Author

Topic: Coinapult Claims $40k Lost in Hot Wallet Compromise (Read 1622 times)

legendary
Activity: 1316
Merit: 1481
Please refer to this thread about why you shouldn't trust (too much) third-parties wallets, exchanges, etc.
https://bitcointalksearch.org/topic/dataexchanges-their-way-of-using-a-fractional-reserve-and-generate-inflation-945881

thanks
hero member
Activity: 658
Merit: 501
sony wasnt hacked due to badly salted passwords of individual users. they got to the master server, not through brute forcing individuals.. but yes i agree, in a information age of the internet. companies holding other peoples valuable data/funds do not seem that well informed to secure their customers stuff

Yes, the salted comment was directed at target, sony has a different set of sloppy mistakes.
hero member
Activity: 672
Merit: 503
LOL when will these dumbass exchanges stop running hot wallets?!
I dont know, theres also the possibility that they are doing it on purpose to keep getting away with scamming tons of bitcoin from poor uninformed people.
sr. member
Activity: 406
Merit: 250
Bitcoin Mixer: https://BitLaunder.com
LOL when will these dumbass exchanges stop running hot wallets?!
legendary
Activity: 4410
Merit: 4788
lets hope that people realize that a brand name does not infuse trust of third parties.. but actual security and protections do.

Yes. Multi-billion dollar corporations like target or sony cannot be trusted to follow the most basic of security precautions like salting their tables properly.  What make anyone assume that a small startup will do better?

Better education and easier to use hardware wallets is the solution.

sony wasnt hacked due to badly salted passwords of individual users. they got to the master server, not through brute forcing individuals.. but yes i agree, in a information age of the internet. companies holding other peoples valuable data/funds do not seem that well informed to secure their customers stuff
hero member
Activity: 658
Merit: 501
lets hope that people realize that a brand name does not infuse trust of third parties.. but actual security and protections do.

Yes. Multi-billion dollar corporations like target or sony cannot be trusted to follow the most basic of security precautions like salting their tables properly.  What make anyone assume that a small startup will do better?

Better education and easier to use hardware wallets is the solution.
legendary
Activity: 4410
Merit: 4788
why oh why are these companies still using hot wallets!!!

i know of 10 ways to keep priv keys far from a server, yet still offer near-instant transaction times (bar a few milliseconds).

its like amateurs want to find the most inefficient route they can for security, and then use that as the excuse to not secure it.

the only other theory would be that they are paid off to say they were hacked as some way to get negative news into media, as more evidence of the need for crappy regulations.

but ill stick with the theory that lame assed coders do not have a clue how to run data between different systems. thus throwing everything into one less secure location purely for the naive FIATBANK/Titanic belief of too big to fail.

lets hope that people realize that a brand name does not infuse trust of third parties.. but actual security and protections do.
hero member
Activity: 658
Merit: 501
Most if not all Bitcoin exchanges do not have millions to pay security professionals each month code a nice backend that is bulletproof against hack attempts. Cold storage would definitely help with the storage though.

If an exchange cannot afford 80k a year to pay for one decent security expert than they don't deserve to exist.

If an exchange is insured, pays for top notch security, and highly regulated the best outcome you can hope for is guaranteed theft from the state between 15-40%, Otherwise you should expect to lose all your money within enough time.

Better secure bitcoins yourself and use bitcoin as intended.
full member
Activity: 196
Merit: 100
The security of bitcoin is still the biggest problem to make it going to mainstream. Bitcoin itself is more security than any bank account, but it's very complex to keep it security.

Most if not all Bitcoin exchanges do not have millions to pay security professionals each month code a nice backend that is bulletproof against hack attempts. Cold storage would definitely help with the storage though.
hero member
Activity: 658
Merit: 501
I absolutely dread the day when btc-e gets "hacked" and we have to deal with another Mtgox level shitstorm. If we can keep repeating these warnings hopefully a small percentage of people will take our advice and protect their investments properly.
legendary
Activity: 1316
Merit: 1481
There are security risks when you centralize private key storage whether it is an encrypted database of credit cards or bitcoin private keys:

http://www.coindesk.com/coinapult-loses-40k-hot-wallet-compromise/

The message is clear that people need to use exchanges and payment processors as gateways and not a place of storing their assets.

Secure your bitcoins yourself:

https://bitcointalksearch.org/topic/options-for-securing-your-bitcoin-wallet-858604

It's an old excuse so far.
sr. member
Activity: 406
Merit: 250
The security of bitcoin is still the biggest problem to make it going to mainstream. Bitcoin itself is more security than any bank account, but it's very complex to keep it security.


