Finally, they are moving the coins from the hack address, splitting them.
11k coins moved away since this morning, 7,7k coins left
https://blockchain.info/es/address/1L2JsXHPMYuAa9ugvHGLwkdstCPUDemNCf
Topic: bitstamp 18,000 bitcoins stolen? -confirmed - page 2. (Read 15061 times)
Their volume was much bigger. http://www.bitcoincharts.com/markets/bitstampUSD_trades.html
Looks like I had my numbers wrong. Thanks for pointing that out.at 0.3% average fees, they got over $7M of fees in a year.
Bitstamp's also a ripple gateway, so it also makes money selling ripples (XRP), and through trades and withdrawals from ripple's distributed exchange. I don't know how much they make from ripple, but it takes your total over $7M a year.
And still a bit more I didn't include: deposit and withdrawal fees.
But again, they pay for servers, employees, electicity, taxes, etc.
Their volume was much bigger. http://www.bitcoincharts.com/markets/bitstampUSD_trades.html
Looks like I had my numbers wrong. Thanks for pointing that out.at 0.3% average fees, they got over $7M of fees in a year.
Bitstamp's also a ripple gateway, so it also makes money selling ripples (XRP), and through trades and withdrawals from ripple's distributed exchange. I don't know how much they make from ripple, but it takes your total over $7M a year.
I think from Bitstamp, yes. They were not on the list in 2013. They also invested 700k in http://newsbtc.com/2014/06/20/bitstamp-founders-invest-700k-worth-bitcoin-slovenian-start-cubesensors/. Maybe some more, I don't know.
This numbers are from finance journalists (from official data and journalistic research - tax havens, anonymous accounts ..). People usually do not dispute this numbers, so they are quite reliable. But I guess they didn't check bitcoin wallets, so there must be even more.
This numbers are from finance journalists (from official data and journalistic research - tax havens, anonymous accounts ..). People usually do not dispute this numbers, so they are quite reliable. But I guess they didn't check bitcoin wallets, so there must be even more.
Their volume was much bigger. http://www.bitcoincharts.com/markets/bitstampUSD_trades.html
I guess they didn't spend much (didn't see any improvements or anything new). So I think they have a big reserve in coins and $. The problem can be future volume - will people still trade there. I think everything will be OK, but they might lose some customers.
PS.: They each own for 23 mil€ (43. and 44. on chart) http://www.siol.net/novice/gospodarstvo/2014/11/lestvica_najbogatejsih_slovencev.aspx
I guess they didn't spend much (didn't see any improvements or anything new). So I think they have a big reserve in coins and $. The problem can be future volume - will people still trade there. I think everything will be OK, but they might lose some customers.
PS.: They each own for 23 mil€ (43. and 44. on chart) http://www.siol.net/novice/gospodarstvo/2014/11/lestvica_najbogatejsih_slovencev.aspx
wow, they got THAT rich via bitstamp ??
if really "only" 5 mio got stolen, this is peanuts. thanks for that, made my day. i will crosspost this.
the owners are millionaires. they are some kind of stars of the slovenian (IT) economy and have won shiny international awards for their company. concerning reputation, much is at stake for them. how much of their wealth would they sacrifice of get out of this mess without becoming karpeles like persona non gratas for the rest of their lives? all of it ? maybe not ... half of their stash? well, i would speculate they'd do that.
if they get this solved they'd be heroes for many people.
It is not 20 or 50 mio, so my bet is that there is good motivation for them to do everything to get it fixed properly. this is pure speculation, i know, but hey...
edit: i have coins there so maybe hope is influencing my judgement
if they get this solved they'd be heroes for many people.
It is not 20 or 50 mio, so my bet is that there is good motivation for them to do everything to get it fixed properly. this is pure speculation, i know, but hey...
edit: i have coins there so maybe hope is influencing my judgement
Usually, it doesn't work that way.
There's a difference between personal wealth and corporate wealth. Fortunately, would I add...
But I take that argument: Since they are so rich (but then, why asking for VC to invest in Bitstamp? I don't understand the need. But that's another story...), they may want to save their company.
