Slashdot Mirror
$500,000 Worth of Bitcoins Stolen
olsmeister writes "A Bitcoin user allegedly has had $500,000 worth of Bitcoins stolen from him. A hacker supposedly gained access to the user's home computer and managed to get the user's wallet.dat file, which contained the cryptographic keys that allowed him to drain the user's balance."
No worries! Police has to investigate a robbery of $500,000.. oh wait, anonymous payments were good now?
So she collected those bitcoins all in vain?
Give me Classic Slashdot or give me death!
What type of MORON keeps a balance of $500,000 in BTC?
The guy's handle is 'allinvain'. You couldn't make this stuff up.
Keep hyping that ponzi scheme.
The victim's name was "allinvain"... Rather fitting, don't you think? Or maybe the story was made up.
It is clearly a hoax.
Korma: Good
Worth $500,000 to a small group of nerds.
Victim - "I've had the my wallet stolen officer" .DAT"
Officer - "Okay can you describe the wallet to me?"
Victim - "It was about 58KB and ended in
Officer - "Errrrr......so was it leather?"
I read the original forum thread yesterday. It didn't sound authentic, it sounded a little "off". It sounded like it was semi-scripted, the voice was all wrong. Did anybody else get that impression?
Bogtha Bogtha Bogtha
Seriously. What are they and what are they used for? Do they cost money to buy? I am old and ignorant of some of this stuff. :O)
I lost $750,000 in Beenz.
Bitcoin and SA goons are currently in a pissing contest over who adds the least amount of value to the internet.
Think of bitcoin like being out on the outer rim. Always keep a gun at your hip and always be prepared to get jacked.
Come on Slashdot, I love Bitcoin and all, but enough already with the blatant advertisements! Is there anything other than allegations here? Even if it did happen, is there anyone who actually expects the police to be able to do anything about this?
..he look in the folder called 'Recycle Bin'
Donte Alistair Anderson Roberts - hi son!
Karma: Chameleon
If team bitcoin wants to succeed a necessary(but not sufficient) measure will be the development and reasonably easy and inexpensive availability of a suitable keystore peripheral.
For PKI purposes, the use of specialized storage modules has(at least for very high value keys in setups run by the competent) been going on for years. For bitcoin, you'd need something somewhat similar; but cheaper, easier to use, and better adapted for transaction purposes.
Any desktop OS (and most home/casual server computers and backup schemes or lack thereof) Just Isn't Suitable for the storage of data that are worth much of anything. Even if the hackers don't get you(and for ~$500,000 a mere absence of remote holes attackable with off-the-shelf toolkits won't necessarily save you, that is getting well into personal-attention-from-one-or-more-competent-operators territory...) an HDD crash, corrupted backup, house fire, etc. might.
At a minimum, you really want your keystore to be a separate, small footprint, device that accepts bitcoin payments, and can listen to requests to issue payments; but allows the user to review the requested payment(size and target) on an independent display and confirm/deny it on an independent keypad.
Unfortunately, bitcoin's rather clever cryptographic architecture just isn't as secure as the math suggests so long as the private keys are being stored in pitifully insecure ways. On a large scale, we've seen goofy crap like MMORPG logins being stolen automatically by assorted malware. If bitcoins achieve some measure of popularity and value, it won't be long before wallet.dats are being cleaned out in the same way, with especially high-net-worth targets being attacked personally.
Why would you keep that type of cash in bitcoin? Anyone with half a brain would at least put that kind of money in a savings account to get interest. I think it's a hoax.
The only reason I can think of is if you are running a business and want to dodge taxes. It'd also be a good way to hide money from say, selling drugs.
On a side note, I believe it is still illegal to make your own currency in the US. I don't see the government spending too many man hours solving this. If the claim is real, I think that person will never see that cash again.
TFA says:
BitCoin is a form of fiat currency, meaning it only has value because people believe it has purchasing power.
The Wikipedia article says:
Fiat money is money that has value only because of government regulation or law.
That seems more in accordance with reality. As weak as the dollar has been lately, it would be very difficult for it to lose all or most of its value overnight, unless there was a major world catastrophe, because it is backed by the U.S. government. But (and someone correct me if I'm wrong) Bitcoin could crash any time because its value is given to it entirely by (gullible) people's beliefs. Heck, even stocks are backed by something, a company's performance, and those can crash overnight too.
Sorry, I can't take it anymore.
I'll miss you.
Whoops--I meant to quote a bit more of TFA:
Like most major worldwide money systems, BitCoin is a form of fiat currency, meaning it only has value because people believe it has purchasing power.
That's the important part. Bitcoin is not like most major worldwide money systems.
At http://forum.bitcoin.org/index.php?topic=16457.0 the victim allinvain stated that, "a very large chunk of my bitcoin balance gone to the following address: 1KPTdMb6p7H3YCwsyFqrEmKGmsHqe1Q3jg" That just happens to be the same address for donations to LulzSec on some of their ASCII banners.... http://pastebin.com/88nGp508
Would it even be possible to sell the coins for $500000? Is the market at a given time big enough to actually fulfil such a sell order?
Bitcoin is unofficial currency. In many respects, it is essentially the same as WoW money. We have seen cases and claims of theft and other issues surrounding the use, abuse and exchange of World of Warcraft items, assets and cash for real world money. Law enforcement has, in those cases, abstained from much if any intervention in those matters. At the moment, I suspect that Bitcoin is viewed as similar. This may change but at the moment, I'm thinking that this $500,000 burglary will not be recognized as a loss of value.
If the thief were to cash-out he or she would net just about $500,000 at current BitCoin-US Dollar exchange rates.
What type of moron would hand over $500,000 for BitCoins?
... does anyone really think that they're going to one day be able to take that big bank of BTC and get half a million in cash for it from someone?
I mean, I understand that you can probably get small transactions honored through some super shady site but
Aside from the lack of verification of this report I have to wonder if that whole premise of "being worth $500,000" is flawed. Those coins are only worth what someone will pay for them -- maybe some products online you could buy with them. But I highly doubt the market is that robust (yet). And I doubt it will ever reach that level.
I don't doubt that there are early farmers out there sitting on hundreds of thousands of dollars in BTC just enjoying the hilarious deflation that is taking place. What I doubt is that anybody will ever be able to redeem those for what the "market" says they're worth.
My work here is dung.
It very well might be illegal in the US but what law makes it illegal?
That's why I keep all my money if Flooz, it's much safer!
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
QUICK! What's the exchange rate of WOW gold to Elbonian Dingbats! I must know!
If you were blocking sigs, you wouldn't have to read this.
not a hoax, an oax. Meaning some idiot made it up to pull down the value of Bitcoin.
Nobody could be stupid enough to not protect the dat file or where ever $500,000 is stored. You ought to protect your file as you'd protect your money.
If it was just stolen, can't the owner take a backup copy and immediately convert them all to real cash?
How exactly is he going to immediately convert it all to cash when there aren't enough askers for that much bitcoin? Despite claims of how much all this bitcoin is worth if no one is going to pay the exchange it is nothing but worthless bits.
The culprit is described as wearing a red shirt, white gloves, blue overalls and a bushy mustache.
Whatever happened to honor among thieves...err I mean dopers...err black marketeers?
Insert Generic Sig Here:
Bitcoin is used by drug addicts and drug dealers to buy narcotics.
Bitcoin stories are largely pushed onto the media by the Bitcoin inventors just to get more exposure.
It's a tool for supporting crime, nothing more. Slashdot is posting too many Bitcoin stories. Just stop it already.
This is probably setup to make Bitcoin look bad since the US government wants to ban it.
If I understand the technology, if he were to try to sell bitcoins from a backup .dat, the bitcoin network would reject the transaction as fraudulent saying that he no longer owned the coins he is trying to transfer.
The immediate transfer would go through, and over the next 10 minutes both parties would recieve thousands of "I don't agree that this transfer is valid, invalidate it" messages from other nodes on the bitcoin p2p network.
a) who would want to collect half a million $ worth of experimental currency that can't really be used widely?
b) why would you want to keep that much money as a virtual currency?
c) why would you want to keep that wallet accessible on your PC and not on some external, removable media, or at the very least under tight lock e.g. via encrypted file?
and finally,
d) if it really did happen, he deserved losing it for being and idiot, see points a-c ...
What, your untraceable bubble-led crypto currency is at the mercy of stupid users? Colour me shocked.
It doesn't mean much now, it's built for the future.
... or it didn't happen.
I am not your blowing wind, I am the lightning.
And allow the bit coin users to access them from the cloud to make transactions. Have the bit coin users generate their own keypair to protect their wallet, and have them protect that themselves as the entire security of their bitcoins will be determined by how they protect it. Generally speaking if they can't follow best practices it's their own fault.+
I've long longed for a USB hardware device containing a small crypto-processor, a public/private keypair, and a button. Given a standardized interface (as standardized as USB block-devices) it would make a perfect key-solution to keep in my physical keychain to identify myself in all kinds of circumstances.
* Need to sign a bitcoin-transaction? Let the software queue a request and press the button.
* Need to identify yourself on the web? Again, let the site send a challenge, the browser forward it to the key, and press the button. (Possibly already possible through SSL?)
As an extension, the key could hold two keys of different "level". A common key, not requiring the button to identify me to less-sensitive services, and a button-locked key for more important purposes.
For online banking, extend the key with a small display to show exactly what you're signing, and you get rid of all the manual transactions.
Is there at least something less-standardized for this?
............... $500,000 in bit coin is worth almost 500,000, yes five hundred thousand, repeat five hundred thousand US Dollars..
So somebody can do a botnet wide search for all wallet.dat files and be a bitcoin trillionaire?
I've installed Bitcoin on my desktop PC, however, I am still trying to figure out how to go about mining for Bitcoins, can someone point me in the right direction?
Michael
http://s1.sfgame.us/index.php?rec=58163
This thread was on Reddit 2 days ago. Here's the link: http://www.reddit.com/r/geek/comments/hzrcc/bitcoin_user_loses_25k_bitcoins_when_his_machine/
To summarise:
* it could've never been $500k, that's purely theoretical. In practise it would be worth far less.
* "allinvain" is a true idiot. He was keeping the coins on his main computer which had a virus on it. He was browsing the web and IRCing with it. He found the trojan the night before, had seen that his payout address was changed to another and then to fix this he "changed it back" and went to sleep. He then "moved [his wallet] to a Ubuntu linux vmware install. On the same machine."
* It's probably a hoax
That is exactly what I would do if I was the original owner.
Transfer the bitcounts to a new "account". As long as the thief has not done that with every coin/hash/account he can likely rescue a huge part of it.
However the bitcoin network needs some "report" theft option, but I guess that could easily be abused.
Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
If I had $500,000 worth of bitcoins I would definitly encrypt the wallet file and create a new one for regular use. And yeah the BitCoin stories are getting out of hand. Time to move on Slashdot.
I'm reading that some how the money was given to them via a donation, at least thats what is being hinted at on the forums.
Whether or not he sent it to them himself and wants to deny it, or if he was hacked and they stole it, if they have it then it's safe to say it's lost forever.
.And nothing of value was lost.
You've got that backward. The exchange rate is 1 bitcoin = $19.51. $500,000 worth of bitcoins is about 20,000 bitcoins.
This would explain the laundering activity that has been going on the past 24 hours. The equivalent of the entire market of bitcoins has been transferred to hundreds of accounts in 50k+ increments. Only 6.5m BTC in existence, over 8m BTC in transfer activity. If any of that starts selling, it will collapse the market down to nickels and dimes.
When the foot seeks the place of the head, the line is crossed. Know your place. Keep your place. Be a shoe.
You guys both fail at maths and R-ing TFA. 25,000 bitcoins were stolen. And at the exchange rate of about $20 to 1BTC, that gives... $500,000.
Sheesh, nerds today are rubbish.
And nothing of value was lost.
Also, I'm not sure why Slashdotters hate bitcoin so much.
I think it may have something to do with the NEAR CONSTANT stream of slashvertising someone seems to be doing for the bitcoin economy.
