[Bitfinex Hacked] So , learned the lesson ? - page 13.

mayax

legendary

Activity: 1470

Merit: 1004

Quote from: BestWebCreator on August 03, 2016, 04:26:53 AM

Quote from: Betwrong on August 03, 2016, 04:21:34 AM

Quote from: OmegaStarScream on August 03, 2016, 02:24:59 AM

Once again , Bitfinex has been hacked and I just want to ask you people , have you learned the lesson yet ? I assume not otherwise you wouldn't keep your funds in an exchange (I'm not speaking with those who kept their bitcoin for short period of time , those accidents happens but I'm mostly speaking for those who had their bitcoins laying there for weeks/months)

I'm not trying to be rude or anything but for the last time , please ... please ! Just withdraw your funds from exchanges . I'm not sure what you got to lose here , this procedure will only secure your coins and make you safer.

I'm very sorry if anyone lost their money and I'm sure hackers will not be happy with what they have stolen. Yes, if you have more than 20 USD in an exchange or anywhere else it's better to withdraw the money to your wallet and don't leave them for hackers to steel.

That's been said, I think Bitfinex, or any other site which was hacked, should return all the money to the users who lost them because it was their responsibility to prevent the hacking.

Lol, an unlicensed exchange will not be able to ask for help since the whole site was not legal.
Forget about getting money back, look at mt gox and cryptsy...

great point! i said the same since months ago. how can someone use an unlicensed exchanger in order to store/trade a lot of cash? they deserve their faith now.

https://bitcointalksearch.org/topic/m.15793815

BestWebCreator

hero member

Activity: 675

Merit: 513

:)

Quote from: Betwrong on August 03, 2016, 04:21:34 AM

Quote from: OmegaStarScream on August 03, 2016, 02:24:59 AM

Once again , Bitfinex has been hacked and I just want to ask you people , have you learned the lesson yet ? I assume not otherwise you wouldn't keep your funds in an exchange (I'm not speaking with those who kept their bitcoin for short period of time , those accidents happens but I'm mostly speaking for those who had their bitcoins laying there for weeks/months)

I'm not trying to be rude or anything but for the last time , please ... please ! Just withdraw your funds from exchanges . I'm not sure what you got to lose here , this procedure will only secure your coins and make you safer.

I'm very sorry if anyone lost their money and I'm sure hackers will not be happy with what they have stolen. Yes, if you have more than 20 USD in an exchange or anywhere else it's better to withdraw the money to your wallet and don't leave them for hackers to steel.

That's been said, I think Bitfinex, or any other site which was hacked, should return all the money to the users who lost them because it was their responsibility to prevent the hacking.

Lol, an unlicensed exchange will not be able to ask for help since the whole site was not legal.
Forget about getting money back, look at mt gox and cryptsy...

OmegaStarScream

staff

Activity: 3500

Merit: 6152

Quote from: severaldetails on August 03, 2016, 03:22:52 AM

Might be a stupid question:
Would it bring more safety if withdrawls on exchanges would be only possible to addresses the user gives his ok to in advance?
Maybe one when he registers, and others only after a certain time period? Let's say a week after the address is applyed at an exchange?

Well , I assume the hacker got his hands on the private key of the main wallet that Bitfinex use ? I don't think he hacked multiple user accounts otherwise that would be a good suggestion I guess but once again ... people will lose control over those addresses and that could be another problem.

Betwrong

legendary

Activity: 3514

Merit: 2246

🌀 Cosmic Casino

Quote from: OmegaStarScream on August 03, 2016, 02:24:59 AM

Once again , Bitfinex has been hacked and I just want to ask you people , have you learned the lesson yet ? I assume not otherwise you wouldn't keep your funds in an exchange (I'm not speaking with those who kept their bitcoin for short period of time , those accidents happens but I'm mostly speaking for those who had their bitcoins laying there for weeks/months)

I'm not trying to be rude or anything but for the last time , please ... please ! Just withdraw your funds from exchanges . I'm not sure what you got to lose here , this procedure will only secure your coins and make you safer.

I'm very sorry if anyone lost their money and I'm sure hackers will not be happy with what they have stolen. Yes, if you have more than 20 USD in an exchange or anywhere else it's better to withdraw the money to your wallet and don't leave them for hackers to steel.

That's been said, I think Bitfinex, or any other site which was hacked, should return all the money to the users who lost them because it was their responsibility to prevent the hacking.

nydiacaskey01

legendary

Activity: 1834

Merit: 1036

Quote from: Watercooler on August 03, 2016, 04:13:24 AM

After MtGox, Mintpal, Cryptsy and now Bitfinex, people should learn to not use exchanges as
your Bitcoin / altcoin wallet. Store coins you don't use for daily trading in you own wallet, preferably
in an offline wallet ( hardware or paper ).

They cant help it, traders need to store some amount of Bitcoins in their wallets in exchangers so if there's an opportunity they can buy or sell immediately. Traders may lose their opportunity because of transferring in and out of your exchange wallets and there maybe some fees to be deducted if its being transferred out.

Watercooler

sr. member

Activity: 334

Merit: 250

After MtGox, Mintpal, Cryptsy and now Bitfinex, people should learn to not use exchanges as
your Bitcoin / altcoin wallet. Store coins you don't use for daily trading in you own wallet, preferably
in an offline wallet ( hardware or paper ).

ionomy

jr. member

Activity: 66

Merit: 1

It is quite amazing the amount of BTC that was purportedly taken in one foul swoop and there does seem some inconsistencies with the 'security' layers that were 'hacked' into - this should well all come out in the wash in time... Whatever the case, in that the general public to advanced traders - the ripples from this latest loss will spread far and wide; even down to a mining level especially after the recent reward halving, let's hope the smaller guys will get some remittance for the funds lost. I am not forgetting about the bigger fish but they can take blows easier and with less consequence than us mere mortals.

sotisoti

hero member

Activity: 762

Merit: 500

Quote from: Lauda on August 03, 2016, 03:15:21 AM

There was no cold storage layer. Multi-signature can be hacked by compromising the keys which were all apparently stored at the same layer.

https://web.archive.org/web/20160324083244/https://www.bitfinex.com/pages/security

_{Multi-sig Hot wallet
- Provided by BitGo (BitGo FAQ)
- Only holds minimal amounts (~0.5% of customer funds)}

I am a bit confused by their statement: does the hot wallet only hold 0.5% of customer funds? Where are the remaining? (99.5%)

eternalgloom

legendary

Activity: 1792

Merit: 1283

Quote from: Lauda on August 03, 2016, 03:15:21 AM

Quote from: alani123 on August 03, 2016, 02:40:59 AM

Prior to the recent breach, Bitfinex was claiming that they were using secure cold storage and multisig.

They claimed that they had used cold storage? Source?

I've found that claim as well on their website, which can be viewed though Google Cache.
Source: https://webcache.googleusercontent.com/search?q=cache:UvrqjyGeBZYJ:https://www.bitfinex.com/posts/30

But I've also read a couple of articles that claim they were not using any cold storage.

electronicfactura

hero member

Activity: 714

Merit: 500

Last time I left Bitcoins was on mintpal that was lesson for me. I didn't loose much money there but still it was from my pocket. Since then I don't trust any exchange to keep my hard earned money there. I downloaded Bitcoin's desktop wallet and have all my funds in my possession. This was another shocking news when I heard last night about Bitfinex's hacked.

Velkro

legendary

Activity: 2296

Merit: 1014

Quote from: OmegaStarScream on August 03, 2016, 02:24:59 AM

and I just want to ask you people , have you learned the lesson yet ?

Remember that there is a lot of people that sent btc on the day of hack there, to trade.
These are real victims, people which stored bitcoins for many weeks were designated to lost their money anyway sooner or later on this exchange or on another.

truxton

hero member

Activity: 771

Merit: 521

The answer is a decentralised exchange. fortunately it already exists. this will be huge: https://bitcointalk.org/index.php?topic=829576.6140

Barnabe

hero member

Activity: 616

Merit: 503

★Bitvest.io★ Play Plinko or Invest!

Stop spamming with your barely hidden ad message. Less competition means that you will get more customers anyway, you don't need to spam each topic ...

18RATTT

sr. member

Activity: 282

Merit: 250

I would like to urge everyone owning Bitcoin to verify 3 things:

1) Pls check if your bitcoin provider is well reputed, backed by top class investors and has a strong engineering team
2) Ask them how they store your bitcoin - how much is stored in hot wallet vs. cold storage
3) Do they have 2 factor authentication enabled for all accounts?

Regards,
Tiyo from BitX
https://bitx.co

android app: https://play.google.com/store/apps/details?id=co.bitx.android.wallet
ios app: https://itunes.apple.com/id/app/bitx-wallet/id927362479

Lauda

legendary

Activity: 2674

Merit: 3000

Terminated.

