the damage. Friday's theft came after hackers accessed Bitcoinica's production servers and depleted its online wallet of 18,547 BTC, as individual Bitcoin units are called, company officials said in a blog post published on Friday. It said the heist affected only a small fraction of Bitcoinica's overall bitcoin deposits and that all withdrawal requests will be honored once the platform reopens."
Reader linhares points out a forum post discussing how the attacker(s) hinted at a 'mass leak' in the near future. This attack comes shortly after a leak of a different sort — an FBI document (PDF) about Bitcoin found it way onto the internet. It seems they're worried about the virtual currency's potential use in criminal activities.
The root cause of this problem is an email server (Score:5, Interesting)
From https://bitcointalk.org/index.php?PHPSESSID=a5fdf1db75465f52e9f1ebb06e67b70e&topic=81045.380 [bitcointalk.org]:
"The root cause of this problem is an email server compromise. The email server belongs to one of our team members."
Really? Does their server really send (unencrypted) emails with root passwords to their entire system? Or did the email server just happend to have root access? I don't even know what possibility is worst.
The unparalleled transparency of Bitcoin (Score:4, Interesting)
Re:That last bit there in the summary... (Score:5, Interesting)
Geeks have trouble with this concept, they get all overly literal about shit and think that if something is ok to do under any condition, it is ok to do under all conditions.
That is, of course, not the case. In the law, intent quite often matters. Also what you actually do with it matters as well. If you actually go and buy drugs with the alternate currency you bought then yes, that can be used as evidence of money laundering.
The other part of the problem is that geeks seem to have trouble with the concept of "reasonable doubt" at times. They think if they can cook up any alternate explanation for an action, no matter how far fetched, a jury should have to accept it and they'd get off. Again, not how it works. It isn't beyond any doubt, just beyond a reasonable one.
So yes, if you buy bitcoins for the purpose of buying drugs, they could nail you for money laundering and likely make it stick.
Re:And nothing of value was lost. (Score:4, Interesting)
May I suggest you check out this graph [bitcoincharts.com]?
Re:And nothing of value was lost. (Score:4, Interesting)
I continue to operate my bitcoin business selling stickers, shirts, and things of interest to bitcoiners. Now it has been a year and it is still growing each month. I sell stuff for bitcoin and buy other things I need or simply cash out via local trade (for USD). I have about 1/3 the fees of PayPal and far less risk. This allows me to sell to people overseas much more safely and as it turns out about half my sales are overseas.
Bitcoin works for me.
Re:And nothing of value was lost. (Score:5, Interesting)
When the Internet Fun Bucks are specifically made to be a libertarian free market ideal of untraceable cash, yes.
Re:The root cause of this problem is an email serv (Score:2, Interesting)
Both, actually.
Apparently Bitcoinica was hosted on a VPS, and the admin control panel used the email addy's of four (five?) principals.
A pretty amateurish setup, frankly - especially when you stop to think that Bitcoinica was responsible for the majority (i.e., over 50%) of volume on MtGox.
Bitcoin itself is sound (I own some), and of an unhackable nature by design. The bitcoin infrastructure however, is... ummm... "coming along".
Re:The unparalleled transparency of Bitcoin (Score:4, Interesting)
Actually there's good reason to suspect that the big daddy of all Bitcoin organisations - MtGox - has been less than honest about its own losses to fraud and theft. Their main payment provider suffered massive fraud targetted at Bitcoin exchanges and clawed back all the fraudulent deposits, and Mt Gox's claim not to have been hit by this seemed really unlikely. As you pointed out when talking about bank theft, we only know about the ones we actually get to hear about and not the thefts that are hushed up sucessfully.