Slashdot Mirror
Bitcoinica Breach Nets Hackers $87,000 In Bitcoins
dynamo52 sends this quote from Ars about a breach involving a Bitcoin exchange:
"More than $87,000 worth of the virtual currency known as Bitcoin was stolen after online bandits penetrated servers belonging to Bitcoinica, prompting its operators to temporarily shutter the trading platform to contain the damage. Friday's theft came after hackers accessed Bitcoinica's production servers and depleted its online wallet of 18,547 BTC, as individual Bitcoin units are called, company officials said in a blog post published on Friday. It said the heist affected only a small fraction of Bitcoinica's overall bitcoin deposits and that all withdrawal requests will be honored once the platform reopens."
Reader linhares points out a forum post discussing how the attacker(s) hinted at a 'mass leak' in the near future. This attack comes shortly after a leak of a different sort — an FBI document (PDF) about Bitcoin found it way onto the internet. It seems they're worried about the virtual currency's potential use in criminal activities.
From https://bitcointalk.org/index.php?PHPSESSID=a5fdf1db75465f52e9f1ebb06e67b70e&topic=81045.380:
"The root cause of this problem is an email server compromise. The email server belongs to one of our team members."
Really? Does their server really send (unencrypted) emails with root passwords to their entire system? Or did the email server just happend to have root access? I don't even know what possibility is worst.
In the world of Bitcoin, startups are held to a higher standard when it comes to transparency. How many $87k thefts do you think occur on a daily basis with other companies? How many of those do you think you would hear about if they did happen? Usually when we hear of technology it's always in the multi-millions either of dollars or of records compromised.
Geeks have trouble with this concept, they get all overly literal about shit and think that if something is ok to do under any condition, it is ok to do under all conditions.
That is, of course, not the case. In the law, intent quite often matters. Also what you actually do with it matters as well. If you actually go and buy drugs with the alternate currency you bought then yes, that can be used as evidence of money laundering.
The other part of the problem is that geeks seem to have trouble with the concept of "reasonable doubt" at times. They think if they can cook up any alternate explanation for an action, no matter how far fetched, a jury should have to accept it and they'd get off. Again, not how it works. It isn't beyond any doubt, just beyond a reasonable one.
So yes, if you buy bitcoins for the purpose of buying drugs, they could nail you for money laundering and likely make it stick.
May I suggest you check out this graph?
Greylisting is to SMTP as NAT is to IPv4
I continue to operate my bitcoin business selling stickers, shirts, and things of interest to bitcoiners. Now it has been a year and it is still growing each month. I sell stuff for bitcoin and buy other things I need or simply cash out via local trade (for USD). I have about 1/3 the fees of PayPal and far less risk. This allows me to sell to people overseas much more safely and as it turns out about half my sales are overseas.
Bitcoin works for me.
When the Internet Fun Bucks are specifically made to be a libertarian free market ideal of untraceable cash, yes.
Both, actually.
Apparently Bitcoinica was hosted on a VPS, and the admin control panel used the email addy's of four (five?) principals.
A pretty amateurish setup, frankly - especially when you stop to think that Bitcoinica was responsible for the majority (i.e., over 50%) of volume on MtGox.
Bitcoin itself is sound (I own some), and of an unhackable nature by design. The bitcoin infrastructure however, is... ummm... "coming along".