Pages:
Author

Topic: BREAKING: Atlanta based Bitcoin giant BitPay hacked for nearly $2,000,000! - page 7. (Read 11153 times)

legendary
Activity: 1061
Merit: 1001
I don't really blame the CEO on this, since how the fuck would he know his CFO is a fucking retard without common sense.
It is absolutely the highest most important task for a CEO to know whether his CFO is a fucking retard without common sense - that's how.  If the CEO does just one thing in his entire career and nothing else at all, he has to know whether the CFO is an idiot.  TOTAL FAIL

agreed

CFO is a complete tard

just goes to show, particularly in crypto, anyone can give themselves any title they want

'chief science officer' 'president' lol etc.
legendary
Activity: 2632
Merit: 1023
so there is 2 mill $ less of BTC than previously thought around.....looks like less supply available.
hero member
Activity: 910
Merit: 1000
https://blog.bitpay.com/last-years-theft/

Quote
On September 15, 2015, BitPay filed suit against its insurer, Massachusetts Bay Insurance Company (“MBIC”) to recover amounts owed under a commercial crime policy issued by MBIC to BitPay as well as penalties for MBIC’s bad faith denial of the amounts owed to BitPay under the policy.

BitPay cannot discuss the pending litigation other than to say the amounts owed relate to a theft incident which occurred in December of 2014, nearly one year ago. This was an isolated incident, and none of BitPay’s customers, affiliates or merchants lost any funds. The only victim of the theft was BitPay. All merchant funds were secure, and there were no disruptions to BitPay’s payment services at any time. Additionally, advances in bitcoin cybersecurity over the last year allow BitPay to further protect funds and better serve merchants and bitcoin users.

Stephen Pair,
CEO, BitPay
legendary
Activity: 1596
Merit: 1026
I don't really blame the CEO on this, since how the fuck would he know his CFO is a fucking retard without common sense.
It is absolutely the highest most important task for a CEO to know whether his CFO is a fucking retard without common sense - that's how.  If the CEO does just one thing in his entire career and nothing else at all, he has to know whether the CFO is an idiot.  TOTAL FAIL
hero member
Activity: 560
Merit: 500
This is clearly mostly bitpay fault due to incompetence. I am not surprised the insurer is refusing to pay, i am confident they wont have to after the trial either.
It's funny how such high amounts of funds go stolen due to such a stupid mistake.

I agree, a LOT of incompetence in these btc companies.  Seems to be the case with amagi metals, which the ceo went around saying they'll be fully btc, not fiat in the next couple years, well they couldnt even make it 6 months and now they are closed.

But, if they DO make it trhough this, I for one will not be using their site.  this to me is a HUGE warning sign, and a red flag that says "pull your funds out of here now!"
newbie
Activity: 1
Merit: 0
Where else can you rip off a couple million with three emails?s

Are you kidding?  2 million is nothing when you compare it with the fraudulent emails initiating many millions more in wire transfers.  

Just a couple from a very quick google search:

http://fortune.com/2015/08/10/ubiquiti-networks-email-scam-40-million/

August 10, 2015
Fraudsters duped this company into handing over $40 million.
A swindler fakes emails from senior managers at the target company and requests (fraudulent) wire transfers.

http://www.securityweek.com/email-scam-nets-214-million-14-months-fbi

January 22, 2015
Email Scam Nets $214 Million in 14 Months: FBI



hero member
Activity: 854
Merit: 658
rgbkey.github.io/pgp.txt
This is crazy and not good news, BitPay is what enabled a lot of companies to accept bitcoin and we can't lose them.
legendary
Activity: 1722
Merit: 1000
Satoshi is rolling in his grave. #bitcoin
This is clearly mostly bitpay fault due to incompetence. I am not surprised the insurer is refusing to pay, i am confident they wont have to after the trial either.
It's funny how such high amounts of funds go stolen due to such a stupid mistake.
legendary
Activity: 1806
Merit: 1003
What kind of fucking retard CFO inputs his email credentials on a 3rd party website, this should be common sense if he only started used Internet for a month. No fucking legit website is going to ask you to input your fucking email credentials.

I don't really blame the CEO on this, since how the fuck would he know his CFO is a fucking retard without common sense.
legendary
Activity: 1988
Merit: 1012
Beyond Imagination
So these people have no telephones to confirm these types of transactions? Everyone know email is the easiest platform to hack. How can they simply trust a email to transfer $2 000 0000 worth of Bitcoin? I hope a full investigation will be launched and some people will get fired for this.

Not necessarily

If Bitpay is selling 1k to 2k bitcoins to SecondMarket frequently on a weekly basis, the most convenient and traceable way is to use email contact. However Bitpay does not require SecondMarket to pay before the transaction, this gave the hacker a chance to attack

In traditional finance system, this attack does not work, since the receiving account must follow the AML KYC measure and the transaction will be reversed by banks following a dispute and court decision. But bitcoin is different, so it is important to double check before sending out bitcoin transactions

This incident also give us a glance of the size of the transaction that is happening in Bitpay: Anything below 2000 is considered as normal
legendary
Activity: 1512
Merit: 1012
How can be someone this stupid? No GPG confirmation? No phone confirmation? Nothing? Jesus.

Makes it look like it's frequent to move all these funds just like someone changes shirt without requiring any of the security measures you mentioned... I guess we all expected more from BitPay Roll Eyes
Q7
sr. member
Activity: 448
Merit: 250
Another thing that crossed my mind was I wonder what would happen to those people who hold an account or invested there. Would they be able to withdrawal their coins now that the company is having issue. Hope not another mt gox saga.
member
Activity: 84
Merit: 10
That is good news for Bitcoin  Grin
More media attention  Cool
To the haters  Kiss
legendary
Activity: 3374
Merit: 2198
I stand with Ukraine.
So these people have no telephones to confirm these types of transactions? Everyone know email is the easiest platform to hack. How can they simply trust a email to transfer $2 000 0000 worth of Bitcoin?

Exactly! Actually I think they are involved. I mean some ppl from Bitpay Inc. are accomplices to the "Unknown".
legendary
Activity: 1988
Merit: 1012
Beyond Imagination
"Immediately after clicking on the Google doc link, Mr Krohn enters his authenticating information as prompted in order to access the purported Google docs and receives an error message," the letter states. "[Krohn] believes his private information was stolen at that time and that his response provided access to his email to the fraudster."

I guess he was using gmail account to access google docs? A gmail account as corporate account???

Do not open any google doc  Grin
newbie
Activity: 42
Merit: 0
Yes, that is a social engineering attack, not a hack.

E-mail is not secure, everyone knows it. You should always verify important matters over some more secure medium, preferably multiple ones. Even a phone call would have been enough to prevent this.
legendary
Activity: 1904
Merit: 1037
Trusted Bitcoiner
well there goes this year's profit margin

How much did they earn? Order of magnitude is enough.

a guess would be ~0.8% of their volume.

i think its about 1million a day?

so ~2.848million a year

there costs must be in the 0.5 million to 1 million a year

massively guessing here.
Q7
sr. member
Activity: 448
Merit: 250
Although I'm not a law expert but looking at how they handle the bitcoin transfer using only email and without having any proper verification and approval process, most likely they will lose the case. Insurance don't cover for careless mistakes and loopholes
legendary
Activity: 2142
Merit: 1010
Newbie
well there goes this year's profit margin

How much did they earn? Order of magnitude is enough.
legendary
Activity: 1904
Merit: 1037
Trusted Bitcoiner
they should get these kinds of request signed with a private key stored on an air gapped PC.
it will add a few mins to the process, but it would prevent this hack
Pages:
Jump to: