Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Bitcoin Security Crime Social Networks The Almighty Buck Technology

DNS Hijack Leads To Bitcoin Heist 126

Posted by timothy from the don't-make-trouble-nobody-gets-hoit dept.
First time accepted submitter FearTheFez writes "Social Engineering and poor DNS Security lead to a Bitcoin heist worth about $12000. Bitcoin broker Bitinstant was robbed after thieves managed to take over ownership of their domains. While Bitinstant claims that no customers lost any money, without 2 factor authentication all it took was a place of birth and a mothers maiden name to gain access. This looks like poor security from everyone involved."
This discussion has been archived. No new comments can be posted.

DNS Hijack Leads To Bitcoin Heist More

DNS Hijack Leads To Bitcoin Heist

Comments Filter:

  • Re:Non story (Score:5, Interesting)

    by mkraft ( 200694 ) on Saturday March 09, 2013 @03:22AM (#43124381)

    If a standard currency exchange was robbed for $12,000 we would not even read the story. This is a trivial crime and of little interest. It serves more as a warning rather than as a bank robbery story. I hope that those that are concerned learn from this but if this is the crime of the century in the Bitcoin world then they are doing really well.

    No, the Bitcoin crime of the century was last year when the same server was hacked twice, to a tune of several hundred thousand dollars, as mentioned in TFA. Bitcoin hacks are becoming more and more common, so it's only a matter of time before that amount is surpassed.

    Personally I don't see the point of bitcoins. I don't pay for everything in cash in the real world because it lacks the protections that other payment methods have. I don't see a reason to use a digital equivalent of cash in the online world. Bitcoins' anonymity might be it's biggest strength, but it's also it's biggest weakness.

  • what, only 300 BTC ? (Score:4, Interesting)

    by Janek Kozicki ( 722688 ) on Saturday March 09, 2013 @04:53AM (#43124595) Journal
    You talk here about theft worth only 300 BTCs or 12 000$

    Well, I can only conclude that overall BTC security maybe has improved. Recall previous thefts worth of 25 000 BTC or 500 000$ [bitcointalk.org] (at that time) or 18 547 BTC or 87 000$ [slashdot.org] (at that time).

    Why such conclusion? Well, if those evil people started to go after such low-profile target, it *can* mean that all high profile targets have adequate security.

  • Re:So what can you buy with bitcoins? (Score:3, Interesting)

    by Anonymous Coward on Saturday March 09, 2013 @05:35AM (#43124669)

    yelling filter blablablabla but the point is,

    The point is that anyone who answers stereotypical "security" questions with factual information is a complete and utter moron.

    My mother's maiden name is Banana. My favorite color is Jupiter Capitolinus. My first car was Abraham Lincoln. Come at me, Facebook Data Scrapers.

  • Re:Non story (Score:3, Interesting)

    by IamTheRealMike ( 537420 ) on Saturday March 09, 2013 @11:59AM (#43125845)

    The DNS registrar actually spoke about this incident publicly - it turns out that there was no social engineering, BitInstant just selected dumb security questions/answers when they registered the domain name. It's poor security on BitInstants part, no more or less.

Slashdot Top Deals

The Tao is like a glob pattern: used but never used up. It is like the extern void: filled with infinite possibilities.

Close