Topic: BIPS Wallet security breach - page 4. (Read 11504 times)

No i think people should stay calm and assess things clearly. However that's not easy to do when services fail you one after the other.

so you saying by making assumption and suspecting everyone would help in recovering your BTC sooner?

one of my precious wallet with 2 figures of btc also victimize here, and i really want to see them back

I agree with you, and it already happened more than once before with others, It's impossible to stop such things, hackers will always find a way to make our day harder, that's the risk we are taking and we have nothing to do but to accept the fact as it is.

Look under the payouts section on the main login page.  There is a spot there to enter a address

How does one add an external bitcoin address on bips?

Message (presumably from Kris) on my helpdesk ticket:

"I am on my fifth day without sleep doing data recovery as to find more server logs.

Please allow us patience."

 

Sorry, but when you put restoring the ability to process transactions above getting my thousands of dollars of BTC back, I can't find much patience to spare.

Reminder that there's still no evidence whatsoever that a hack occurred.  I'm amazed at the people here who are willing to walk away from their balances on the flimsy word of someone they have never met.

As promised I'd update when I heard back from BIPS,  I recieved an email today from Kris.  I added a bitcoin address to my account as requested.

.... text removed per request...

The problem is that people's money dissapear more and more often as the price rises. Everyone is saspicious and usually things end with customers losing their money  Asking for patient is to much imo.

from where i see, there is no better option than being patient wait and observe the progress they are doing
give them time to clean the mess on their own way and allow them to come with the best possible solution for both them and us.

or we can just continue vent our despair here purposeless...

Those people are burned anyway and it seems unlikely to continue doing business with bitcoins. The real issue here is that the community should be proactive and i don't know about bips but some other incidents wasn't so unexpected...

 Well, this kind of shit could happen to any of the merchants out there.

I have always founds BIPS to be a good service but unfortunately bad things happens...hackers should be blamed and not them.

Use of  bitcoin does require the use of an online wallet. This is the case if  Bitcoin is  going to be accepted mainstream.

I too lost  here - but I blame the hacker - not the victim. From what I read the file system was wiped.  Curious as to why a hacker would do that. Usually get in - get the info  - get out.  Wiping the server clean ensures there is no trace of  how.

I believe some thought needs to be put into the who - as well as the how.

I do also note  a  number of online wallets  have had problems. A number of  the leading wallets in various countries  have been taken down recently.   Denmark, Poland, Czechoslovakia.

Rather than thinking all about me,  let's think all about we.  The BTC  community  has been targeted (and probably always will be) by those who seek to  devalue it.

They seek to destroy the work of hours spent  working out systems that are for the improvement of all.

Why is that?  If the hacker is successful then the value  drops.  And  who profits from that?  The  established systems  would seem to have the most to gain.  Food for thought.

It helps to read the terms.  I think the security was ok -  obviously not enough - hindsight is  20/20.  But one can lock the doors and the thief still breaks the window - or  burns the house down.

I hope Kris - and Bips -  continue.  I hope they focus on the merchant services.  I hope they prosper.

And -  I do hope they find  a  way to  recompense.  But  hey  I'm human. 

If they don't - then I will still use their merchant services. 

Why would you even put your money in any online wallet and risk it to be hacked?
 Blockchain.info looks to be the best online wallet currently and they claim they don't have access to your wallet and pass (and mostly this is correct), but what's wrong with paper wallets? it just takes 10 mins to upload the key from a paper.

does anyone have a physical address for BIPS? or a physical address for Kris where he might be visited? 

We are getting together a group of people who have lost money as a result of this scheme.  Please get in touch if you have lost bitcoins in this scam.  Curiously we have a number of US holders - can't think it would be ideal for Kris if it were reported to the US authorities that he had breached US law by for example offering securities to US persons without being registered with the SEC.  Orange jumpsuit, perp walk and dungeon time for him. 

I don't see how there can be any future for Kris or BIPS in the bitcoin community.    There should be a blacklist on which we list people who take people's bitcoins and fail to show their face afterwards.  Shall we leave it to private enterprise to organise such a blacklist?  Or would the bitcoin.org guys like to add a page on which we list these sorts of people so people can check it?

I had 1.1335 coins at bips.me, bought them less than a year ago and kind of forgot about the whole account. I got the mail about the security breach, logged back in and can no longer see any coins or activity logs on the account.

What's odd is that I went to my mail to see if I can find the transaction details for my purchase and found the link to my wallet activity https://blockchain.info/address/14zpn5EGTBKLZGRroBZn7uzTBUWFqJo4cs

It seems like all the coins would have been taken out of the account just hours after they were put there, over half a year ago. I guess the blockchain reports etc. can't be tinkered with, so it must be the case?

I started thinking that did I transfer the coins over to mtgox account so I could sell them more easily, but my mtgox account is also claiming no transaction history.

Is there any hope to recover my coins, or are they gone forever? Paid only ~80$ for them, so it's not a massive loss, but at current rates it still stings. I guess that's what I get for wanting a convenient online wallet.

As it should I suppose, I did read the warning but I suppose it's easy to brush those off as an "Oh pfft that will probably never happen, it's just a disclaimer" But in bitcoin it's just not. It should be plainly stated that because of the price demand BTC has worked up to and it's inherent decentralization and control that these attacks/scams/robberies happen at an alarming frequency to those who don't know how to protect their coin. I had a discussion over on reddit about the wallet system and I'll copy it in here, it's basically a recap of what happened when I tried to install bitcoin-QT before going to a web wallet and some improvements I think we can make to help introduce newer users as I was shortly ago:

I came across bips by chance personally. The vendor I made my first purchased from was using them so I set up my first wallet there also.  Prior to bips I kept them on the exchange purchased.   I think it would be a great idea to sticky a warning in the Newbie and general bitcoin discussion forum to educate users about the risks of web based wallets.

I didn't even know I could download a software based wallet prior to losing my coins or I would have done that. FYI.. I joined the started with bitcoin in march of this year.

Kris is coming online every day atleast twice but choosing not to reply to messages or helpdesk ticket. I'll keep messaging him every day from now on until he replies. If he doesn't, i'll bump it up to every hour I hate it when people don't show the simple courtesy to even reply.

When something like that happens and you think an action is required, please report it! There's an "About bitcoin.org" page for this purpose
http://bitcoin.org/en/about-us

BIPS is now removed from the wallets listed on bitcoin.org .


This kind of comment concerns me. There is a red warning on each web wallet on bitcoin.org and users are forced to read them before looking at them. This was mainly designed to educate users about the risk of using these services, assuming that it was better than nothing given that people would be using them anyway. But a comment like this one seems to suggest this wasn't enough in some cases and can confuse some people into thinking these wallets are recommended despite the disclaimer.

Should we keep trying to educate users using disclaimers and by listing only web wallets with a "clean history", or should we stop listing them completely to make sure they don't appear like they are recommended (and leave users not informed about their risks or which one have some established reputation).

https://twitter.com/bips


 the twitter account is pretty dead.  more then a day since they spoke on it.