Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Bitcoin Security

Bitstamp Bitcoin Exchange Suspended Due To "Compromised Wallet" 161

twitnutttt writes Customers of Bistamp, the successor (until recently) to MtGox as the highest-volume dollar-denominated Bitcoin exchange, and still the preferred source of trading data for many technical analysts, sent an email at about 4:00 UTC today warning that, "Today our transaction processing server detected problems with our hot wallet and stopped processing withdrawals." They also instructed users to stop sending any deposits immediately or they may be lost. The Bitstamp website has now also suspended all exchange/trading services, and the homepage contains only a maintenance message warning users of a "compromised" wallet. Numerous references to security imply that this is a hacking attack, but Bitstamp reassures that they maintain "more than enough offline reserves to cover the compromised bitcoins."
This discussion has been archived. No new comments can be posted.

Bitstamp Bitcoin Exchange Suspended Due To "Compromised Wallet"

Comments Filter:
  • by Sarten-X ( 1102295 ) on Monday January 05, 2015 @11:03AM (#48736877) Homepage

    I now have "Another One Bites The Dust" in my head.

    Anybody have any better music suggestions appropriate for this story?

    • Anybody have any better music suggestions appropriate for this story?

      I tend to reference Dylan's Everthing is Broken [vimeo.com] for most software projects, seems apropos for Bitcoin in general.

      • by msauve ( 701917 )
        I was thinking more of Subterranean Homesick "the pump don't work 'cause the vandals took the handle" Blues.
        • “How far are y’all going?” Ruby asked us with a sigh
          “We’re going all the way ’til the wheels fall off and burn
          ’Til the sun peels the paint and the seat covers fade and the water moccasin dies”
          Ruby just smiled and said, “Ah, you know some babies never learn”

    • "Money" by Pink Floyd....
    • Living on a prayer. Oops, I did it again.
    • Well, the one you should be listening to is "The Who - Won't Get Fooled Again". CSI Miami's theme song is awesome and only Lt. Horatio Caine can only deliver the line, "You have no idea..."

      Yeah!

    • Piece of Crap by Neil Young.

      https://www.youtube.com/watch?... [youtube.com]

    • I wouldn't call it "biting the dust" yet. If the summary is correct, one wallet used as an intermediate to their offline storage was compromised, and Bitstamp has enough assets to replace the missing coins and continue operating. It's like Wal-Mart having one of their cash registers robbed.

      Granted that's a pretty big "if", but it's the way they SHOULD be operating, especially after MtGox. If the site is still down a week or two later with nothing but empty platitudes from the operators, then you can call i
  • by fuzzyfuzzyfungus ( 1223518 ) on Monday January 05, 2015 @11:03AM (#48736893) Journal
    It's a terrible sign of the times that this is so; but it's so goddamn heartwarming to see that we at least have some financial institutions around that aren't too big to fail...
  • Somehow banks... (Score:4, Insightful)

    by TWX ( 665546 ) on Monday January 05, 2015 @11:06AM (#48736911)
    ...with the regulations in place that generally put limits on their bad behavior, aren't looking so bad now, are they?

    And for those who want to go off on overdraft fees, you can have your account set to simply not let you go overdraft. It'll deny any transactions that would let you overdraft though, so it's a catch-22.

    I have no love for big banks, but at least there are rules governing how my accounts are handled, they can't brazenly steal all my money in one swoop.
    • by Anon-Admin ( 443764 ) on Monday January 05, 2015 @11:21AM (#48737069) Journal

      Right, regulations help.

      Back some years ago I was using a bank that over drafted me. I say they over drafted me because they showed an ATM withdraw some 50 miles from where I was that caused my account to over draft.

      I had paid the overdraft fees and explained to them that I could not have been there to withdraw the $62 they claim. The lady tells me that as per bank policy I am responsible for the first $50 lost from the account and there would be a $10 "search" fee for them to research what had happened and determine if I had withdrawn the money or it was a bank error. My simple question, "If it turns out to be a bank error do i get my $52 back?" Well no, as per policy I was responsible for the first $50 lost so I would only get $2 back.

      I told them to do the research, give me my $2 and close my account. The bank persons response, "Absolutely, there is a $2 filing fee to start the search, $10 for the search, and you are responsible for the first $50 lost. Then there will be a $15 fee to close out your account."

      It amazes me how they lost the exact amount that it would require to $0 out. I close that account and simply moved of. The moral of this story is you may have faith in religion, with all others watch your ass because they will take all they can get.

