Slashdot Mirror

← Back to Stories (view on slashdot.org)

DNS Hijack Leads To Bitcoin Heist

Posted by timothy on from the don't-make-trouble-nobody-gets-hoit dept.

First time accepted submitter FearTheFez writes "Social Engineering and poor DNS Security lead to a Bitcoin heist worth about $12000. Bitcoin broker Bitinstant was robbed after thieves managed to take over ownership of their domains. While Bitinstant claims that no customers lost any money, without 2 factor authentication all it took was a place of birth and a mothers maiden name to gain access. This looks like poor security from everyone involved."

4 of 126 comments (clear)

  1. The most likely suspect is... by Anonymous Coward · · Score: 5, Funny

    Bitinstant's mother. She knows both her maiden name and his birthdate, probably.

  2. Re:Conviction for stealing bitcoins by Zemran · · Score: 5, Insightful

    I do not think that any court or official government body recognizes your television as being a legitimate currency but I can be prosecuted for stealing it. If it has value to the owner, it can be stolen.

    --
    I love stacking my barbecues in the shed at the end of summer - you can't beat a bit of grill on grill action.
  3. Re:Non story by mkraft · · Score: 5, Interesting

    If a standard currency exchange was robbed for $12,000 we would not even read the story. This is a trivial crime and of little interest. It serves more as a warning rather than as a bank robbery story. I hope that those that are concerned learn from this but if this is the crime of the century in the Bitcoin world then they are doing really well.

    No, the Bitcoin crime of the century was last year when the same server was hacked twice, to a tune of several hundred thousand dollars, as mentioned in TFA. Bitcoin hacks are becoming more and more common, so it's only a matter of time before that amount is surpassed.

    Personally I don't see the point of bitcoins. I don't pay for everything in cash in the real world because it lacks the protections that other payment methods have. I don't see a reason to use a digital equivalent of cash in the online world. Bitcoins' anonymity might be it's biggest strength, but it's also it's biggest weakness.

  4. Re:Conviction for stealing bitcoins by TsuruchiBrian · · Score: 5, Informative

    bitcoins aren't data per se. A person's private key for their bitcoin wallet that is used to transfer ownership of bitcoins is data. It's just a long number. The proof of work used to establish a bitcoin is data. The transaction history of each bitcoin is data.

    A bitcoin is more than just the data underlying it. There are may thousands of copies of each bitcoin, but at any given time only one person has the authority to transfer a bitcoin to someone else.

    A bitcoin itself cannot be copied. To copy a bitcoin would mean copying it's ability to be spent (allowing it to be spent twice). This would ruin any currency. And much of the design of bitcoin is prevention of double spending.

    This is similar to how xeroxing your bank statement doesn't double the amount of money you have in the bank.