Quote from: severaldetails on August 03, 2016, 03:22:52 AM

Would it bring more safety if withdrawls on exchanges would be only possible to addresses the user gives his ok to in advance?

Re-using addresses for such huge amounts ain't a good idea either. Generally, it would be more safe to do that. However, this is a better suggestion and worthy of a new BIP (IMO):

Quote from: Uptrenda on August 03, 2016, 02:46:40 AM

In my view, what's needed is a way to lock coins to a new address type that forces a delayed clearing process for all coins transferred from that address. Transactions could then be revoked by the owner during the clearing phase which would become progressively less likely as the clearing phase progresses. This would be a very simple way to detect fraudulent transactions before its too late, as well as to allow for the creation of cryptographically provable accounting records (with browse-based signing) to be tied to the clearing process for withdrawals.

In English: this would allow an exchange to detect when something doggy was going on with withdrawals without imposing the same limitations of a decentralized exchange (like low liquidity and poor usability.) It would be the best of both worlds which would be great for not only exchanges but all kinds of merchants who are forced to handle Bitcoins directly as part of their business practices.

severaldetails

hero member

Activity: 959

Merit: 500

Might be a stupid question:
Would it bring more safety if withdrawls on exchanges would be only possible to addresses the user gives his ok to in advance?
Maybe one when he registers, and others only after a certain time period? Let's say a week after the address is applyed at an exchange?

Lauda

legendary

Activity: 2674

Merit: 3000

Terminated.

Quote from: alani123 on August 03, 2016, 02:40:59 AM

Prior to the recent breach, Bitfinex was claiming that they were using secure cold storage and multisig.

They claimed that they had used cold storage? Source?

Quote from: ?? on ??

I didn't lose anything any of the attacks against exchanges, Finex or otherwise, but I just wanted to tell you that you're not the sharpest tool in the shed.

Much sharper than the majority of the rusty tools in the Bitcoin ecosystem. I've yet to suffer a singular loss of any scam, hack and whatnot. Even though a decent amount of people keep advising against keeping coin on exchanges, web wallets and whatnot, people still keep at it.

Quote from: ?? on ??

Traders have no choice but to put their trust in an exchange

I couldn't care less about day-traders, and they aren't the people that I was referring to.

Quote from: ?? on ??

Saying that Finex is not at fault here is hilarious, and frankly you should be embarrassed.

I may have incorrectly written my statement. However, as long as you keep blaming the services for hacks (nothing is unhackable), you will keep suffering losses.

Quote from: OmegaStarScream on August 03, 2016, 03:10:23 AM

I don't get this one either , how could use Multi sig + cold storage and still get hacked for millions of dollars ? I will take my chances and say that this is an inside job.

There was no cold storage layer. Multi-signature can be hacked by compromising the keys which were all apparently stored at the same layer.

OmegaStarScream

staff

Activity: 3500

Merit: 6152

Quote from: 7788bitcoin on August 03, 2016, 02:34:07 AM

I guess most people affected are those who earn bitcoin by trading the exchange. Their coins are mostly in the exchanges so that they can trade anytime without waiting for deposit time (1 to 6 confirmations depending on the exchange)- opportunity cost. Besides, they do not need to pay extra for the withdrawal.

Until now no one knows who is the hacker(s)... External or even "internal"?

I have no problem waiting several confirmations personally . If that means that I won't lose my coins. I'm not sure about you but I personally prefer to wait up to 1 hour instead of losing hundreds/thousand or million of dollars.

Quote from: alani123 on August 03, 2016, 02:40:59 AM

Prior to the recent breach, Bitfinex was claiming that they were using secure cold storage and multisig. It's not like users didn't get a warning with Bitfinex's outages, unprofessionalism and previous breaches recently but this false advertising was so over the top.

I don't get this one either , how could use Multi sig + cold storage and still get hacked for millions of dollars ? I will take my chances and say that this is an inside job.

Dobmaster

sr. member

Activity: 464

Merit: 250

I just leave 10% of my coins on the exchanges to do some trading. Maybe I should also withdraw.

20kevin20

legendary

Activity: 1134

Merit: 1599

I never hold my money anywhere else than my wallet or somewhere safe. Any website can be hacked anytime. Who would keep their hundreds of thousands somewhere else than their safe/wallet? No one. Same thing goes with BTC. I guess most of us learned the lesson now, but there still are a few not caring about the money. They won't care until it happens to them too.

Topic: [Bitfinex Hacked] So , learned the lesson ? - page 13. (Read 10601 times)