Hackers steal $5M in bitcoin currency during Bitstamp exchange attack

Attackers made off with approximately US$5 million worth of bitcoins after hacking the Bitstamp exchange over the weekend.

The attack, on Jan. 4, targeted Bitstamp’s operational wallets, the company said in a statement on Tuesday. Operational, or hot wallets, are connected to the Internet and allow customers to instantly exchange the virtual currency.

Bitstamp suspended operations on Monday to investigate the attack and at the time instructed customers to not deposit to previously issued bitcoin addresses, saying those transactions won’t be honored. On Tuesday’s statement, it further emphasized that customers should refrain from making deposits and added that law enforcement is also involved in the investigation. Bitstamp didn’t specify which law enforcement organizations are investigating, nor did the U.K. company respond to a request for comment.

The company also reiterated that its customers’ bitcoins are safe, saying that a majority of the exchange’s bitcoins are kept in cold storage systems, which aren’t connected to the Internet. Bitstamp said it can cover the value of the looted bitcoins, claiming that “this breach represents a small fraction of Bitstamp’s total bitcoin reserves.”

“We would like to reassure all Bitstamp customers that their balances held prior to our temporary suspension of services will not be affected and will be honored in full,” the company said.

However, customers may have to wait a while to access their bitcoin funds. A secure backup of the exchange will come online “in the coming days,” according to Bitstamp’s statement. The company will provide updates via its Twitter feed and website.

But the most recent Twitter post appeared 16 hours ago. Frustrated customers have posted tweets calling for the company to release more detailed information at a faster pace.

“What about personal information of user IDs. Your strict verification method; you have [a lot] of info on users that’s very valuable,” wrote a Twitter user identified as Charles Reid Douthat.

Even CEO Nejc Kodri’s feed has gone silent: his most recent tweet was posted on Monday. “To restate: the bulk of our bitcoin are in cold storage, and remain completely safe,” he wrote at that time.

Other bitcoin exchanges that suffered attacks never recovered. Last February, Mt. Gox, then the largest exchange, folded after hackers allegedly stole $474 million worth of bitcoins. In March, two other bitcoin exchanges were hacked, forcing one to cease operations and the other to report that 12.3 percent of its funds had been pilfered.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Must read: Hidden Cause of Slow Internet and how to fix it
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.