DDoS Attack, Database Breach Take Down Two Bitcoin Services

As with any asset of monetary value, once said asset reaches a noteworthy level, cybercriminals’ interest is going to pique. Such is the current situation with virtual currency Bitcoin, which hit a high of $142 yesterday and the value of all Bitcoins in circulation has soared to more than $1 billion.

BitcoinAs with any asset of monetary value, once said asset reaches a noteworthy level, cybercriminals’ interest is going to pique. Such is the current situation with virtual currency Bitcoin, which hit a high of $142 yesterday and the value of all Bitcoins in circulation has soared to more than $1 billion.

Two different Bitcoin services, an exchange and an online storage service, reported yesterday they are experiencing service disruptions because of a distributed denial-of-service attack and a database hack, respectively. Naturally, both the trading exchange Mt. Gox and the storage service Instawallet, are encouraging customers not to panic sell.

Mt. Gox, a Tokyo-based exchange, issued a statement yesterday that it was blaming a trading lag that resulted in 502 errors and users not being able to reach their accounts on a DDoS attack.

Mt. Gox said it was unaware who was behind the attack and speculated that the attackers could have two motives: a) destabilize Bitcoin as a virtual currency; or b) cash in for a large profit once the currency’s value drops by buying low.

Mt. Gox said it will continue to be able to trade, and that it has hired security company Prolexic, which specializes in DDoS mitigation.

“There are a few things that we can implement to help fight the attacks, such as disconnecting the trade engine backend from the Internet,” the company said in a release. “By separating the data center from the Mt.Gox website, we will continue to be able to trade.”

Mt. Gox said it is the largest Bitcoin exchange and handles more than 80 percent of all U.S. dollar trades and 70 percent of all currencies. Prior to this year, the company said an average of 9,000 new accounts were created monthly; that number jumped during the first three months of the year when 57,000 new accounts were created. The company said it can fix, but won’t be able to eradicate, a lag in trading because, as is the case with all currency exchanges, it will always be in the attackers’ crosshairs.

“[We] understand that many of you have a lot at stake here, but remember that Bitcoin, despite being designed to have its value increase over time, will always be the victim of people trying to abuse the system, or even the value of Bitcoin decreasing occasionally,” the release said. “These are not new phenomena and have been present since the beginning of time when humans first started trading.”

The company also said it is working on a new trade engine that will scale its infrastructure to accommodate spikes in trade volume. “Lag will always be there, but our mission is to make lag as small as possible,” the statement said.

Meanwhile, Instawallet, an online Bitcoin storage service put a notice on its website that its services would be suspended indefinitely because of a database hack.

“Our database was fraudulently accessed, due to the very nature of Instawallet it is impossible to reopen the service as-is,” the notice said. “In the next few days we are going to open the claim process for Instawallet balance holders to claim the funds they had stored before the service interruption.”

The notice gave no indication how many Bitcoins were stolen in the attack. It said that any account with a balance of fewer than 50 Bitcoins would be refunded, and any with more than 50 would be processed on a case by case basis.

These aren’t the first attacks against Bitcoin exchanges. Bitcoinica was compromised last May and more than $87,000 in Bitcoins were stolen; the exchange said user currency was not stolen, only the company’s. In September, BitFloor reported it had been robbed by hackers of $250,000, most of the currency the company had on hand, it said at the time. Hackers were able to access a backup copy of wallet encryption keys in an unencrypted area of the server, the company said.

Suggested articles