Hackers steal $5M in bitcoin currency during Bitstamp exchange attack

About 19,000 bitcoins were looted during the weekend hack, which targeted hot wallets

bitcoin
Credit: flickr/BTC Keychain

Attackers made off with approximately $5 million worth of bitcoins after hacking the Bitstamp exchange over the weekend.

The attack, on Jan. 4, targeted Bitstamp's operational wallets, the company said in a statement on Tuesday. Operational, or hot wallets, are connected to the Internet and allow customers to instantly exchange the virtual currency.

Bitstamp suspended operations on Monday to investigate the attack and at the time instructed customers not to deposit to previously issued bitcoin addresses, saying those transactions won't be honored. On Tuesday's statement, it further emphasized that customers should refrain from making deposits and added that law enforcement is involved in the investigation. Bitstamp didn't specify which law enforcement organizations are investigating, nor did the U.K. company respond to a request for comment.

The company also reiterated that its customers' bitcoins are safe, saying that a majority of the exchange's bitcoins are kept in cold storage systems, which aren't connected to the Internet. Bitstamp said it can cover the value of the looted bitcoins, claiming that "this breach represents a small fraction of Bitstamp's total bitcoin reserves."

"We would like to reassure all Bitstamp customers that their balances held prior to our temporary suspension of services will not be affected and will be honored in full," the company said.

However, customers may have to wait a while to access their bitcoin funds. A secure backup of the exchange will come online "in the coming days," according to Bitstamp's statement. The company will provide updates via its Twitter feed and website.

But the most recent Twitter post appeared 16 hours ago. Frustrated customers have posted tweets calling for the company to release more detailed information at a faster pace.

"What about personal information of user IDs. Your strict verification method; you have [a lot] of info on users that's very valuable," wrote a Twitter user identified as Charles Reid Douthat.

Even CEO Nejc Kodri's feed has gone silent: his most recent tweet was posted on Monday. "To restate: the bulk of our bitcoin are in cold storage, and remain completely safe," he wrote at that time.

Other bitcoin exchanges that suffered attacks never recovered. Last February, Mt. Gox, then the largest exchange, folded after hackers allegedly stole $474 million worth of bitcoins. In March, two other bitcoin exchanges were hacked, forcing one to cease operations and the other to report that 12.3 percent of its funds had been pilfered.

Fred O'Connor writes about IT careers and health IT for The IDG News Service. Follow Fred on Twitter at @fredjoconnor. Fred's e-mail address is fred_o'connor@idg.com

To express your thoughts on Computerworld content, visit Computerworld's Facebook page, LinkedIn page and Twitter stream.
Windows 10 annoyances and solutions
Shop Tech Products at Amazon
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.