Bitcoinica
At approximately 1:00pm GMT last Friday, the Bitcoin exchange Bitcoinica suffered a server compromise that led to the theft of their bitcoin wallet and ended in the loss of ฿18, 547 BTC—a value calculated at the current market rate of exceeding $87, 000. After this happened, Bitcoinica was quick to reveal the information but few details on their blog.
According to Bitcoinica, this represents only a fraction of the total of their bitcoins and withdrawal requests will be honored; but they have suspended operations while the investigation proceeds. The exchange also believes that the database itself was compromised.
This particular breach comes after a months of repeated, serious wallet compromises where massive numbers of bitcoins have been stolen or lost. In early March, a Linode server hack caused the loss of ฿46, 703 BTC (worth $228, 845 at the time) with the largest fraction of nearly ฿43, 000 BTC of the loss coming out of Bitcoinica’s pockets. In August 2011, Bitomat lost their wallet with almost ฿17, 000 BTC due to a backup failure when using Amazon’s elastic-computing cloud. Also in that same month, MyBitcoin.com disappeared with $250, 000 worth of BTC. Finally, starting the long-line of targeted attacks against Bitcoin wallets and exchanges (or just plain bugs) was the hack against MtGox last year in June—the nascent currency hasn’t caught a break with breaches, insecurity, and bugs since it started to gain widespread publicity.
Since bitcoins aren’t just numbers in a bank, and it’s possible to steal them by just copying them out of a wallet and then transferring them, they make a pronounced low-hanging-fruit to hackers looking to make a quick buck. MtGox and other exchanges have seen huge amounts of expenditure and investment into making their own severs more secure against invasion since last June; but it’s obvious that the digital nature of bitcoins are changing the face of the digital heist—and Bitcoinica is the latest victim of a vast loss.
According to posts on the Bitcoin Talk forums, left by Bitcoinica CEO Zhou Tong, the hackers appear to have breached root access at their server host at Rackspace discovered via a massive transfer of bitcoins from the given wallet from what appeared to be one of the site administrators. To this extent, it’s suspected that the Rackspace password was changed by attackers via the password-recovery mechanism and an intercepted e-mail. Amidst the comments, some respondents criticized Bitcoinica for not using better security such as two-factor password recovery and offline cryptographic storage for the bitcoin wallet.