It's kind of like how I didn't start off hating my coworker's kid, but hearing endless chatter about the kid's activities (which were mainly pooping) for a month, I vowed to wait 18 years, and then punch the not-a-baby-anymore in the gut. It's not that the kid or bitcoin did anything bad, it's that they've done nothing noteworthy and yet I keep hearing about them.
Apparently the thief already did it, wouldn't surprise me if that's how he noticed it.
Justice is the sheep getting arrested while an impartial judge declares the vote void.
This looks like a [hoax]. I can tell from some of the [words] and from seeing quite a few [hoaxes] in my time.
Flexible bare-metal recovery for Linux/UNIX
Once again, assuming I understand the technology correctly:
I don't think the original owner could do that, because as far as the network is concerned, the original theft was a valid transfer because it originated from the user's valid wallet file to a valid recipient address. The network believes that what was done was done properly, even though it was done in an improper fashion by someone who broke in to do the transfer.
The entire network relies on everybody agreeing on what has previously gone on.
Therefore, if the original owner used a backup copy to try and re-transfer the backed-up bitcoins to a new address, the network would reject it as an illegal transfer because the network doesn't believe that he has the valid right to transfer those bitcoins anymore. I'm pretty sure that the individual bitcoin clients are at the mercy of the network-at-large, and if he tries to send coins to another address he owns, the network is going to claim he doesn't have the right to do so and the transaction will be invalidated.
The best analogy I can think of is a hacker logging in to a server with a stolen username and password. The hacker does not have rightful posession of the username and password, but the server doesn't know that. the server only knows that the authentication challenge was responded to with legitimate information, so the server has to assume that the hacker is who he says he is. likewise, the bitcoin network saw the $500,000 transfer (whatever that is in BTC) as valid by all authentication protocol, so it can only assume that it was legit and act as such in all future transactions using the affected bitcoins.
I thought R-ing TFA disqualified you from commenting on /.
FreeBSD: The Power to Serve!
How does this get modded up as informative? Sarcastic or funny maybe (although It's not really that clever).
Whether you like to admit it or not, Bitcoins can be traded for real money. And right now they can be traded for plenty of it. I started mining a month ago, and not only have I cashed out and covered the cost of my hardware and electricity, I've turned an $600 net profit - yes, a real $600 USD that is sitting in my checking account. I wasn't even an early adopter. I just did a little 4th grade arithmetic comparing the mining income to the cost of a Radeon 5850, and I acted on those results.
But you know what - You're right, Bitcoins are worth nothing. Mining is not profitable. Don't do it.
And he would've still been hacked if he was running Linux, because NO ONE EVER FUCKING READS THE CODE.
Stupid GNUtards.
However I don't believe the "real"* value of a bitcoin is at the current exchange rate, it's probably closer to $12. I think the bitcoin market has been in a bubble for the past few weeks. A story such as this might help to bring down the price, long enough for an investor to buy, and whatever forces are driving the bubble would (possibly) continue and the value would go up again.
Here is a graph of a boom and bust cycle (full article here). Here is a graph of Bitcoin exchange rates. Anyone with common sense should be hugely alarmed by the bubble which is forming or the likely outcome that will follow on from it.
People here are posting for karma arguing that BitCoins are worthless?
Oh, I assumed the theft had stolen the file (as ind download it somewhere) and deleted the owners file. ...
If he indeed used the owners PC to transfer the moeny
The network actually works as you describe ...
Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
While I didn't check timezones/hours on some timestamps, I think it's still fairly reasonable to call this bullshit. Please check your sources next time.
It's supposed to be super safer, I don't get it?
Clearly you don't. And apparently, the guy who was robbed had the same problem.
The additional "safety" is in other areas -- there's no central, controlling authority, so no one can arbitrarily increase or decrease the supply of Bitcoins, whereas with fiat currency, people absolutely can do that. This is a good thing and a bad thing -- it's a bad thing in that there's no central authority which can attempt to fix the market when things go south, but it's a good thing in that said central authority can't mismanage things, or deliberately manipulate the market for their own game.
It's also anonymous, which is "safe" for other reasons.
But none of this implies your wallet is automagically safe, if you don't take steps to protect yourself. You can make your money safer than with other currencies, but this takes some effort -- the obvious solution would be to create a second "savings" wallet, generate a few thousand addresses for it, then store the actual wallet.dat (with all the private keys) encrypted and in a few thumb drives (or CDs, etc) in a safety deposit box, say. You can send money to savings without retrieving it, but you can only send money from savings by going and retrieving those drives.
Of course, you can go a step further -- you could do all that and also maintain an airgap, so you create the transaction to "withdraw" and sign it on a machine with the "savings" account, then transfer it by sneakernet to your Internet-connected machine.
And you can also take real money and leave it in big stacks on your kitchen table, with your front door unlocked, and then wonder why you were robbed, since you assume dollars are supposed to be "safer" than Bitcoins.
Don't thank God, thank a doctor!
I'm having trouble understanding the amount of value involved - I mean, who uses *dollars* anymore?!?
I've been 100% invested in Quatloos for years and I'm not looking back!
Humor from a Genetically Molested Mind
Comment removed based on user account deletion
It is backed by the US military.
The US dollar is the world reserve currency, about 60% of all international transactions involve US dollars. This means that the rest of the world has to purchase dollars.
Oil specifically is a commodity which almost all have to import, and the House of Saud in particular have (for some reason) insisted in the use of US dollars for oil transactions, this means therefore that oil backs the dollar, and it is military force which encourages and maintains the use of the dollar in oil transactions.
Didn't you wonder why most the 9/11 hijackers were Saudi? World started making some sense now?
Deleted
Yeah, I would have put it in the freezer or under my bed on a zip drive. Sheesh, some people don't know how to handle money.
They come in the dark, only in the darkest.
Yes, it's an actual PC World article, but it still serves as an ad. I don't know whether the article was written by a shill, or whether PC World got duped, or whether the submitter is being the shill, or whether there's just an overeager fan somewhere in the chain, but this article has the same effect as an ad. What makes it an ad is not the statement that $500000 was stolen, but the implication that it could be worth $500000 in the first place. The story is selling the idea that Bitcoin is real and that when someone steals it that's as meaningful as someone actually stealing real money. So in the guise of reporting a theft of Bitcoins, it's pushing Bitcoins.
Consider how anyone would behave if it was really worth $500000. If you suddenly got $500000 in cash tomorrow, would you put it all into Bitcoins? Of course not. You'd bank it, maybe invest some, and only put a small portion into Bitcoins. Then logically, if your Bitcoins suddenly became worth $500000, you'd take *out* as cash the amount that you'd leave out if it started as cash in the first place. The fact that he had $500000 of Bitcoins in the first place and didn't convert into $490000 of cash and $10000 of Bitcoins shows that it wasn't ever really worth $500000.
Who said it was safe? The idea was to emulate real cash as closely as possible, and one of the consequences of this is that it is possible to steal it.
$500,000 in bit coins is $500,000 in yens
No, $500,000 in yens is $500,000 in US Dollars.
$500,000 in bit coins is $500,000 in Confederate Dollars, or $500,000 in nothings. Anyone who is foolish enough to accept the bitcoins will soon find out they spent $500,000 on something no one else will accept.
Consider the fact that he did not spin his own processor. Consider the fact that he did not design and build his own car. Consider the fact that he did not review the drawings for his home to ensure stability.
Unless you are capable of singlehandedly rebuilding civilization, you should live in a cave and eat only berries!
Drop a grand. Expect to get burnt. Call it a learning experience. Call it R and D. But you will be on the forefront of this new TYPE of currency.
Sure there are a lot of flaws. The thing does have a whiff on Ponzi and Scam. But would you rather have an IMF issued world currency? The way thinks look, both the US dollar and the Euro will collapse, What is going to replace it? Another centrally administered, fiat currency? Taxable, Trackable and Inflatable? The goofs that brought you the Anglo/American Debt Crisis in charge of a world currency? Yikes. That is not a solution.
So the 'mining' process that puts the currency into existence is bogus. So the e-wallet go stolen. So what? Learning curves. Bugs.
Bitcoin is merely Version 1.0 of a decentralized, anonymous currency.
Stop you whining and naysaying. P2P is good. PGP is good. Bittorrent is good. But a decentralized currency? Why suddenly all the whining and naysaying? Where's the Slashdot Spirit? One would almost suspect the shills. And they are scared of something.
Put on your thinking caps and solve these problems.
Zorkmids.
dragonhawk@iname.microsoft.com
I do not like Microsoft. Remove them from my email address.
as it is about some bitcoin user.
Keeping that much money in one uninsured account, on one system, on WINDOWS! is sheer stupidity and he deserves to be ripped off.
Perhaps he got in early and either mined bitcoins while they were easy, or bought some while they were cheap.
Perhaps his $1000 investment went up to $500K ; and (like many in the dotcom bubble did with .com stocks) let the money ride rather than cashing some out.
... the bitcoin stories.
Democracy Now! - your daily, uncensored, corporate-free
While this is bad for bitcoin's reputation, storing $500,000's worth in an unencrypted wallet is incredibly foolhardy. It is fairly simple to run two wallets, one encrypted for savings, and one unencrypted with only a small number of coins in it.
was the Federal Reserve.
Hi there.
Some of us do.
Some of us don't like the default behaviour of some things, or find bugs, or just want to understand things, so we read the code. Can't claim to have read even 1% of the code for my machine, but I have looked at parts of it.
Actually Bitcoin is probably closer to tire scrip than baseball cards...
It's advertising "Bitcoins are just like real money."
Please re-read the posts you are replying to. TFA was saying that Bitcoin is a form of flat currency, and I was saying that that is incorrect, for pretty much the same reason you just listed. Your post is redundant.
While you could say "he should have $better_security_measures...." Unlike every bank/checking account I've ever owned, I don't think his PC or whatever you use to secure your bitcoins is FDIC insured.
What's that old expression by Thomas Tusser...
"A fool and his money are soon parted"
No one walks into a store to buy a wallet with the expectation that their money will be particularly secure inside of it. On the other hand, while some here are clearly not surprised about the lack of security surrounding BTC ownership, when you visit the websites promoting BTC usage, there's no mention of whether one's BTC information is particularly secure or not. In fact, one is given the impression (implied, not stated) that BTC is actually pretty secure by default.
BTC is secure, but it is secure in the sense that the us money supply is secure (in theory), as opposed to specific dollars in your possession being secure if you have them locked in a safe and under guard. In the realm of the physical, this sort of differentiation is fairly obvious, since nobody will think the anti-counterfeiting features of a $1 bill will keeping a mugger from stealing it from you.
The confusion of course, is that people looking into BTC discover pages and pages of writings about how clever BTC is and how it has crazy awesome cryptography to protect it. The cryptography is to protect the money, not the user. It actually reminds me of the same sort of confusion that people have about circuit breakers and GFI outlets in houses.
HA! I just wasted some of your bandwidth with a frivolous sig!
officer someone stole my pixels!
Bill Gates has enough money that even the small portion that is liquid is plenty of money for all the things most people use money for.
But you're right, I oversimplified a little bit. The fact that someone doesn't convert their "money" to real money doesn't prove that it's not valuable. It could just not be very liquid, like most of Bill Gates' wealth. But while it doesn't prove it, it's still one of the warning signs. If I claimed my wristwatch was worth a half a million dollars, and I'm an ordinary guy who could really, really, use having half a million dollars in the bank, the first question by any doubter would be "why don't you sell it? After all, you could use the money." If I don't, it may be that I'm still waiting on the call from the wristwatch broker before I can sell it. Or I'm just a fool with no financial sense to realize he should sell it. But the more likely reason is that I'm just BSing.
Everyone would be up to their eyeballs in debt.
Deleted
My understanding, from listening to an in-depth episode of This American Life, is that the dollar is basically completely decoupled from gold. The Fed can literally create more money with a few mouse clicks (not paper money, but real bank balances).
"Those who consume the bulk of goods are those who make them. We must never forget this secret of our prosperity."
Your post doesn't make any sense. allinvain was an earlier adopter of bitcoin and a miner who was making 50 bitcoins a day in the early days. He had 25,000 bitcoins stolen. It is a fact that before the theft bitcoins were exchangeable at close to $20. His stash was worth far less as little as a month or two ago. There is nothing unusual about his behavior considering the circumstances.