I don't think securing a personal stash is complicated. People become accustomed to having banks babysit their fiat wealth and naturally that habit extends to their bitcoin holdings. Getting people to take responsibility for their own private keys is quite complicated. 
hero member
Activity: 770
Merit: 509
The security of bitcoin is still the biggest problem to make it going to mainstream. Bitcoin itself is more security than any bank account, but it's very complex to keep it security.

Bitcoin itself is god, the problem is the exchanges and services are run by humans, prone to corruption.
sr. member
Activity: 415
Merit: 250
CoinApult already survived this... nothing to worry about, plus, they already updated their wallets and it seems even more secure now.
hero member
Activity: 658
Merit: 501
I guess Voorhees ran out of the FeedZBirds Bitcoins. Time for a fresh injection of cash. lol

http://upstart.bizjournals.com/money/loot/2013/09/04/erik-voorhees-of-satoshidice-coinapult.html?page=all

Little out of date.
From what I understand he left coinapult https://coinapult.com/about a while ago and is now running a very successful shapeshift - http://www.coindesk.com/shapeshift-raises-525k-reveals-erik-voorhees-as-creator/

I guess Voorhees ran out of the FeedZBirds Bitcoins.

Weird... is he still suggesting that FeedZBirds is still a yet to be completed project?
sr. member
Activity: 462
Merit: 250
The security of bitcoin is still the biggest problem to make it going to mainstream. Bitcoin itself is more security than any bank account, but it's very complex to keep it security.
sr. member
Activity: 406
Merit: 250
If they are not passing the loss on to users I tend to think it was a genuine hack. Take some of those funds and invest them in a good security team. It will pay for itself over time.
legendary
Activity: 2156
Merit: 1393
You lead and I'll watch you walk away.
I guess Voorhees ran out of the FeedZBirds Bitcoins. Time for a fresh injection of cash. lol

http://upstart.bizjournals.com/money/loot/2013/09/04/erik-voorhees-of-satoshidice-coinapult.html?page=all
sr. member
Activity: 336
Merit: 250
My main concern is how these exchanges have $40k worth of their own funds in the first place that, operationally, they can "get by" without... how are these guys making so much money in the first place?  Roll Eyes

Look at the invest funding many of these bitcoin companies receive. Into the millions.
full member
Activity: 210
Merit: 101
My main concern is how these exchanges have $40k worth of their own funds in the first place that, operationally, they can "get by" without... how are these guys making so much money in the first place?  Roll Eyes
sr. member
Activity: 336
Merit: 250
At least this time no costumer funds were lost and Coinapult is able to survive with the loss, others were not so luck.

Some customer funds might have been in the hot wallet but they will be refunded if that's the case.
hero member
Activity: 658
Merit: 501
I have nothing against Coinapult and wish them best but one concern I have lately with these hacks that are either partially recovered or "don't effect customer funds" (bitstamp, coinapult, ect..)is that it could be setting future clients up under either a premeditated scam or the operation doesn't really back up all their clients assets and are running as a fractional reserve operation.

Coinapult seems to be pumping their "locks" feature which encourages users to trust them to store both their bitcoins and fiat in a centrally controlled company. This is not a safe or advisable thing we should be encouraging users to do.

By all means use them as an exchange or payment processor.... but secure your bitcoins yourself.
legendary
Activity: 2114
Merit: 1040
A Great Time to Start Something!
Blincoe told CoinDesk:

    “Our team is looking into all possible scenarios in regards to what happened.”


It is a very short read, and I hope they are able to fully recover soon.
full member
Activity: 210
Merit: 101
Well hey, at least it's a relatively low (in comparison to other breaches) amount of bitcoins lost to the hackers this time and hopefully the company will learn from it and come back bigger, better & even more secure.
newbie
Activity: 18
Merit: 0
At least this time no costumer funds were lost and Coinapult is able to survive with the loss, others were not so luck.
hero member
Activity: 658
Merit: 501
There are security risks when you centralize private key storage whether it is an encrypted database of credit cards or bitcoin private keys:

http://www.coindesk.com/coinapult-loses-40k-hot-wallet-compromise/

The message is clear that people need to use exchanges and payment processors as gateways and not a place of storing their assets.

Secure your bitcoins yourself:

https://bitcointalksearch.org/topic/options-for-securing-your-bitcoin-wallet-858604
Jump to: