Pages:
Author

Topic: BREAKING: Atlanta based Bitcoin giant BitPay hacked for nearly $2,000,000! - page 6. (Read 11166 times)

full member
Activity: 138
Merit: 100
More stuff will come.
They should do thorough checking on the email their email before doing suck a thing  Angry
legendary
Activity: 929
Merit: 1000
If Bitpay kept this quiet until now then what else are they keeping quiet about? There might be nothing else dodgy going on behind the scenes, but after this incident it's obvious they will also cover up anything else that's embarrassing. I liked Bitpay for offering a service that lets you pay for things fast with Bitcoin but it will take some time to restore my trust in them. What's the name of their biggest competitor? That will probably get a large chunk of Bitpay's market share now.
legendary
Activity: 3430
Merit: 1142
Ιntergalactic Conciliator
epic fail imo from Bitpay. The bitcoin companies must work much more their security systems. This is silly to lost bitcoin like that.
legendary
Activity: 896
Merit: 1000
not again please, pfff. the market doesn't seem to react to something that is very bad news. 5000btc is a huge load of coins, but not that much to bring the market in danger.
sr. member
Activity: 470
Merit: 250
Try emailing your bank a wire request and see what they do. Email is not secure, they either had a poor internal policy or did follow their existing policy.
Pab
legendary
Activity: 1862
Merit: 1012
 
 Very strange typical pishing attack,guys responsible for BitPay security are doing poor job
Will be ever quiet days in bitcoin space,how btc can grow,always something happen
hero member
Activity: 700
Merit: 500
can't blame the insurer for not wanting to cover for such incompetence (and can't say i've sided with an insurer before).

Because they are not dumber than a bag of rocks, while I don’t like insurers that much either, I really hope that they win this, st*pidity of this magnitude must be punished.

insurer says "we'll insure the security system you have in place on the BTC you hold"
security system gets compromised
insurer says "we meant the security system had to be flawless"


seems legit.


That is an insurance company for you
We will write the policy and as long as you never claim we will not have an issue, but the day you do claim we will see you in court.
Either that or the policy wasn't that old.
legendary
Activity: 3430
Merit: 1142
Ιntergalactic Conciliator
The real problem in Bitcoin ecosystem is that is full with kid companies. You cant lost so much bitcoin like that and after this you claim to be a serious company
hero member
Activity: 899
Merit: 1002
got an email from someone purporting to be with a digital currency publication asking Krohn to comment on a bitcoin industry document.

This is literally the oldest phishing trick in the book, Max Butler did this back in early 2000s when breaking into Capital One he simply wrote fake articles that mentioned the employee by name (or their service) and then asked them to comment on it, they'd land on a page full of XSS to grab credentials.

If Bitpay employees used QubesOS this would have never happened since credentials are stored in separate VMs, so your Work VM for logging into Bitpay admin functions (why they have this admin API in the first place who knows) is separated from the VM that reads your emails and loads links. It's "good enough" separated so none of your client logins can be easily grabbed. Even if they simply ran 2 virtual box VMs, one for public facing communication and one for internal communication/connections as a basic compartmentalization that would have prevented this old attack.

Also, do your admin stuff out-of-band. Write a separate admin app (bonus: the admin app can look shitty, and so is less expensive to maintain) that requires a VPN key connection to access. Avoid special-privilege accounts in your main app.

newbie
Activity: 31
Merit: 0
I bet that hacker worked on bitpay for months before they pulled that off. Everybody thinks that this cant happen to them and the guy is stupid. He not, he just has a bullseye on his back with probably thousands of hackers working on him  from thousands of angles everyday. And somebody finally got through. Live and learn.
legendary
Activity: 1904
Merit: 1037
Trusted Bitcoiner
can't blame the insurer for not wanting to cover for such incompetence (and can't say i've sided with an insurer before).

Because they are not dumber than a bag of rocks, while I don’t like insurers that much either, I really hope that they win this, st*pidity of this magnitude must be punished.

insurer says "we'll insure the security system you have in place on the BTC you hold"
security system gets compromised
insurer says "we meant the security system had to be flawless"


seems legit.
legendary
Activity: 1946
Merit: 1007
can't blame the insurer for not wanting to cover for such incompetence (and can't say i've sided with an insurer before).




