Expert Input Only: How Is A Cold Wallet Bter Exchange Hack Possible? - page 2.

Fernandez

legendary

Activity: 1008

Merit: 1000

Quote from: sidhujag on February 16, 2015, 01:56:22 AM

Ok forget who did it but cant we capture the funds by getting all exchanges a tool that will detect if the deposits are from that bad transaction? (i have the tool to do it)

You won't be able to get all the exchanges, gambling sites, mixers and merchants accepting Bitcoins to agree. There will always be places which will allow laundering of the stolen funds.

redsn0w

legendary

Activity: 1778

Merit: 1043

#Free market

Quote from: sidhujag on February 16, 2015, 01:56:22 AM

Ok forget who did it but cant we capture the funds by getting all exchanges a tool that will detect if the deposits are from that bad transaction? (i have the tool to do it)

It is a decentralized coin, you can detect whatever you want but no one can stop a transaction (only the various miners can refuse to accept a tx from a determinate bitcoin address but they will lost the fees).

sidhujag

legendary

Activity: 2044

Merit: 1005

Ok forget who did it but cant we capture the funds by getting all exchanges a tool that will detect if the deposits are from that bad transaction? (i have the tool to do it)

Fernandez

legendary

Activity: 1008

Merit: 1000

Quote from: hilariousandco on February 16, 2015, 01:24:23 AM

But they should know to use an air gap / safe computer for that. Not much point keeping your funds offline if you're just going to put the wallet on an unsecure comp. Exchanges should be overly paranoid when dealing with their funds as should any other bitcoiner really.

They even kept all the 7k BTC together. I think there is a chance that they stole the money.

redsn0w

legendary

Activity: 1778

Merit: 1043

#Free market

As everyone of us told : a cold wallet supposed to be "disconnected" or better never be connected to Internet. Their definition of cold wallet is wrong.

hilariousandco

global moderator

Activity: 4046

Merit: 2732

Join the world-leading crypto sportsbook NOW!

But they should know to use an air gap / safe computer for that. Not much point keeping your funds offline if you're just going to put the wallet on an unsecure comp. Exchanges should be overly paranoid when dealing with their funds as should any other bitcoiner really.

Fernandez

legendary

Activity: 1008

Merit: 1000

They are saying it happened when they were transferring funds. So
a) the hacker knew about it and was waiting for sometime for the opportunity
b) it was not a cold wallet.

hilariousandco

global moderator

Activity: 4046

Merit: 2732

Join the world-leading crypto sportsbook NOW!

Quote from: DeathAndTaxes on February 15, 2015, 05:29:34 PM

Hacking a properly created cold wallet is impossible however it may not have been a properly created cold wallet
a) the wallet may have been created using compromised software (given how long the wallet has existed this is unlikely)
d) despite the company calling it a 'cold wallet' is wasn't a cold wallet* at all and was compromised just as any other hot wallet would be
e) someone (most likely an employee) with physical access to the cold wallet data file stole the coins

Most likely one of these but I'm more inclined to believe an inside job.

Troonetpt

sr. member

Activity: 322

Merit: 250

A. It's not a really cold wallet.
B. It's a inside job.
Must one of them.

Beymond

sr. member

Activity: 462

Merit: 250

Their Cold wallet was really messed up , obviously being using to transfer funds to hot wallet's at time's
For that they should have kept two cold wallet's , one with small amount and other main cold wallet

charleshoskinson

legendary

Activity: 1134

Merit: 1008

CEO of IOHK

We spent months thinking about vectors of attack at Ethereum regarding the ether sale funds. Generally speaking, if the funds are in a cold wallet then either social engineering or inside theft are the two viable attacks. this said, it is possible if the cold wallet is stored in a digital format on a computer not connected to the internet that one could perform a stuxnet style attack piggybacking on a flash drive to introduce an APT. But no, someone internal stole the funds most likely.

itod

legendary

Activity: 1974

Merit: 1077

Honey badger just does not care

Quote from: goosoodude on February 15, 2015, 05:25:39 PM

When the hot wallet needs to be refilled it is brought online and that moment was used by the attacker.

Hot wallets are refiled without bringing cold wallet online. You sign the refill transaction on the cold wallet machine, copy it to the USB drive without ever bringing it online, and then broadcast signed transaction from any other computer which is connected to the internet. Cold wallet by definition cannot be "hacked" in the strict sense, unless you call hacking gaining physical access to the offline computer and copying private key from it on some media, or changing it's software to use weak random number generator.

cryptworld

hero member

Activity: 714

Merit: 503

Quote from: DeathAndTaxes on February 15, 2015, 05:29:34 PM

Hacking a properly created cold wallet is impossible however it may not have been a properly created cold wallet
a) the wallet may have been created using compromised software (given how long the wallet has existed this is unlikely)
b) the randomly generated keys in the wallet may have had poor entropy (also unlikely)
c) the wallet was compromised due to poor signing with repeat k values (unlikely but can be verified from transaction history)
d) despite the company calling it a 'cold wallet' is wasn't a cold wallet* at all and was compromised just as any other hot wallet would be
e) someone (most likely an employee) with physical access to the cold wallet data file stole the coins

* A 'cold wallet' would be a private key or keys created by an offline machine and the private keys are never used on a machine that is or has been connected to the internet. Signing of transactions should be done offline as well. If you create a 'cold wallet' and then move it to a computer which is connected to the internet then it is no longer a cold wallet.

thanks for that explanation, I was wondering what could happen

BlindMayorBitcorn

legendary

Activity: 1260

Merit: 1116

Quote from: VOR on February 15, 2015, 05:51:08 PM

they are either from the future and computed the corresponding private key to the cold wallet using an array of quantum computers, or it was an inside job.

i dont get how its finally possible to control your own funds such as with bitcoin, and people go and relinquish that control to someone else.

...so they are from the future? Shocked

RocketSingh

legendary

Activity: 1662

Merit: 1050

Quote from: DeathAndTaxes on February 15, 2015, 05:29:34 PM

Hacking a properly created cold wallet is impossible however it may not have been a properly created cold wallet
a) the wallet may have been created using compromised software (given how long the wallet has existed this is unlikely)
b) the randomly generated keys in the wallet may have had poor entropy (also unlikely)
c) the wallet was compromised due to poor signing with repeat k values (unlikely but can be verified from transaction history)
d) despite the company calling it a 'cold wallet' is wasn't a cold wallet* at all and was compromised just as any other hot wallet would be
e) someone (most likely an employee) with physical access to the cold wallet data file stole the coins

* A 'cold wallet' would be a private key or keys created by an offline machine and the private keys are never used on a machine that is or has been connected to the internet. Signing of transactions should be done offline as well. If you create a 'cold wallet' and then move it to a computer which is connected to the internet then it is no longer a cold wallet.

How does the creator of a cold wallet will know that his generated keys are not of poor entropy ?

redsn0w

legendary

Activity: 1778

Merit: 1043

#Free market

Quote from: leopard2 on February 15, 2015, 06:03:02 PM

Quote from: DeathAndTaxes on February 15, 2015, 05:29:34 PM

Hacking a properly created cold wallet is impossible however it may not have been a properly created cold wallet
a) the wallet may have been created using compromised software (given how long the wallet has existed this is unlikely)
b) the randomly generated keys in the wallet may have had poor entropy (also unlikely)
c) the wallet was compromised due to poor signing with repeat k values (unlikely but can be verified from transaction history)
d) despite the company calling it a 'cold wallet' is wasn't a cold wallet* at all and was compromised just as any other hot wallet would be
e) someone (most likely an employee) with physical access to the cold wallet data file stole the coins

* A 'cold wallet' would be a private key or keys created by an offline machine and the private keys are never used on a machine that is or has been connected to the internet. Signing of transactions should be done offline as well. If you create a 'cold wallet' and then move it to a computer which is connected to the internet then it is no longer a cold wallet.

a==b) was the case with the blockchain hack, wasn't it? Just that it was a white hat hacker at the time.

Yes, 1000 btc sent back to blockchain.info. Here the thread : https://bitcointalksearch.org/topic/reused-r-values-again-581411

leopard2

legendary

Activity: 1372

Merit: 1014

Quote from: DeathAndTaxes on February 15, 2015, 05:29:34 PM

Hacking a properly created cold wallet is impossible however it may not have been a properly created cold wallet
a) the wallet may have been created using compromised software (given how long the wallet has existed this is unlikely)
b) the randomly generated keys in the wallet may have had poor entropy (also unlikely)
c) the wallet was compromised due to poor signing with repeat k values (unlikely but can be verified from transaction history)
d) despite the company calling it a 'cold wallet' is wasn't a cold wallet* at all and was compromised just as any other hot wallet would be
e) someone (most likely an employee) with physical access to the cold wallet data file stole the coins

* A 'cold wallet' would be a private key or keys created by an offline machine and the private keys are never used on a machine that is or has been connected to the internet. Signing of transactions should be done offline as well. If you create a 'cold wallet' and then move it to a computer which is connected to the internet then it is no longer a cold wallet.

a==b) was the case with the blockchain hack, wasn't it? Just that it was a white hat hacker at the time.

Q7

sr. member

Activity: 448

Merit: 250

It shouldn't be too difficult to figure out who did this. If it has multi sig or multiple factor authentication enabled on a cold wallet, it would be almost impossible to pull off that stunt.

VOR

newbie

Activity: 21

Merit: 0

they are either from the future and computed the corresponding private key to the cold wallet using an array of quantum computers, or it was an inside job.

i dont get how its finally possible to control your own funds such as with bitcoin, and people go and relinquish that control to someone else.

redsn0w

legendary

Activity: 1778

Merit: 1043

#Free market

Quote from: inBitweTrust on February 15, 2015, 05:41:22 PM

It likely was simply an inside job.

Any centralized bitcoin exchange that doesn't store a majority of their clients bitcoins in multiple multisig cold wallets with good physical security is acting wildly irresponsible at this point in the game.

Indeed if these exchanges will not start to use multiSig I think a lot of people will start to keep their coin in own wallets. Remember : an exchange is not a bank.

For example why aren't they using greenAddress for their cold wallet ?

Topic: Expert Input Only: How Is A Cold Wallet Bter Exchange Hack Possible? - page 2. (Read 3418 times)