Hacking in the BitCoin Economy

Because the Bitcoin economy is relatively new an immature, yet has a stored value as of today at $60M USD, there is considerable financial gain to be had by hackers.

 

The latest fiasco is the attacks against Bitcoin electronic wallet service <a href=”https://www.mybitcoin.com/”>MyBitcoin.com</a&gt;

 

I’m still trying to get my head around the mechanics of the hack, but it seems like this wasn’t simply a break-in that resulted in the theft of Bitcoins.  Rather it seems that Mybitcoin.com was confirming transactions after a single block, which meant that an attacker was able to forge Bitcoin deposits via the Shopping Cart Interface (SCI) and withdraw confirmed/older Bitcoins. This led to a slow trickle of theft that went unnoticed for a few days.

 

It seems that half of the Bitcoins were basically stolen/double spent.  The <a href=”

https://www.mybitcoin.com/accounting.txt”&gt;

accounting disclosure from August 7, 2011</a> indicates that 78,740 went missing.  At a value of around $10 now, that’s over $750,000.

—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA1

							Sunday, August 7th, 2011

                MYBITCOIN ASSETS AND LIABILITIES DISCLOSURE

        Liabilities (Bitcoin)		Assets (Bitcoin)	Percentage
 -----------------------------------------------------------------------------
       	154,406.34272079		75,666.76066691		   49%

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MBC v1.0

iQEcBAEBAgAGBQJOPynGAAoJEJ+5g06lAnqF4dsH/1nl7hcurhpaIbAc64Dnud0H
lDyNPKqhGts0cNzmoXltivxPrQYTNVFLbr0My0Cm1kqEHdf3LlybeBSv3MTGToyR
N0niWx2GWzCbxXnRg+EG8o/iuElIXz/mmzAIUp6K9ReoqLTrYqUGkCSDf5YxDl/k
MpwHJMX7c1pR+YjfepaXMAQrKv54I1U2BQ5E0sf+L6TNdLfGukxKCnlW87D/+Th7
pnwIUuDvgbsGn9eb8IvAbrP/Mdq+rPD9nDgBnCS/9/DVKj4Onhuowb/zlxLXvZVX
phwi9QHl3bupFTeCqUjrEEMgDfxE2kGGBqSAO7d3GP5Derq6hhuX8oj9I3MwfdY=
=iLmO
-----END PGP SIGNATURE-----

 

Advertisements

About Dave

I have been into financial cryptography and alternative electronic currencies since the mid 1990s. I have attended the Financial Cryptography conference, and have invented patents in the fields of cryptography and security. I've built systems for Visa, the US Federal Reserve, NASD, and hundreds of banks around the world.

Posted on August 13, 2011, in Uncategorized. Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: