BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Hackers steal over $12, 000 of Bitcoins from transaction broker Bitinstant

From: Erica Absetz <eabsetz () opensecurityfoundation org>
Date: Tue, 12 Mar 2013 10:07:31 -0400
http://www.theverge.com/2013/3/8/4080160/hackers-steal-over-12000-of-bitcoins-from-bitinstant

Online institutions of all types are vulnerable to hacking, and
Bitcoin is no exception: last week, hackers stole over $12,000 worth
of Bitcoin currency from Bitinstant, one of the bigger Bitcoin
transaction sites. As with many recent hacks, the Bitcoin theft was
executed thanks to a bit of social engineering. According to the
Bitinstant blog, the attacker went to the company's domain registrar
posing as a Bitinstant employee — the attacker had a similar enough
email address and knowledge of the employee's date of birth and
mother's maiden name. From there, the attacker convinced the domain
registrar to make the fake email address the default and to reset the
account's password.

Once the attacker had access to the Bitinstant domain, he redirected
the DNS to servers in Germany and then to the Ukraine, locking out the
Bitinstant employees and gaining access to their email accounts. With
control over the email accounts, they reset the login for a Bitcoin
exchange and stole the $12,800 in three separate transactions. Getting
access to the Bitcoin exchange proved simple because of a lack of
two-factor authentication — all the thieves needed was a username and
password.

Fortunately for Bitinstant and the company's customers, no personal
information was obtained by the hacker — the company says it keeps all
personal and transactional data offline to protect user privacy.
Sadly, it wasn't as vigilant with other forms of security.Wired
reports that Virwox, the Bitcoin exchange hackers raided, has
supported multi-factor authentication since September of 2012.
"Bitinstant was not using it (they learned and do now)," a Virwox
representative told Wired.
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges.
Previous By Date Next
Previous By Thread Next

Current thread: