It likely was simply an inside job.
Any centralized bitcoin exchange that doesn't store a majority of their clients bitcoins in multiple multisig cold wallets with good physical security is acting wildly irresponsible at this point in the game.
Topic: Expert Input Only: How Is A Cold Wallet Bter Exchange Hack Possible? - page 3. (Read 3418 times)
February 15, 2015, 05:41:22 PM
February 15, 2015, 05:38:36 PM
What dunno , still newbie , but bter use cold wallets to fill there hots, apparently 7000btc on 1 cold wallet is not done , gess bit lazzy and made redraws from cold wallet with same key multi times , is it then possible to "catch" the key and use it urself?
my 2bit :
It is most likely a proxy/VPN that leads to another one and so on.
If someone wants to steal so much money, I guess they make sure to stay safe as much as possible.
Students having the know how , intrest, time and equipment , and watch the ISP Research and academic network
my 2bit :
Is this the thief ?
http://tools.tracemyip.org/lookup/46.28.204.193
Reverse DNS in-addr.arpa:
193.204.28.46.in-addr.arpa domain name pointer hosted-by.solarcom.ch.
http://en.utrace.de/ip-address/193.204.28.46
IP Address: 193.204.28.46
ISP: GARR Italian Research and Academic Network
Organization: Universita' degli Studi G. D'Annunzio
https://db-ip.com/193.204.28.46
http://tools.tracemyip.org/lookup/46.28.204.193
Reverse DNS in-addr.arpa:
193.204.28.46.in-addr.arpa domain name pointer hosted-by.solarcom.ch.
http://en.utrace.de/ip-address/193.204.28.46
IP Address: 193.204.28.46
ISP: GARR Italian Research and Academic Network
Organization: Universita' degli Studi G. D'Annunzio
https://db-ip.com/193.204.28.46
It is most likely a proxy/VPN that leads to another one and so on.
If someone wants to steal so much money, I guess they make sure to stay safe as much as possible.
Students having the know how , intrest, time and equipment , and watch the ISP Research and academic network
February 15, 2015, 05:29:34 PM
Hacking a properly created cold wallet is impossible however it may not have been a properly created cold wallet
a) the wallet may have been created using compromised software (given how long the wallet has existed this is unlikely)
b) the randomly generated keys in the wallet may have had poor entropy (also unlikely)
c) the wallet was compromised due to poor signing with repeat k values (unlikely but can be verified from transaction history)
d) despite the company calling it a 'cold wallet' is wasn't a cold wallet* at all and was compromised just as any other hot wallet would be
e) someone (most likely an employee) with physical access to the cold wallet data file stole the coins
* A 'cold wallet' would be a private key or keys created by an offline machine and the private keys are never used on a machine that is or has been connected to the internet. Signing of transactions should be done offline as well. If you create a 'cold wallet' and then move it to a computer which is connected to the internet then it is no longer a cold wallet.
a) the wallet may have been created using compromised software (given how long the wallet has existed this is unlikely)
b) the randomly generated keys in the wallet may have had poor entropy (also unlikely)
c) the wallet was compromised due to poor signing with repeat k values (unlikely but can be verified from transaction history)
d) despite the company calling it a 'cold wallet' is wasn't a cold wallet* at all and was compromised just as any other hot wallet would be
e) someone (most likely an employee) with physical access to the cold wallet data file stole the coins
* A 'cold wallet' would be a private key or keys created by an offline machine and the private keys are never used on a machine that is or has been connected to the internet. Signing of transactions should be done offline as well. If you create a 'cold wallet' and then move it to a computer which is connected to the internet then it is no longer a cold wallet.
February 15, 2015, 05:25:39 PM
It was not a true cold wallet but rather an wallet which is kept offline most of the time. When the hot wallet needs to be refilled it is brought online and that moment was used by the attacker.
February 15, 2015, 05:23:52 PM
a cold wallet, by definition, is not connected to the internet.
Therefore, a cold wallet can not be hacked, no matter what.
If it was hacked, it wasnt a cold wallet.
Therefore, a cold wallet can not be hacked, no matter what.
If it was hacked, it wasnt a cold wallet.
February 15, 2015, 05:17:46 PM
It depends on what exactly they call a "cold wallet"
If it was in any way connected to a network, it was just a "normal" hack
If it was in any way connected to a network, it was just a "normal" hack
February 15, 2015, 05:14:49 PM
Unless it's an inside job, how could a remote hacker get access to a cold wallet?
"7170 BTC got stolen from our cold wallet in this transaction:
https://blockchain.info/tx/f5b0363f03e1ed8bb812c135361ea93590c831ce9f13a3750be1b93575baccc6"
(quoting from Bter.com)
Please don't comment unless you know what you're talking about.
"7170 BTC got stolen from our cold wallet in this transaction:
https://blockchain.info/tx/f5b0363f03e1ed8bb812c135361ea93590c831ce9f13a3750be1b93575baccc6"
(quoting from Bter.com)
Please don't comment unless you know what you're talking about.
Jump to: