Bitcoinica tl;dr = 17 year old kid built an exchange, took everyone's money, and continues to invent spurious lies to the contrary.
BB.
Topic: Bitconica (Read 1209 times)
http://zhoutong.me is also down. Maybe it was all the visits from relic hunters 
Quote
...blah, blah, blah...We thank you in advance for your patience. And we humbly apologize for this incident.
Update: Bitcoinica is currently considering selling Chinese relics to help compensate those... Nevermind! It seems some hacker just stole our relics.
Update: Bitcoinica is currently considering selling Chinese relics to help compensate those... Nevermind! It seems some hacker just stole our relics.
Yes Yes, learned my lesson:
"Do not talk about things of which you have no understanding."
Quote
...blah, blah, blah...We thank you in advance for your patience. And we humbly apologize for this incident.
Update: Bitcoinica is currently considering selling Chinese relics to help compensate those... Nevermind! It seems some hacker just stole our relics.
Update: Bitcoinica is currently considering selling Chinese relics to help compensate those... Nevermind! It seems some hacker just stole our relics.
I think they plan on starting up again if they can pay it all back first.
Would you trust them?
I would trust them. I think an incident like that would be akin to breaking a bone. When the bone is healed it's stronger than it was before.
Unless it were an inside job like an autoimmune disease
No
Quote
Claims
We apologize for this incident and the inconveniences it has caused. The incident happened during a transition period, which was initiated to bring Bitcoinica up to a professional level of security. Bitcoinica will not continue operations until the transitional process been completed.
We apologize for this incident and the inconveniences it has caused. The incident happened during a transition period, which was initiated to bring Bitcoinica up to a professional level of security. Bitcoinica will not continue operations until the transitional process been completed.
I think they plan on starting up again if they can pay it all back first.
Would you trust them?
Is bitcoinica currently operating?
No it's been shut down.
The website itself doesn't do a bad job explaining what happened.
Is bitcoinica currently operating?
Sure everyone involved is still real pissed,
but will they hold it against bitcoinica forever?
but will they hold it against bitcoinica forever?
Wow! Thanks for the info on Bitcoinica. If a thief wants something bad enough, than they will eventually find a way to get it.
The website itself doesn't do a bad job explaining what happened.
From https://bitcoinica.com/:
From https://bitcoinica.com/:
Quote
As promised we are providing further details surrounding the recent security attack on Bitcoinica.
The hacker was successful able to access an email server. This gave the attacker access to [email protected] which in turn allowed them to reset passwords with our hosting provider, Rackspace. From there, they were able to change root passwords, steal the private keys of our hosted bitcoin wallet, and compromise our online database.
In the past, Bitcoinica has been victim to the poor security practices of an irresponsible hosting provider. In this case, the fault was entirely ours. Specifically, here's how things went wrong:
1) We had too many bitcoins in our online wallet.
In light of past experiences you might say this is inexcusable. You would be right. Our practice was to keep online balances to a minimal amount by periodic transfer to offline storage. However, this was a manual process and the online balance could grow quickly and unpredictably from user deposits. We should have had an automatic process or an alert system to prevent the online wallet from growing too large. Indeed, that was planned, but it didn't happen soon enough.
2) Access control and server security did not get the proper attention
Since administrative email accounts can receive password reset links from Rackspace, the administrative contact should have been a secure email address, it was not. Access to this email account should have been limited to administrative personnel.
3) We did not retain needed expertise fast enough
As many of you know, Bitcoinica began as a small project by a solo founder. The advanced trading experience that Bitcoinica brought to the world would not have been possible without Zhou Tong's brave innovation. In light of rapid growth, it was prudent to bring in a larger team with diverse technical specialties, including security. This occurred officially last month when the Bitcoinica Consultancy team stepped in as managers and operators of the business. A transition period ensued. A new platform was conceived which would strengthen Bitcoinica in the long term but took focus away from the present system in the short term. The recent security breach was not beyond our team's skills to prevent. We know better. But we did not address relevant issues as quickly as was needed.
So, what are we going to do about it?
We are choosing to leave Bitcoinica offline until such time as a new platform can be built and tested with security best-practices built-in from scratch. We do not yet have a firm estimate for availability but it will most probably be measured in months.
We will set up a process in the short term for users to withdraw their funds. Further details will be provided once we determine the best approach.
We thank you in advance for your patience. And we humbly apologize for this incident.
The hacker was successful able to access an email server. This gave the attacker access to [email protected] which in turn allowed them to reset passwords with our hosting provider, Rackspace. From there, they were able to change root passwords, steal the private keys of our hosted bitcoin wallet, and compromise our online database.
In the past, Bitcoinica has been victim to the poor security practices of an irresponsible hosting provider. In this case, the fault was entirely ours. Specifically, here's how things went wrong:
1) We had too many bitcoins in our online wallet.
In light of past experiences you might say this is inexcusable. You would be right. Our practice was to keep online balances to a minimal amount by periodic transfer to offline storage. However, this was a manual process and the online balance could grow quickly and unpredictably from user deposits. We should have had an automatic process or an alert system to prevent the online wallet from growing too large. Indeed, that was planned, but it didn't happen soon enough.
2) Access control and server security did not get the proper attention
Since administrative email accounts can receive password reset links from Rackspace, the administrative contact should have been a secure email address, it was not. Access to this email account should have been limited to administrative personnel.
3) We did not retain needed expertise fast enough
As many of you know, Bitcoinica began as a small project by a solo founder. The advanced trading experience that Bitcoinica brought to the world would not have been possible without Zhou Tong's brave innovation. In light of rapid growth, it was prudent to bring in a larger team with diverse technical specialties, including security. This occurred officially last month when the Bitcoinica Consultancy team stepped in as managers and operators of the business. A transition period ensued. A new platform was conceived which would strengthen Bitcoinica in the long term but took focus away from the present system in the short term. The recent security breach was not beyond our team's skills to prevent. We know better. But we did not address relevant issues as quickly as was needed.
So, what are we going to do about it?
We are choosing to leave Bitcoinica offline until such time as a new platform can be built and tested with security best-practices built-in from scratch. We do not yet have a firm estimate for availability but it will most probably be measured in months.
We will set up a process in the short term for users to withdraw their funds. Further details will be provided once we determine the best approach.
We thank you in advance for your patience. And we humbly apologize for this incident.
Bitconica has been refrenced in about 1 out of every 10 or so posts I've read. Can anyone give me a quick (or long) summary as to what happened? Can anyone explain this whole hack?
thanks
-albertdemorcerf
thanks
-albertdemorcerf
May I suggest reading a couple of the threads to get your hours in. Not being an ass, but...
~Bruno~
Bitconica has been refrenced in about 1 out of every 10 or so posts I've read. Can anyone give me a quick (or long) summary as to what happened? Can anyone explain this whole hack?
thanks
-albertdemorcerf
thanks
-albertdemorcerf
Jump to: