Skip to content

Soaring of Bitcoin value continues to attract cybercrime

by Pierluigi Paganini on April 5th, 2013
bitcoin-data-mining-online-currency-theft

Surge in the value of , also increasing crimes related to the currency digital

The most attentive readers and those who are interested in the main trends of virtual currency will surely have noticed the soaring of prices of Bitcoin in the last month, an inexorable growth motivated by a time of economic uncertainty on a global scale that made the Bitcoin a safe haven.

 Bitcon trend 2013

 

bitcon_trend_2013_2

At the same cybercrime is showing and increasing attention on the popular digital currency schema, exactly as usually happen to any asset of monetary value when is level grows. As shown in the above graphs published on the websites bitcoincharts.com and blockchain.info the value of a single Bitcoin is passed from around 20 USD to 142 USD reached yesterday in just 3 months, meanwhile the number of Total Bitcoins in circulation is exploded approaching 1,1 billion as show in the following picture:

 Total Bitcoins in circulation 04/04/2013

 

 

The response of cyber criminals arrived on time, the two Bitcoin web platforms Mt. Gox and Instawallet suffered a different type of attacks, respectively a distributed DDoS attack and a data breach.

Mt. Gox is considered the world’s largest and oldest Bitcoin exchange, it handles around about 80% of all U.S. Dollar trades and 70% of all currencies, meanwhile Instawallet is a web storage service for Bitcoin.

Mt. Gox requested the support of security company Prolexic which specializes in DDoS mitigation to stop the cyber attacks, the popular exchange declared:

“There are a few things that we can implement to help fight the attacks, such as disconnecting the trade engine backend from the Internet,” “By separating the data center from the Mt.Gox website, we will continue to be able to trade.”

Following the notice published on the official website instawallet.org:

Instawallet service notice

“The Instawallet service is suspended indefinitely until we are able to develop an alternative architecture.Our database was fraudulently accessed, due to the very nature of Instawallet it is impossible to reopen the service as-is. In the next few days we are going to open the claim process for Instawallet balance holders to claim the funds they had stored before the service interruption.

Important information on claims submission:

For the first 90 days we will accept claims for individual Instawallets. Your wallet’s URL and key will be used to pre-populate a form to file the claim.
After 90 days, if no other claim has been received for the same url, your Instawallet balance under 50 BTC will be refunded. If several claims have been filed for the same url, we will process those claims on a case by case basis, under the presumption that the claim we received first belongs to the legitimate balance holder.
Claims for wallets that hold a balance greater than 50 BTC will be processed on a case by case and best efforts basis. “

The situation appears complicated especially for those accounts with balances greater than 50 BTC that will be eventually refunded only after a careful evaluation of the company. The implication of this attack could be different, the cyber criminals could be further attracted by the opportunity of easy earns, but similar events could destabilize the concept of “trust” that is one of the pillars of the virtual currency schema.

This second consideration has been demonstrated by events already occurred in the past, in September 2012, Bitfloor exchange suspended operations after an attack that stolen 24086 Bitcoins for a total amount of 248088 USD.

Following a list of principal events ordered by amount of stolen Bitcoin extracted by my book “Digital Virtual Currency and Bitcoins – The Dark Webs Financial Market – Exchange & Secrets”

http://www.amazon.com/Digital-Virtual-Currency-Bitcoins-Financial/dp/1481905953/  Paper

http://www.amazon.com/dp/B00AYA4SVS  [Kindle Edition]

 

 principal events ordered by amount of stolen bitcoins

Cyber Attacks have a great impact on the value of the virtual currency, during the hack to Mt. Gox, occurred in June 2011, hashed passwords were stolen and user logins recovered, uncontrolled fraudulent trades pushed the value of Bitcoins close to zero as shown in the following graph.

Mt. Gox hack June 2011

 

Fortunately Mt. Gox operators rolled back the fraudulent transactions which caused the currency to crash, restoring the value of each Bitcoin to about $17.50. Regarding recent attack Mt. Gox declared that it was unaware of hacker motivation sustaining that attackers could be interested to destabilize Bitcoin currency schema or cash in for a large profit once the currency’s value drops by buying low.

Commenting the event the company declared:

“[We] understand that many of you have a lot at stake here, but remember that Bitcoin, despite being designed to have its value increase over time, will always be the victim of people trying to abuse the system, or even the value of Bitcoin decreasing occasionally,” “These are not new phenomena and have been present since the beginning of time when humans first started trading.”

What to expect from the future?

Easy to predict an increasing number of attacks conducted by different actors with totally different purposes, cyber criminals are interested to monetize the attacks, they will explore new way to compromise accounts or will create an design new malware for botnets dedicated to Bitcoin mining (I suggest you to read the article “Skypemageddon by bitcoining“)  , the “others” don’t want alternative currency schema difficult to control.

Pierluigi Paganini

(Security Affairs – Bitcoin)

From → Cyber Crime

Comments are closed.