Author

Topic: Attackers are exploiting Bitcoin flaw to record fake transactions (Read 1118 times)

member
Activity: 112
Merit: 10
Bitcoin is under attack by cybercriminals, bringing down some of the world's largest Bitcoin exchanges in the process.

Unknown attackers are exploiting a Bitcoin design flaw to record fake transactions, muddying up the Bitcoin system's public accounting and causing widespread confusion for the centers where people trade them.

The Bitcoin flaw allows these attackers to make a withdrawal from their own account and tamper with the record of that transaction. So they could cash out, but claim they never got the Bitcoins.

Here's how the Bitcoin glitch is exploited: All Bitcoin transactions are publicly recorded and set in stone every 10 minutes. But that leaves a large window for nefarious activity. In this case, attackers were making real transactions then immediately posting fake ones, confusing the exchanges' accounting programs.

Mt. Gox, Bitstamp, and other Bitcoin exchanges have temporarily suspended withdrawal transactions after coming under a form of a denial-of-service attack that abuses weaknesses in the way they keep track of fund balances, a security expert said.

http://arstechnica.com/security/2014/02/bitcoin-exchanges-buckle-under-strain-of-phantom-transactions/
http://money.cnn.com/2014/02/12/technology/security/bitcoin-attack/index.html

"What makes it major is that malformed transactions are being injected at a far greater rate than we've ever seen before," Antonopoulos told Ars. "Whereas before this was a few transactions affecting Mt. Gox, now it's a lot of transactions affecting everyone."
Jump to: