BitStamp - hacked and down - page 5.

ioxoi

hero member

Activity: 608

Merit: 500

Quote from: resya on January 07, 2015, 05:31:34 PM

But if they recover, I think all people will have more trust like before

No, this case only demonstrates, that bitstamp don't have a correct protection, detection and auditing measures, after a mail to ALL their customers a few hours after, they close the service and the hacker continues cleaning the bitstamps wallets and bitstamp without transfer their founds to a secure wallet for more of 1 day.

no, no, bad security is very, very expensive.

akustik

sr. member

Activity: 350

Merit: 250

i dont see any good news about bitstamp
it s going to be scam
i hope i am wrong but it look like mygox..

CoinCidental

legendary

Activity: 1316

Merit: 1000

Si vis pacem, para bellum

Quote from: oldtimegin on January 08, 2015, 04:58:42 AM

Quote from: CoinCidental on January 08, 2015, 04:55:23 AM

its possible that this hack has been planned over several months ...........its very possible the hacker registered using a stolen identity or fake passport etc

Agree with this, but that still does not mean he would withdraw fiat as you need to withdraw to an account in the same name of the ID you have sent to Bitstamp.

in eastern european countries the banking laws are very lax compared with usa or uk and corruption is rife etc
you could probably open an account with a fake ukranian or bulgarian driving licence etc

these are available to criminals fairly easily ,even on silk rd but i think its unlikely the hacker will convert to fiat anytime soon
and when he does it will be in small chunks because nobodys going to walk into a bank and withdraw 5 million in cash for btc
he just stolen

oldtimegin

member

Activity: 123

Merit: 16

Quote from: CoinCidental on January 08, 2015, 04:55:23 AM

its possible that this hack has been planned over several months ...........its very possible the hacker registered using a stolen identity or fake passport etc

Agree with this, but that still does not mean he would withdraw fiat as you need to withdraw to an account in the same name of the ID you have sent to Bitstamp.

CoinCidental

legendary

Activity: 1316

Merit: 1000

Si vis pacem, para bellum

Quote from: oldtimegin on January 08, 2015, 04:43:54 AM

Hey crazy rabbit you have been around for a long time, why do you always come into threads like this being so incredible naive?

Here is a post from you from February:

Quote from: crazy_rabbit on January 08, 2015, 03:19:59 AM

Oh really? Maybe it's more of a strong indication that they have reason to worry the hacker might have been in the system earlier than they think, already sold bitcoins and was hoping to withdraw FIAT before being caught.

You must never have tried withdrawing from Bitstamp or you would know their KYC/AML routines are very strict. Do you really think a hacker who is sitting on 5m in Bitcoin would give up his identity to withdraw a little bit of fiat?

its possible that this hack has been planned over several months ...........its very possible the hacker registered using a stolen identity or fake passport etc

5 million is a lot of money so this attack might have been well planned

its also possible the loses are even bigger than stated (more than they can repay etc ) and theyre wondering WTF to do about it

oldtimegin

member

Activity: 123

Merit: 16

Hey crazy rabbit you have been around for a long time, why do you always come into threads like this being so incredible naive?

Here is a post from you from February:

Quote from: crazy_rabbit on January 08, 2015, 03:19:59 AM

Oh really? Maybe it's more of a strong indication that they have reason to worry the hacker might have been in the system earlier than they think, already sold bitcoins and was hoping to withdraw FIAT before being caught.

You must never have tried withdrawing from Bitstamp or you would know their KYC/AML routines are very strict. Do you really think a hacker who is sitting on 5m in Bitcoin would give up his identity to withdraw a little bit of fiat?

crazy_rabbit

legendary

Activity: 1204

Merit: 1002

RUM AND CARROTS: A PIRATE LIFE FOR ME

Quote from: Nagle on January 07, 2015, 09:49:48 PM

Quote from: Nagle on January 07, 2015, 05:35:51 PM

Quote from: SirChiko on January 07, 2015, 03:57:46 PM

Quote from: Nagle on January 07, 2015, 03:13:38 PM

Quote from: testerman on January 07, 2015, 08:16:05 AM

https://www.cryptocoinsnews.com/bitstamp-resume-operations-next-24-hours/

it will be full operational in 6 hours.

7 hours later, didn't happen.

I believe it will be up soon

9 hours later, didn't happen.

13 hours later, didn't happen.

Their page now has only vague comments about their timetable: "We appreciate customers’ patience during this disruption of services. We are working to transfer a secure backup of the Bitstamp site onto a new safe environment and will be bringing this online in the coming days."

The key point here is that they are not processing withdrawals. They're not even talking about processing withdrawals. They're supposedly focusing on getting their trading platform back up, as if that matters to their depositors. Whenever a financial service has trouble processing withdrawals, that is a big red flag. This is exactly the sort of thing Mt. Gox pulled. There was always some excuse from Mt. Gox. Too many people let them get away with it. Mt. Gox stopped withdrawals in June of 2013, despite any contractual right to do so. That was when it was time to begin applying legal pressure. But Bitcoin suckers hung on all the way to the bankruptcy at the end of February 2014, eight months later.

As I wrote previously, if you're in the UK, send them a statutory demand for payment of a debt to start the 21-day clock. Do it now. That puts heavy pressure on them to start withdrawals.

But if you're right- and the house of cards has already collapsed from within- then they would declare bankrupcy anyway and your demand for payment is worthless. If your wrong, and they are fine and just being extra diligent about making sure all is okay before restarting service, then you're impatient and will earn their ire. All we can do is wait- so far they have given us no reason to not trust them. But of course, "walk softly and call your lawyers". :-)

crazy_rabbit

legendary

Activity: 1204

Merit: 1002

RUM AND CARROTS: A PIRATE LIFE FOR ME

Quote from: Nagle on January 07, 2015, 11:53:08 PM

Quote from: R2Pleasent on January 07, 2015, 10:24:07 PM

I initiated a Withdrawal via bank 04/01/2015. They claim to have trouble with their Bitcoin systems, but that does not excuse them from sending my bank wire. Cool story about your exchange Bitstamp, but you can still process my wire.

That's an even bigger red flag. That's a strong indication of them not having funds.

Oh really? Maybe it's more of a strong indication that they have reason to worry the hacker might have been in the system earlier than they think, already sold bitcoins and was hoping to withdraw FIAT before being caught.

Not to mention the lawsuit that would have come from bitcoin holders suing the company for allowing Fiat holders to remove money from a system before they had 100% secured it and done a forensic analysis. Not to mention give a copy all the data to the investigating authorities.

smoothie

legendary

Activity: 2492

Merit: 1473

LEALANA Bitcoin Grim Reaper

Quote from: Nagle on January 07, 2015, 11:53:08 PM

Quote from: R2Pleasent on January 07, 2015, 10:24:07 PM

I initiated a Withdrawal via bank 04/01/2015. They claim to have trouble with their Bitcoin systems, but that does not excuse them from sending my bank wire. Cool story about your exchange Bitstamp, but you can still process my wire.

That's an even bigger red flag. That's a strong indication of them not having funds.

So they officially shut down their site (trading etc) on the 5th from their first post on their main page.

So if a wire was initiated and confirmed prior to that...I can't see why it would be delayed in any way.

There is no good reason I can think of as the initiation of withdraw happened before they noticed they were hacked and shut down functionality of their site.

Tsk tsk tsk

Nagle

legendary

Activity: 1204

Merit: 1002

Quote from: R2Pleasent on January 07, 2015, 10:24:07 PM

I initiated a Withdrawal via bank 04/01/2015. They claim to have trouble with their Bitcoin systems, but that does not excuse them from sending my bank wire. Cool story about your exchange Bitstamp, but you can still process my wire.

That's an even bigger red flag. That's a strong indication of them not having funds.

mayax

legendary

Activity: 1470

Merit: 1004

Quote from: onemorebtc on January 07, 2015, 08:40:28 PM

Quote from: mayax on January 07, 2015, 06:48:45 PM

The first case is impossible. Nobody can make a platform in a week.

it is possible to write a btc exchange in one week. but i wouldnt use it because its untested and full of bugs.

but:
they dont need to develop a new design,
internal fiat deposit processes and apis are ready
i guess the matching engine is on a dedicated backendserver and dont need a change (at least i would design it that way; not sure about others)

i think it is impossible to detect the hacking problem. there are a lot of functions and you must verify them ALL including the APIs.
it should take 2-3 weeks at least if they don't want to be backed again.
Imagine their programmer must read all the code and to realize if the problem is from server or from their platform.

not easy at all....

mayax

legendary

Activity: 1470

Merit: 1004

Quote from: R2Pleasent on January 07, 2015, 10:24:07 PM

I initiated a Withdrawal via bank 04/01/2015. They claim to have trouble with their Bitcoin systems, but that does not excuse them from sending my bank wire. Cool story about your exchange Bitstamp, but you can still process my wire.

contact their bank. they have millions in their account. you must receive the wire.

R2Pleasent

full member

Activity: 139

Merit: 100

Owner@ CryptoFundingTracker.com

I initiated a Withdrawal via bank 04/01/2015. They claim to have trouble with their Bitcoin systems, but that does not excuse them from sending my bank wire. Cool story about your exchange Bitstamp, but you can still process my wire.

Nagle

legendary

Activity: 1204

Merit: 1002

Quote from: Nagle on January 07, 2015, 05:35:51 PM

Quote from: SirChiko on January 07, 2015, 03:57:46 PM

Quote from: Nagle on January 07, 2015, 03:13:38 PM

Quote from: testerman on January 07, 2015, 08:16:05 AM

https://www.cryptocoinsnews.com/bitstamp-resume-operations-next-24-hours/

it will be full operational in 6 hours.

7 hours later, didn't happen.

I believe it will be up soon

9 hours later, didn't happen.

13 hours later, didn't happen.

Their page now has only vague comments about their timetable: "We appreciate customers’ patience during this disruption of services. We are working to transfer a secure backup of the Bitstamp site onto a new safe environment and will be bringing this online in the coming days."

The key point here is that they are not processing withdrawals. They're not even talking about processing withdrawals. They're supposedly focusing on getting their trading platform back up, as if that matters to their depositors. Whenever a financial service has trouble processing withdrawals, that is a big red flag. This is exactly the sort of thing Mt. Gox pulled. There was always some excuse from Mt. Gox. Too many people let them get away with it. Mt. Gox stopped withdrawals in June of 2013, despite any contractual right to do so. That was when it was time to begin applying legal pressure. But Bitcoin suckers hung on all the way to the bankruptcy at the end of February 2014, eight months later.

As I wrote previously, if you're in the UK, send them a statutory demand for payment of a debt to start the 21-day clock. Do it now. That puts heavy pressure on them to start withdrawals.

onemorebtc

sr. member

Activity: 266

Merit: 250

Quote from: mayax on January 07, 2015, 06:48:45 PM

The first case is impossible. Nobody can make a platform in a week.

it is possible to write a btc exchange in one week. but i wouldnt use it because its untested and full of bugs.

but:
they dont need to develop a new design,
internal fiat deposit processes and apis are ready
i guess the matching engine is on a dedicated backendserver and dont need a change (at least i would design it that way; not sure about others)

mayax

legendary

Activity: 1470

Merit: 1004

Quote from: Pustul on January 07, 2015, 06:05:58 PM

They changed the temporary website design, that's something Grin

I really hope they are not buying time Undecided

This is from nejc kodric's tweeter

Nejc Kodrič ‏@nejc_kodric 9h9 hours ago
We are fully rebuilding our systems from the ground up so that customers can use @Bitstamp with full confidence and trust.
-------

Nejc Kodrič ‏@nejc_kodric 8h8 hours ago
To clarify, we are still working to resume full services in the coming days. I don't have an exact time estimate to share yet.

-------
My earlier tweet of 48 hours was a rough timeframe. We are testing our redeployed system internally before going live again to customers.

-------
Nejc Kodrič ‏@nejc_kodric 7h7 hours ago
We will keep you posted on twitter and the website when we have a more exact ETA.

--------

So, do they rebuilt the whole platform or do they only change the server?

The first case is impossible. Nobody can make a platform in a week.

The second case: how do they fix the bug so fast? 3-4 days is a very short time to discover and to fix a bug in a such platform.
They have to discover,fix and change the server which must be configured.

mayax

legendary

Activity: 1470

Merit: 1004