      • by msauve ( 701917 )
        That's nothing. They wanted a fee to close an account, so I just planned to run it close to 0 and let it sit. They'd eventually figure out that mailing monthly statements was costing them money, and close it on their own. So, I used a debit card, but accidentally tried to pay a bit more than was in the account (by $1 or $2). That kicked off some fee (not overdraft, since they declined the transaction), which they promptly took out of the account, making it overdrawn. So, they could overdraw the account, eve
        • Say hello to ChexSystems

          https://www.consumerdebit.com/... [consumerdebit.com]

          Unlike credit reporting there is no time limit on it and banks will refuse to issue you an account based on the information. I know because the bank that I closed the account on charged me an account fee after the account was close. I was never notified so did not know it was there. Some years later (10) when trying to change banks I was declined because that was in the chexsystems report. The original bank had gone bust, been sold to another bank tha

          • by msauve ( 701917 )
            Doesn't matter. The account was not a personal one, but for a small business which no longer exists. There's not even a rock to try and squeeze blood from.
      • ...work to prevent that nonsense. It's not a perfect system but the good thing is that there is a regulatory body that can fix the bad parts (if it wants to by choice or by will of the people).

        With bitcoin it's "love it or leave it".

        Sure you can say bitcoin is not the problem it's the businesses handling them but when the defacto standard is amass and implode it's a symptom of bitcoin because other currencies don't seem to have that issue.

        • ...work to prevent that nonsense. It's not a perfect system but the good thing is that there is a regulatory body that can fix the bad parts (if it wants to by choice or by will of the people).

          With bitcoin it's "love it or leave it".

          You do realize that regulations against a bank fleecing its customers have nothing to do with the currency system in use, right?

          Sure you can say bitcoin is not the problem it's the businesses handling them but when the defacto standard is amass and implode it's a symptom of bit

    • ...generally make everyone think that they do some good. And banks still fail - with all of your money, sometimes. If they don't it is not because of regulations. It is just because they have better return this way.
    • Re: Somehow banks... (Score:3, Informative)

      by Anonymous Coward

      The solution isn't regulation.

      The solution is innovation.

      These 1st generation exchanges don't use multiparty keys. So they have to keep all the bitcoins on hand. This makes them big fat targets.

      Gen 2 exchanges will be decentralized and use m of n keys to protect the funds and simultaneously NOT hold the funds on hand themselves.

      Very smart people are already working on this problem.

      The LAST thing we need is red tape screwing up the innovation economy.

      Decentralized exchanged already exist in one form or anoth

      • by jellomizer ( 103300 ) on Monday January 05, 2015 @11:49AM (#48737369)

        Innovation like being able to have low interests on a high risk loan. By selling fractions of that loan across many organizations so the liability of any one loan isn't so great.

        This seemed like a good idea at the time. The person getting the loan can get a low interest payment, the person who is selling the loan can get the commission for the loan, the sub prime lenders make out as they get for the most part their money back....
        Just as long as the economy doesn't sink, and those high risk individuals start dropping out in droves. Meaning you have a lot of assets in high risk loans which are failing.
        Because while the risk was reduced for the individual purchase, the risk was increased over the aggregate.

        Now during the boom time, this was seen by most people as a good thing. They were worrying about the housing market to pop, but not on the fact the lenders were loading up on high risk loans. Because as most people saw it. That these people can get low interest rates for homes, thus improving the number of home owners that can build wealth over time.

      • Very smart people are working on how to crack any technical security measure you might come up with.

    • If Bitstamp did get hacked, then what regulation do you have in mind? "Don't get hacked" is not something you really need a regulation for.

      Maybe you meant regulations in general that make it hard for new/small companies to handle money. Assuming there's a correlation between bigness and competence is ...... optimistic.

      I think the main reason we don't see this happening so much in the banking space is that banks will work together to reverse transactions when possible, and all accounts are ID verified, where

      • by tlhIngan ( 30335 )

        If Bitstamp did get hacked, then what regulation do you have in mind? "Don't get hacked" is not something you really need a regulation for.

        Maybe you meant regulations in general that make it hard for new/small companies to handle money. Assuming there's a correlation between bigness and competence is ...... optimistic.

        I think the main reason we don't see this happening so much in the banking space is that banks will work together to reverse transactions when possible, and all accounts are ID verified, where

    • yes, they can in fact steal all your money in one swoop, if your account is inactive for a period of time. Those vipers with lawmakers in their pockets give themselves a license to steal.

      • by bws111 ( 1216812 )

        Not in the US. Unclaimed money from dormant accounts is transferred to the state. You can reclaim it from the state.

  • So who still thinks Bitcoin is a usable practical idea?

    • Me. We had a few bank runs here. Cash is not practical. No technology is perfect.
      • by jareth-0205 ( 525594 ) on Monday January 05, 2015 @11:31AM (#48737193) Homepage

        With the massive caveat that real money banks are backed and insured at the state-level (atleast in Europe, where most governments guarantee a certain amount of savings), while who the hell knows how well these websites are capitalised and secured.

        • Backed and Insured are the result of banks failing previously. In the end, the tax payers are liable for bank failures (see the last 8 years or so), and banks still fail. The fact that you're not seeing the direct results of those failures personally, doesn't mean they aren't happening.

          The only thing different between BitCoin failures and Bank failures is that the end users is insulated from their choice in banking systems, and not so much in BitCoin systems.

          IMHO the "legitimate" banking systems are more pr

          • I think it depends *where* you insure. Like insuring consumer deposits is a good idea because you personally losing all your money to a collapsing bank is catastrophic for you, and it's not like banks would act irresponsibly because they know their *customers* were safe, like they care about their customers. Insuring the entire organisation, which is what we effectively got with TooBigToFail, does make them irresponsible yes because then the existence of the bank itself that employs the people that might ac

            • TooBigToFail is a new problem. Because for Captialism to work properly, the people holding the stock of the companies that are failing need to feel the pain. The fact that TooBigToFail doesn't hurt anyone but tax payers, most of whom don't have any interest in those things failing (i.e. Middle Class). Yes, bank failures hurt, they hurt some, they hurt everyone, they hurt. The problem is, they don't hurt the right people at the right time. Risk avoidance is no longer even a consideration, which is how we got

      • Cash is not practical? Damn, why have we been using it for the past 2,700 years?
        • It is not practical for _everything_. Then again, cash is just as vulnerable to theft, inflation, loss or destruction.
      • That's like saying pink sheet/OTC stocks are preferable to NASDAQ listed because "no technology is perfect".

        Bitcoin has a couple good features but the lack of regulation/oversight/accountability outweighs all of them. I'd rather use carrier pigeons to move cash.

    • The point of Bitcoin is you don't need to put your money on deposit with someone else.

      Lots of day traders and people who want to hold bitcoin for speculative purposes, but not actually use it, choose not to do this and keep their money at an exchange. But are they really Bitcoin users at that point? Or are they banking users who happen to have a BTC denominated account?

    • by MarkvW ( 1037596 )

      People who ceaselessly pump Bitcoin on the Internet think it's a good idea. An ever increasing pool of suckers helps them make money.

    • http://www.wsj.com/articles/ch... [wsj.com]

      The value of the ruble isn't the only thing that is vanishing in Russia. A Moscow hedge fund chief executive has disappeared, along with all the money in the firm's accounts.

      That's according to a stunning feature in The Wall Street Journal. Kim Karapetyan, 29, the youthful founder of Blackfield Capital CJSC, has disappeared, much to the dismay of his staff, which didn't know until a group of men charged into the firm's plush offices.

      From The Journal:

      The firm’s employe

  • I *want* to be open-minded to the idea. But most of these bitcoin exchanges strike me to be about as legit as that skeevy guy on the corner selling "legitimate" copies of movies (that are still in theaters) on DVD for $5

    • Don't worry, the tWinklevoss twins are starting a bitcoin ETF. If you can't trust them (and wall street), who can you trust? The Twinkdex(tm) -- which is not an index of twinks [urbandictionary.com] -- is based on bitcoin prices at MtGox^W Bitstamp^W uhh, well reputable bitcoin exchanges.
    • Re: (Score:3, Informative)

      by gstoddart ( 321705 )

      The entire notion of bitcoin has always seemed a little sketchy to me.

      We're going to make up a money, and we're going to simultaneously claim it's secure and private, but we'll attach every transaction to the history of the money -- and then put it in the hands of any old schmuck who makes a website.

      We'll claim to be an awesome alternative to government issued money, free of regulations and taxation, but we'll still try to be honest players (we promise). And a fucking pony.

      The whole ecosystem seems like a

      • The entire notion of bitcoin has always seemed a little sketchy to me.

        Not just sketchy, but pointless (at least to the average consumer).

        What sane person would use a debit card that mandates irreversible transactions if you are cheated by a merchant, makes you liable for all fraudulent use of the card, and takes several minutes for a purchase to be validated? Because that's basically what Bitcoin is. It's like stepping 50 years into the past, into a world without consumer protection laws.

        If you were an ea

        • by DarkOx ( 621550 )

          What sane person would use a debit card that mandates irreversible transactions

          Anyone otherwise willing to use cash I guess.

          if you are cheated by a merchant, makes you liable for all fraudulent use of the card

          You are not liable, any more liable than you are with cash, getting your bitcoin back will be at least as difficult as getting your cash back would be. You will have to file some kind civil claim and convince a judge or possibly jury the other party did not honor their part the transaction contract and you require some kind of redress.

          and takes several minutes for a purchase to be validated?

          Well yea, that is the trade off, I could easily carry a USB stick or whatever with the equivalent value of $250K in btc and go buy a house or something. Its inconvenient to walk around with that much cash. Still sever minutes is much faster than the several days a check would require to clear.

          Because that's basically what Bitcoin is. It's like stepping 50 years into the past, into a world without consumer protection laws.

          You'd better get used to it. Between the changes with chip-and-pin and ideas like CurrentC, the powers that be are pretty determined to strip those protections away from you anyway.

          • You are not liable, any more liable than you are with cash, getting your bitcoin back will be at least as difficult as getting your cash back would be. You will have to file some kind civil claim and convince a judge or possibly jury the other party did not honor their part the transaction contract and you require some kind of redress.

            Which, of course, is why people carry credit cards, because it lets them dispute the charge without going to the effort of filing a lawsuit to get redress.

            Well yea, that is th

        • Personally, I think bitcoin will always be pointless to the average consumer, because hyperinflation AND hyperdeflation are the kinds of things that normal people would be wise to avoid. But I can imagine that someone might use bitcoin or similar technology as their secret sauce to back a new kind of normal-ish credit card. If the merchants had to pay, say, 1% off the top instead of 3%, they might be open minded to new technology and new risks...

      • You're conflating a lot of different people into "we", nobody who understands how Bitcoin works (and certainly not the dude who created it) claimed it was private or untraceable. There are shady people who did try to use that as a selling point, but there's just as many shady people working with dollars or euros.

        As for people "losing their shirts", it's clear by this time that BitCoin is too volatile to invest in or even hold on to for more than a few days. It's used as an intermediate currency. A guy in t
  • Watch out for the Bista MP...

  • So how they got their wallets compromised? i mean it's 2015, we have hierarchical deterministic wallets which means you can't steal ANY bitcoins, because even if you have access to the server the only thing you can get is public keys. So we have 2 possibilities: one: they use normal wallets = amateurs, two : whole servers were compromised. No other solution.
  • Interestingly, this event has not "moved the needle" on the other exchanges trading Bitcoin.

    • If you hack the bank do you see USD go down? It was not bitcoin network compromised. Another thing that is very important to that is the fact that they will refund any loss. That's why there was no price turbulence.
      • The failure of the price to drop is interesting if you compare it to the reaction to the MtGox wallet compromise and service freeze last year. It speaks reams about the healthier state of the Bitcoin ecosystem now.

        • by jbssm ( 961115 )

          Actually, Bitcoin took a bit hit 36 hours ago and today you got the news. What this tells you is that insider trading is alive and well in the bitcoin world. Someone already knew of the hack and dumped the market.

          Now expect further dumps just before worst and worst news resurface about this matter... just another typical day in bitcoin.

    • by jeremyp ( 130771 )

      According to http://www.preev.com/ [preev.com] Bitcoin is trading at around 280 USD. Last time I looked a couple of weeks ago, it was at 313 USD. The needle has moved, whether it was this story or not, I don't know.

  • Satoshi might have been a great mathematician/programmer, but he - of course - forgot all the social constrains of a new technology

    It's appalling how bitcoin evangelists still didn't understand the simple issue that makes Bitcoin impossible to work: Bitcoin has zero accountability.

    It doesn't matter how utterly secure you can theoretically make your bitcoins if there is zero punishment for those that try and succeed in stealing them.

    The real world doesn't care about perfectly safe paper wallets that can't b

    • by Dr. Evil ( 3501 )

      "...of course - forgot all the social constrains of a new technology"

      This has been the biggest cryptocurrency experiment in history. Successful beyond most people's dreams.

    • by tom229 ( 1640685 )
      Bitcoin has problems, but a lack of accountability isn't one of them. You could argue cash has "zero accountability". What stops you from stealing cash? The law. Because the law doesn't care about bitcoin, yet, doesn't mean it never will.

      Bitcoins major problems are two:

      1) Fixed supply ideology. Anything with a fixed supply, when up against the nature of human economics, is deflationary. Bitcoin proponents will aruge that coins are divisible so wages and prices will scale accordingly, but this is an inco
      • by jbssm ( 961115 )

        What stops you from stealing cash? The law. Because the law doesn't care about bitcoin, yet, doesn't mean it never will.

        This is only half right. Sure, the law doesn't care right now. But bitcoin very nature will always prevent the law, if/when it exists to actually catch any smart prepretator, as such, bitcoin will always have zero accountability when it comes to theft.

        • by tom229 ( 1640685 )
          Not true. It's a common misconception that the decentralized nature of the bitcoin protocol makes all transactions anonymous. Bitcoin is actually easier to track than even cash considering every transaction is recorded in a public ledger that is required for the entire mechanism to work: the block chain. This makes it very difficult to "wash" bitcoins as the washing mechanism could not be tied to the theif like it commonly is today (ie. a small business front for money laundering). De-centralized just means
          • by jbssm ( 961115 )

            What you said is false, completely false. Maybe it's by ignorance, maybe it's because you try to hide the facts. Laundering bitcoins, is as easy to put your money in Satoshi dice and take it out after playing. Or just get your money into a bitcoin tumbler and get it out after, or just exchange your bitcoins into Darkcoin and then back again after passing trough a middle wallet.

            All these methods are 100% anonymous. And you cannot shut them down since because of bitcoin decentralized nature they can always be

            • by tom229 ( 1640685 )
              I'll take your attempt at condescension as an indirect admission of losing the argument. You know very well that you can launder cash through gambling or currency exchange as well. The point remains that there are more ways to launder cash than there are to launder bitcoins. Bitcoins are no less lacking in "accountability" than cash, gold, or any other medium of trade except maybe digital currency controlled by the federal reserve.
              • by jbssm ( 961115 )

                Actually it's the fact that you completely changed your argument that makes you look like you are loosing the argument.

                I though we where talking about how easy it was to launder Bitcoin, but I get it that every time Bitcoin evangelists feel attacked and can't really give a proper solution to some problem about bitcoin (the fact that it's so easily laundered in this particular argument we are having) they quickly point their fingers at any fiat currency: "Ei, don't look at us, look at them, look, look how m

  • Hacked = CEO and CFO ran off with the money
  • by JoeyRox ( 2711699 ) on Monday January 05, 2015 @12:26PM (#48737765)
    By banks and governments, thank you very much.
  • Back when MtGOX went bust, people were saying you'd have to be an idiot to keep your Bitcoins there as they were untrusted.

    I'm sure people are saying the same thing now about Bitstamp.

    So I ask: Other than keeping it myself either in a personal wallet on my PC or smartphone or burned onto a CD on my shelf, where should I keep my Bitcoins? (Because on my desktop computer or smartphone is just asking for trouble, and on a CD is just asking for a different type of trouble.)

    • by wbr1 ( 2538558 )
      Backups.. multiple copies. 15 copies on 15 encrypted flash drives. Doesnt matter, JUST DONT LEAVE MONEY IN AN UNREGULATED EXCHANGE.
    • by jbssm ( 961115 )
      You should hold your Bitcoin by exchanging them for USD and then store them in your bank. This method besides being orders of magnitude safer, had an actual return of more than 70% during 2014.
      • You should hold your Bitcoin by exchanging them for USD and then store them in your bank. This method besides being orders of magnitude safer, had an actual return of more than 70% during 2014.

        Safer, sure but 70% return in 2014? Which bank are you talking about?

        My bank pays out a fraction of a percent on savings accounts so the $3K in my account nets me a less than 10 cents a month. That isn't even close to 70% return... Maybe your name is Hillary and you can trade future contracts better than the pros or something, but I doubt there is any reputable bank paying 70% return on any investments. If you are an average investor, you should be getting nearly 7%/year right now on a mixture of stocks

        • by jbssm ( 961115 )

          Safer, sure but 70% return in 2014? Which bank are you talking about?

          It was a joke. Since bitcoin lost 70% of it's value in 2014, it was implying you would get a 70% in bitcoin by storing your money in USD during 2014.

          • Ok, that makes sense.. You'd have made 70% more than holding BTC by just stuffing your mattress... Glowing recommendation that is..
    • A Trezor bitcoin safe:

      https://www.bitcointrezor.com/ [bitcointrezor.com]

    • Given the overall shady nature of the organisations surrounding bitcoin trusting a service to store your bitcoins is folly. So you have to store them yourself.

      How you do that is a tradeoff between cost/inconviniance and risk.

      The normal method of risk management for those holding large numbers of bitcoins is to have a "hot wallet" and a "cold wallet". The hot wallet is where you keep the bitcoins you need on a day to day basis, you accept that if you get hacked you have a good chance of losing it's contents.

    • Comment removed based on user account deletion

After all is said and done, a hell of a lot more is said than done.

Working...