Their volume was much bigger. http://www.bitcoincharts.com/markets/bitstampUSD_trades.html
Looks like I had my numbers wrong. Thanks for pointing that out.at 0.3% average fees, they got over $7M of fees in a year.
Quote
I guess they didn't spend much (didn't see any improvements or anything new).
That, you don't know.There are plenty of improvement that are not immediately visible.
Dare I say: Security improvements (!), data centers, procédures, documentation, regulatory compliance, development, partnerships negociations, etc.
Quote
will people still trade there.
Yep, that's the big risk.But, looking back at BTer, they finally got out of the storm OK, volume globally maintained.
First transaction (3100btc) on this address was 2015-01-04 02:26:20 (CET)... I doubt bitstamp wouldn't notice this already yesterday and closed down
I submitted withdrawal request on my account between 4:00 and 5:00 (GMT) that was never processed. I think they started blocking withdrawals fairly soon after. They only announced that (via the email) >24h later though. Of course they could not block the thief's withdrawals as he somehow has the private keys.
Their volume was much bigger. http://www.bitcoincharts.com/markets/bitstampUSD_trades.html
I guess they didn't spend much (didn't see any improvements or anything new). So I think they have a big reserve in coins and $. The problem can be future volume - will people still trade there. I think everything will be OK, but they might lose some customers.
PS.: They each own for 23 mil€ (43. and 44. on chart) http://www.siol.net/novice/gospodarstvo/2014/11/lestvica_najbogatejsih_slovencev.aspx
I guess they didn't spend much (didn't see any improvements or anything new). So I think they have a big reserve in coins and $. The problem can be future volume - will people still trade there. I think everything will be OK, but they might lose some customers.
PS.: They each own for 23 mil€ (43. and 44. on chart) http://www.siol.net/novice/gospodarstvo/2014/11/lestvica_najbogatejsih_slovencev.aspx
Smells like fractional reserves...
Bitstamp was audited by Mike Hearn, a Bitcoin dev back in May 2014. He said that everything seemed OK and all the funds were fully backed in their cold storage wallets. This was just 8 months ago and I'd be surprised if the situation has changed since then.
Yeah, well... This was before the hack, huh...
Now, there are not a million options here:
1. Bitstamp pays $5M with the fees they charged. That's tough, because they had about $1.5M worth of trading each day. At a 0.3% average, that gives $4500 per day. It would take them 1111 days of such fees to pay for those $5M, running costs non accounted for. Impossible.
2. They get $5M from their insurance. I've been working with insurers for such matters myself. Can't find one that would do that, so I'd bet they weren't insured for such a hack.
3. They get $5M from investors. That's tricky. New investors won't be stepping into this mess, so that leaves the previous VC that brought $10M. But this money was probably spent. If not, why bringing it in in the first place? Maybe they'd add $5M to protect the $10M they invested prior to the hack, but that's a dangerous move. Not impossible, but doubtful...
4. They run on fractional reserves. Easy, as long as 88% of the funds remain there.
On which option would you bet?
the owners are millionaires. they are some kind of stars of the slovenian (IT) economy and have won shiny international awards for their company. concerning reputation, much is at stake for them. how much of their wealth would they sacrifice of get out of this mess without becoming karpeles like persona non gratas for the rest of their lives? all of it ? maybe not ... half of their stash? well, i would speculate they'd do that.
if they get this solved they'd be heroes for many people.
It is not 20 or 50 mio, so my bet is that there is good motivation for them to do everything to get it fixed properly. this is pure speculation, i know, but hey...
edit: i have coins there so maybe hope is influencing my judgement
would bitstamp be relaunched in 24h~48h?
https://twitter.com/nejc_kodric/status/552615256452001792
How shall them deal with this loss? BTC18,000
https://twitter.com/nejc_kodric/status/552615256452001792
How shall them deal with this loss? BTC18,000
Smells like fractional reserves...
Bitstamp was audited by Mike Hearn, a Bitcoin dev back in May 2014. He said that everything seemed OK and all the funds were fully backed in their cold storage wallets. This was just 8 months ago and I'd be surprised if the situation has changed since then.
Yeah, well... This was before the hack, huh...
Now, there are not a million options here:
1. Bitstamp pays $5M with the fees they charged. That's tough, because they had about $1.5M worth of trading each day. At a 0.3% average, that gives $4500 per day. It would take them 1111 days of such fees to pay for those $5M, running costs non accounted for. Impossible.
2. They get $5M from their insurance. I've been working with insurers for such matters myself. Can't find one that would do that, so I'd bet they weren't insured for such a hack.
3. They get $5M from investors. That's tricky. New investors won't be stepping into this mess, so that leaves the previous VC that brought $10M. But this money was probably spent. If not, why bringing it in in the first place? Maybe they'd add $5M to protect the $10M they invested prior to the hack, but that's a dangerous move. Not impossible, but doubtful...
4. They run on fractional reserves. Easy, as long as 88% of the funds remain there.
On which option would you bet?
Thanks, I was looking on the website which is only showing the statement from last night. If they simultaneously put their tweets on the website it might calm a few nerves faster.
So 24 - 48 hours to go.
https://twitter.com/nejc_kodric/status/552615256452001792
https://twitter.com/nejc_kodric/status/552615256452001792
so they are actually running forensics, good, about time some exchange hacker left a footprint and got caught, maybe will cool other young heads a little.
Apparently they say they will resume operations in the next 24 hours:
https://www.cryptocoinsnews.com/bitstamp-resume-operations-next-24-hours/
https://www.cryptocoinsnews.com/bitstamp-resume-operations-next-24-hours/
That webpage refers to a translation of this link as it's source.
http://www.rtvslo.si/gospodarstvo/bitstampu-hekerji-ukradli-za-stiri-milijone-evrov-bitcoinov-borza-zacasno-zaprta/355142
Chrome could not directly translate that webpage, so I ran the text directly through Google translate. This is the result.
Bitstampu hackers stole four million euros bitcoins , exchange temporarily closed
The coins are stored on servers that are not connected to the Internet
January 6th, 2015 at 10:25 ,
The last intervention : January 6, 2015 at 11:14
Kranj - Reuters / STA
Slovenian Stock Exchange of coins bit Bitstamp remains closed - to hackers would steal from its servers bit about 19,000 coins ( € 4.3 million ) .
" Bitstamp remains liquid, more because of the investigation itself difficult to tell , " said co-founder Exchange Damijan Merlak , adding that the site stopped , " because it is the continuation of the operation of the servers erase important tracks" . " Currently in San Francisco with experts put a duplicate of the entire infrastructure, which is expected to be regulated in the next 24 hours . Then we can restore service " for clarification Merlak .
The stock market has asserted that " more than enough reserves " to cover the lost coin bit . Hackers should be taken away only " small proportion " bit of coins - Stock Exchange of Bitcoin is precisely because such cases the majority bit of coins stored on computers that are not connected to the Internet .
As they wrote on the website , you should restore the functioning of the stock exchange within a few days of the invasion have already informed the competent authorities .
Based in Kranj , now works in London
Bitstamp was created in Kranj in 2011 , and then as the founder Nejc Kodrič and Damijan Merlak headquarters moved to London . After the collapse of the Japanese stock exchange Mt Gox at the beginning of last year, Bitstamp some time held the position of largest stock exchange in the world in the last month with a market share of around šestodstotnim occupied third place.
Bit coins peaked in December predlani when the value of one bit of the coin rose to more than 1100 dollars. This was followed by a sharp decline and collapse of some of the exchanges, including even the largest stock exchange Mt Gox , in April last year declared the course. Today, it is a bit coin worth about 270 dollars.
Digital currency in spite of difficulties starting to take off . Payments to accept all coins bit more established companies - in mid-December the payment of Bitcoin allow US technology giant Microsoft , online encyclopedia Wikipedia but donations bit accepts coins since August last year.
T. K. B.
Apparently they say they will resume operations in the next 24 hours:
https://www.cryptocoinsnews.com/bitstamp-resume-operations-next-24-hours/
https://www.cryptocoinsnews.com/bitstamp-resume-operations-next-24-hours/
I dont think that the police can help at all. They simply have no experience dealing with cryptocurrencies with the exception of a few people in the DEA and FBI.
Maybe not directly with cryptocurrency but if this is a result of a serverhack there is some real expertise nowadays. We need to consider those BTC lost but there is real experience with internet crime.
from the sounds of what the ceo was saying these guys security was seriously lacking.
these guys probably were not even close to PCI compliant. (they probably dont have to be by law but they should strive for it anyways)
if they were then they wouldnt need to move their servers to.... "a more secure server space" -bitstram CEO
these guys have not been taking security seriously.
m
from the sound of what the ceo said that they are moving the bitstamp environment to a more secure server location means that the physical servers were not so secured.
where do they keep their physical servers ?? in their moms basement ?? seems like bitstamp should at least be PCI compliant which means their servers need to be physically secured.
when they do an 'audit' then they need to do a security audit. if their stuff is not secure then they should not be in the business. hiring the engineer is expensive but cheaper than losing 5M a year.
from what i have read it sounds like someone walked in to their datacenter (or moms basement) and stuck a flash drive into the server and walked away with the wallet.dat file.
i not saying that is what happened but gathering what the ceo said and what i have read it sounds like maybe that what happened. whatever the case is they did not have sufficient security.
from the sound of what the ceo said that they are moving the bitstamp environment to a more secure server location means that the physical servers were not so secured.
where do they keep their physical servers ?? in their moms basement ?? seems like bitstamp should at least be PCI compliant which means their servers need to be physically secured.
when they do an 'audit' then they need to do a security audit. if their stuff is not secure then they should not be in the business. hiring the engineer is expensive but cheaper than losing 5M a year.
from what i have read it sounds like someone walked in to their datacenter (or moms basement) and stuck a flash drive into the server and walked away with the wallet.dat file.
i not saying that is what happened but gathering what the ceo said and what i have read it sounds like maybe that what happened. whatever the case is they did not have sufficient security.
and what to do if the engineer or auditor cannot resist £5m?
if someone walked into their datacenter and used a flashdrive, then they are probably in a police cell as we speak. unfortunately the law in the uk takes a long time, which doesn't bode well for a quick resolution.
well that is why we only have one engineer and we keep everything in house rather than in someone elses "cloud" .
if you have your stuff in someone elses 'cloud' then you have a security weakness right there.
if you have a 5M file then that datacenter should have guards behind plexi glass, metal detectors, revolving doors, badge swipes, and video surveillance.
if your running a fly by night operation then you got your stuff in moms basement or in someone's cloud who promised your stuff was secure.
if these guys had their physical servers secured then no one could walk in and insert a flash drive and take their stuff.
of course if your security is too good then nothing could happen to the bitcoins. i mean its not their fault they were hacked right ??
They do have expertise with Internet crime you are right however I am betting that whoever was sophisticated enough to perform this hack would be sophisticated enough to cover their tracks ex: TOR, VPN, etc.
If this was perpetrated by an individual gaining physical access to their server(s) then its likely that it could result in a fruitful investigation. Access to most data centers is logged and monitored. I cannot see VC investing 10 mil without performing due dilligence which would at the very least uncover sub-standard hosting practices.
Maybe not directly with cryptocurrency but if this is a result of a serverhack there is some real expertise nowadays. We need to consider those BTC lost but there is real experience with internet crime.
If this was perpetrated by an individual gaining physical access to their server(s) then its likely that it could result in a fruitful investigation. Access to most data centers is logged and monitored. I cannot see VC investing 10 mil without performing due dilligence which would at the very least uncover sub-standard hosting practices.
I dont think that the police can help at all. They simply have no experience dealing with cryptocurrencies with the exception of a few people in the DEA and FBI.
Maybe not directly with cryptocurrency but if this is a result of a serverhack there is some real expertise nowadays. We need to consider those BTC lost but there is real experience with internet crime.
I dont think that the police can help at all. They simply have no experience dealing with cryptocurrencies with the exception of a few people in the DEA and FBI.
Maybe not directly with cryptocurrency but if this is a result of a serverhack there is some real expertise nowadays. We need to consider those BTC lost but there is real experience with internet crime.
Jump to: