Slashdot Mirror
438 Bitcoins Worth Nearly $3.5 Million Stolen From Exchange In India, CSO Accused (indiatimes.com)
William Robinson shares a report from The Economic Times: Nearly 438 bitcoins, worth nearly $3.5 million, were stolen from a top exchange firm in India in what is being billed as the biggest cryptocurrency theft in the country so far. The exchange, which has over two hundred thousand users across the country, found that all the bitcoins that were stored offline had vanished. It was later found that the private keys -- the password that is kept by the company and is stored offline -- were leaked online, leading to the hack. The company tried to trace the hackers, but found that all the data logs of the affected wallets had been erased, leaving no trails about where the bitcoins were transferred. Coinsecure, a Delhi-based cryptocurrency exchange, is accusing its CSO, Amitabh Saxena, of siphoning off the money from the firm's wallet. The exchange is urging the government to seize Saxena's passport, fearing that he may leave the country.
Bitcoin - the joke is on its users.
Unfortunately, when Bitcoin implodes, a lot of folks who are "too big to fail" will be affected.
And so the bill will be placed on the taxpayers.
The joke will be on our tab.
Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
Isn't this why so many people trust Bitcoin "security" to begin with? So you can trace any and all transactions back to the inception of the bitcoins used themselves?
Seems rather pointless if you can just delete any records. Sounds more like a scam every time I read something new about them.
I tend to rant.
You're supposed to keep your bitcoin in your own wallet. If you're against banks but keep your crypto at an exchange for more than the time needed to, you know, exchange it, that goes pretty much against the whole selling point. Even more, you just trust them blindly, because they're not regulated or part of an insurance scheme either.
"Everybody's naked underneath" -- The Doctor
Not one day passes without a multi-million dollar Bitcoin heist
It supposed to be secured
The cryptography actually still works as it should. None of those heist is due to the cryptography being broken.
It's good old hacking of insecure servers, etc.
Not somebody managing to forge a signature on the blockchain and sign to himself a huge chunk of somebody else's money.
But the 'security' itself turns out to be the fatal flaw
Yes, its cryptocurrencies turning out to be fatal to themselves.
But the security of the cryptography isn't the culprit.
The problem arise from the base premises :
It's supposed to be a decentralized system for exchanging number, with no single central authority.
It's big advantage for people wanting free exchange with no obstruction (see controversies about Visa and Mastercard freezing some donation to wikileaks, back when bitcoin started to gain popularity). Same as with cash, nobody can prevent you to decide who you'll be handing a banknote.
But that means the obvious drawback that there's not simple central way to exerce regulations on all actors (unlike a bank in the banking system that needs to follow a ton of regulation before being able to itself a "Bank"). Same as with cash, nobody can warn you that the person whom you're handing a banknote is a crook.
You have to realize that, and as a consequence, remember to exercise brain before taking any decision, because the government cannot (by design for such decentralized scheme) protect you from your own stupidity.
If you're transferring BTCs (or whatever is the hipest cryptocurrency du jour) to some company that pretends to be an "exchange", you get no inherent safety guarantee regarding if the exchange platform follows at least a minimal required level of secure practice. Or if it's a complete scam all-together.
(Nobody can do that control for you, by design of the system).
It's a double edged sword.
If you want to have "muh freedomz" and be able to do whatever you want with your numbers, unrestrained by a central authority (no banks nor government involved),
then don't come crying when it turned out you're a sucker and gave out all your earnings to some scammer.
You asked for unrestained exchange possibility, assume its consequences now.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Isn't this why so many people trust Bitcoin "security" to begin with? So you can trace any and all transactions back to the inception of the bitcoins used themselves?
Seems rather pointless if you can just delete any records. Sounds more like a scam every time I read something new about them.
That is true on the blockchain itself, regarding exchange of BTC on the public bitcoin protocol.
You can't "delete" anything, unless the majority of the nodes on the network all agree together to roll back the blockchain. (Which happens every now or then when a newcomer cryptocurrency has a massive blunder leading to abuses and theft. Some time the whole network of that currency agree to roll back to before the blunder and use the new patched software).
But here, it's not the blockchain it self that got deletes.
There are transaction going from various owner to the wallet of the exchange platform,
there are other transaction going from the above mentioned exchange's wallet to other accounts.
But whatever happens on the exchange platform itself happens "behing closed doors" as long as the crypto-currency protocol is concerned.
An exchange platform might keep track of who exchanged which cryptocurrency with whom, so that at the end, when that user decide to withdraw their earnings, the platform knows how much to send from the platform's bitcoin wallet.
But that entirely internal book keeping.
And is completely left at how the platform feels appropriate.
For all the cryptocurrency protocols cares, it could also be a gambling platform.
Or some "artist's happenning" that completely burns and destroy bitcoins.
Here, hacker managed to get hold of the exchange platform server and persuade it to pay them out a good chunk of the BTCs held on the platform's bitcoin wallet, no matter what the server log held.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
"all the data logs of the affected wallets had been erased, leaving no trails about where the bitcoins were transferred."
I'm not up on cryptocurrencies, but isn't this exactly the kind of thing that blockchains are intended to prevent?
The issue here is people trusting someone else (the exchange) with their money (bitcoin). This isn't an inherent issue with bitcoin itself.
Fiat banks, for example, are essentially people trusting someone else (the bank) with their money. That would be just as stupid as the bitcoin exchange situation except; banks have insurance and government-backed assurances that mean if they screw up, customers don't lose their money.
The downside to the fiat model is; I have to use a bank because I cannot keep $350m of my own money safe without one. Keeping that much cash safe would be a horrible task that is prone to many risks. So my only real option is to use a bank to look after that money for me, and pay for the bank's insurance so my money is protected. Note that the insurance payment might be via your taxes (see government bailouts), account fees or whatever other mechanism the banks use to generate profit from you.
Bitcoin's different because I can keep 350m bitcoin safe myself. It's just a private key. The effort to keep 1 bitcoin safe is identical to the effort to keep 350m bitcoin safe. I don't need to pay to insure someone else anymore - I'm in total control of my own funds.
So given that bitcoin enables people to keep their own money safe without having to trust anyone else - why do people keep leaving their money on exchanges?
Answer 1: Because they're idiots. Or,
Answer 2: Because each individual only left a small amount of money on the exchange. Exchanges are the best way to get bitcoin right now - so, even in a transient capacity - people's bitcoins will be on the exchange and outside of their own control for a period of time. If people are smart, the quantity of bitcoin left on the exchange at any point in time will be balanced with the impact of losing it. Ie - transiting a small amount that you're not afraid to lose is fine.
I hope the majority of the lost $350m were from people who subscribe to answer #2 and no individual lost any money that means anything to them. Unfortunately, I suspect, there are a lot of misinformed/idiots who perhaps lost a significant amount of their own money through nothing but ignorance.
tl;dr
The lesson to be learnt here (and from every other exchange 'hack') is;
Don't give an unregulated and uninsured company a significant amount of your money to hold on to.
Unfortunately, when Bitcoin implodes, a lot of folks who are "too big to fail" will be affected.
And so the bill will be placed on the taxpayers.
Doubt it. The 2007 crisis revolved around values in the the trillions concentrated on the financial sector of the USA. Bitcoin has a total market cap of $130bn spread across the globe.
If the price was set to zero tomorrow, a few institutional investors may hurt, but it won't be a banks going bankrupt event.