Because they are not dumber than a bag of rocks, while I don’t like insurers that much either, I really hope that they win this, st*pidity of this magnitude must be punished.

Indeed. Normally i'm all against their ways of paying out and trying to burn the costumers, but this is just a seriously massive fuck up that should not be rewarded.
hero member
Activity: 2814
Merit: 734
Bitcoin is GOD
can't blame the insurer for not wanting to cover for such incompetence (and can't say i've sided with an insurer before).




Because they are not dumber than a bag of rocks, while I don’t like insurers that much either, I really hope that they win this, st*pidity of this magnitude must be punished.
legendary
Activity: 2506
Merit: 1030
Twitter @realmicroguy
Tony Gallippi and Marcel Roelants of Bitpay.com shared their expertise on RT today. Smiley

https://www.rt.com/shows/keiser-report/315680-episode-max-keiser-811/

Gallippi (Bitpay CEO) mentions how easy it is to send money using Bitcoin. Yeah, you can send millions in a matter of seconds! Cheesy
full member
Activity: 196
Merit: 100
so there is 2 mill $ less of BTC than previously thought around.....looks like less supply available.

The person that stole it is probably going to sell it or use it to buy something.
legendary
Activity: 3024
Merit: 1132
Leading Crypto Sports Betting & Casino Platform
Why this hack came into light after a long time almost 10 month. Huh Huh
legendary
Activity: 2506
Merit: 1030
Twitter @realmicroguy
So that incident was happened almost 10 months ago in December 2014 not recently that hack, it doesn't leave any bad impact on bitcoin price as the title looking it happened today.

This news did happen yesterday. The incident might have happened several months ago, but these events were concealed from the public until late yesterday.

And this information never would have seen the light of day had Bitpay decided not to sue the insurance company.
hero member
Activity: 1582
Merit: 502
Did anyone else think this story made no sense?  Is this another "woops, someone hacked our cold storage that wasn't connected to the internet".

I do. If it's true then BitPay has gone bad.

This simply doesn't make sense:
Quote
According to a lawsuit filed Sept. 15 in federal court in Atlanta, in December 2014, Bryan Krohn, Bitpay's chief financial officer, got an email from someone purporting to be with a digital currency publication asking Krohn to comment on a bitcoin industry document.

Unknown to Krohn or Bitpay, the email sender's computer had been hacked, and the hacker sent the phony email that directed Krohn to a website controlled by the hacker, where Krohn provided the credentials for his Bitpay corporate email account, according to the lawsuit.

Why the fuck would the CFO of BitPay insert their email credentials to an unknown website?
And why would the CEO transfer ANY significant amount of Bitcoins to any account when ordered by JUST an email?

 
full member
Activity: 182
Merit: 100
Hello there!
Hah "Hacked"
Pretty sure the buggers pulled a Mt Gox and ran away with the $1.8 mil.
Who wouldn't want to bugger off with (nearly) two million USD worth of bitcoin?
Sure, morales and the like, that wasn't their money to run away with.
Not to mention that it wasn't even a hack, it was social engineering that burned them to the ground.
Anyway, if it is genuine, isn't there a way to track where all these millions are heading? It's bitcoin, shouldn't the company know their transaction IDS etc?
legendary
Activity: 1050
Merit: 1000
https://blog.bitpay.com/last-years-theft/

Quote
On September 15, 2015, BitPay filed suit against its insurer, Massachusetts Bay Insurance Company (“MBIC”) to recover amounts owed under a commercial crime policy issued by MBIC to BitPay as well as penalties for MBIC’s bad faith denial of the amounts owed to BitPay under the policy.

BitPay cannot discuss the pending litigation other than to say the amounts owed relate to a theft incident which occurred in December of 2014, nearly one year ago. This was an isolated incident, and none of BitPay’s customers, affiliates or merchants lost any funds. The only victim of the theft was BitPay. All merchant funds were secure, and there were no disruptions to BitPay’s payment services at any time. Additionally, advances in bitcoin cybersecurity over the last year allow BitPay to further protect funds and better serve merchants and bitcoin users.

Stephen Pair,
CEO, BitPay

So that incident was happened almost 10 months ago in December 2014 not recently that hack, it doesn't leave any bad impact on bitcoin price as the title looking it happened today.
Pages:
Jump to: