Forgot your password?
typodupeerror
Bitcoin Bug Security

More Bitcoin Exchanges Forced Out of Sync After Massive DDoS Attack 135

Posted by Unknown Lamer
from the just-a-small-bug dept.
An anonymous reader tipped us to news that several Bitcoin exchanges have joined Mt Gox in suspending withdrawals after being forced out of sync with the Bitcoin network at large. After Mt Gox blamed transaction malleability for forcing them to suspend withdrawals, miscreants started flooding at least Bitpay and Btc-e with bogus transactions. Quoting the Bitcoin Foundation: "Somebody (or several somebodies) is taking advantage of the transaction malleability issue and relaying mutated versions of transactions. This is exposing bugs in both the reference implementation and some exchange’s software. We (core dev team, developers at the exchanges, and even big mining pools) are creating workarounds and fixes right now. This is a denial-of-service attack; whoever is doing this is not stealing coins, but is succeeding in preventing some transactions from confirming. It’s important to note that DoS attacks do not affect people’s bitcoin wallets or funds. "
This discussion has been archived. No new comments can be posted.

More Bitcoin Exchanges Forced Out of Sync After Massive DDoS Attack

Comments Filter:
  • by Minwee (522556) <dcr@neverwhen.org> on Wednesday February 12, 2014 @12:41PM (#46229475) Homepage

    If I didn't know better I would suspect that the best time to invest in BTC futures would be about five seconds before the DDoS stopped.

    I'll leave you to guess who is in the best position to profit from that.

  • by Sockatume (732728) on Wednesday February 12, 2014 @01:06PM (#46229743)

    I'm going to go out on a limb here and say that "+5 Funny" was probably not the moderation you were looking for.

  • Re:But, but.... (Score:5, Insightful)

    by bobbied (2522392) on Wednesday February 12, 2014 @01:46PM (#46230091)

    Everyone was saying, "Bitcoin is just like currency, man, only better."

    It is, especially if you are trying to pump, dump or crash and buy the things for profit. If a DOS attack can drive the price down and DOS attacks are fairly easy to do, you can bet somebody will try it.

  • So relieved... (Score:3, Insightful)

    by AudioEfex (637163) on Wednesday February 12, 2014 @01:58PM (#46230261)

    "Itâ(TM)s important to note that DoS attacks do not affect peopleâ(TM)s bitcoin wallets or funds."

    Oh good. That should make folks feel so much better. I know I always feel safe when my bank goes down cascading with other banks to know my funds are "safe", I've just had my access to them taken away for an unspecified time frame due to their theoretical safeguards that are largely untested and fall prey to the most basic, grade-school level Internet "hacking" (DDoS) which is more akin to a prank when compared to a real attack.

    Ladies and gentlemen, may I present to you - the beginning of the end of the Bitcoin bubble. When those exchanges go back up those Bitcoins are going to be ripped out of there and anyone who isn't completely daft will sell them off , take what cash they can get and run.

  • by bobbied (2522392) on Wednesday February 12, 2014 @01:59PM (#46230275)

    Some of the best hackers work for governments. This may be an attempt to destroy digital currency so that people are forced to contend with the historical money makers.

    I'm not into conspiracy theories. Government doesn't really care about BTC, as long as you are not using it to do shady things. This is just common hacking by brighter than average people with less than ideal morals who are out to make a buck. *Somebody* has figured out that money can be made doing this. Now if they are clearing millions or just enough to pay for the pizza is the real question.

    IF the government wanted to end BTC, there are better and easier ways that would be a lot less complex and straight forward. No, this is just some yahoo's who figured out how to make a few bucks by tweaking things. More will come though, as organized crime gets into this technique. The swings will get bigger and bigger until they "fix" the processing of transactions to avoid the problem (assuming they can).

    I'd be (and I am) out of BTC trading with any money you cannot afford to loose.... Way too risky, even for the kids inheritance money.. If you want to use your slot machine mad money here, it might be better odds, but just barely. (Not as entertaining though.)

  • by bobbied (2522392) on Wednesday February 12, 2014 @02:07PM (#46230337)

    When will the gullible finally wise up?

    When their money is gone of course. (Or more to the point, when THEY cannot get their money back when they need it.)

    Just remember though, only THEN they will demand government regulation. Before that it is all about the government not having any business regulating what they want to do. After they are fleeced, they will demand a bail out and rules.

  • by QilessQi (2044624) on Wednesday February 12, 2014 @02:33PM (#46230609)

    Hmm. If I recall correctly, flooding a country with counterfeit currency to destabilize its financial system has actually been done (or at least proposed) before.

    What's interesting about this DOS attack is it doesn't matter if every single counterfeit transaction is discovered as such and rejected... what's being attacked is the efficiency of the system itself. If transactions get inefficient enough, the currency becomes burdensome to use, so people forgo it and turn to other mediums of exchange.

    (Whether you're a BTC fan or not, it's fascinating to watch Bitcoin's pristine mathematical world rocked by thousands of years of lessons-learned in real world financial competition. Vires in Numeris indeed.)

  • by RightSaidFred99 (874576) on Wednesday February 12, 2014 @02:37PM (#46230653)

    It might be, and I think your general approach might be sound if the very concept of bitcoin wasn't FUCKING RETARDED .

  • by sjbe (173966) on Wednesday February 12, 2014 @02:37PM (#46230657)

    You can bet your ass that this is state funded, if not directly state sponsored.

    Right. Let's see, what's more likely? The US government going to the trouble to hire hackers all hush hush to screw around with bitcoin exchanges using annoying but ultimately pointless attacks OR the government simply exercising its law making powers? (hint, the answer is the second one)

    No, this sort of attack is the work of criminals of some sort. Maybe of the organized crime sort or maybe simply the bored hacker kind. I don't pretend to know. It makes no sense whatsoever to think this was state sponsored.

    The government doesn't have to engage in hacking to mess with bitcoin in underhanded ways that aren't going to have any lasting effect. If the government decides to go after bitcoin it will be more shock and awe, not ineffective commando raids.

  • by Animats (122034) on Wednesday February 12, 2014 @03:40PM (#46231371) Homepage

    This isn't a "government conspiracy" sending out bogus transactions. It's some jerk.

    If you need to sell Bitcoins right now, Coinbase and Kraken are still up and running. Bitstamp is off line, and Mt. Gox is, as usual, screwed up. Mt. Gox hasn't paid out US dollars since June 2013. Whether they are incompetent, broke, or crooked is a subject of considerable speculation.

    There's a technical fix in the works, but it will have the annoying side effect that when you spend Bitcoins in your own wallet, some Bitcoins you are not spending will be tied up for an hour or so. Bitcoin wallets don't really have an "account balance". What they have is a collection of items of different values. When you spend Bitcoins, the wallet software tries to put together a set of items that's over the value to be spent, with one output to the recipient and one output ("change") sent back to you.

    Until now, you could can spend that "change" immediately, even though the distributed network hadn't yet confirmed it. It looks like that will be disallowed, and only confirmed items will be usable. The way this looks to the user with a wallet program is that you have a "Balance" and an "Unconfirmed" amount. Soon, when you spend, the "Unconfirmed" amount (which you can't spend) will go up for a while, then go to zero when the network catches up. Bitcoin is a distributed "consistent eventually" system. "Eventually" is about an hour. Longer during busy periods. (That's the next Bitcoin problem. The whole network has a limit of about 7 transactions per second. A few times in 2013, that limit was hit.)

    Expect everyone except Mt. Gox to have this straightened out in a few days.

  • by dbIII (701233) on Wednesday February 12, 2014 @06:37PM (#46233175)
    No. It's intended to fleece gullible geeks that see something that looks like shiny cryptocurrency but is instead an empty promise.

Our business in life is not to succeed but to continue to fail in high spirits. -- Robert Louis Stevenson

Working...