Pages:
Author

Topic: HACK Alert!!!!!! BTC-E BTC/USD has record volume today !!!!!!!!! (Read 6391 times)

hero member
Activity: 546
Merit: 500
I wanted to put in a word for btc-e. I looked at my account there and they still have my money there. Good on them.
legendary
Activity: 1792
Merit: 1047
what about a fat finger trade? Huh

Hoвocти / Trade is stopped

16:04 31.07.12 from support

Dear users of the Exchange Btc-e.com

The exchange is not going to close. We will refund all losses from our reserves.

Neither the servers nor the database were compromised. There were no SQL injections.

At 04:07 MSK (GMT+4) our LR API Secret Key was compromised. It's 16 uppercase, lowercase letters and digits. They may have bruteforced it for long.

Using the key the hacker imitated LR deposits from many accounts and bought up Bitcoins, Namecoins and Litecoins.

We lost our daily volume, approx. 4500 BTC. The attacker couldn't withdraw more
as most BTC were distributed over several offline wallets.


At 10:30 we restored the database to the state it was at 04:00, right before the attack. All trades after 4:00 are reverted.

People who attempted withdrawals before 04:00 MSK will get their funds withdrawn later today.

For people who deposited BTC, LTC and NMC after 04:00 MSK the funds will be put to their balances before market opens.
We are working on the scripts for this.

If you deposited USD after 04:00 MSK you should send us your login, amount and payment system used by email or PM.

Our plan:

1. The trade will be disabled until we restore the balances to the point before market crash.

2. After that, the trade and deposit/withdrawal will be back on, approx. within 1-2 days.

Icq - 610112128
Skype - btc-e.support
E-mail - [email protected]


And that folks is how its done!
newbie
Activity: 14
Merit: 0
BTC-E now has my business. These are some strong men.
legendary
Activity: 1946
Merit: 1006
Bitcoin / Crypto mining Hardware.
what about a fat finger trade? Huh

Hoвocти / Trade is stopped

16:04 31.07.12 from support

Dear users of the Exchange Btc-e.com

The exchange is not going to close. We will refund all losses from our reserves.

Neither the servers nor the database were compromised. There were no SQL injections.

At 04:07 MSK (GMT+4) our LR API Secret Key was compromised. It's 16 uppercase, lowercase letters and digits. They may have bruteforced it for long.

Using the key the hacker imitated LR deposits from many accounts and bought up Bitcoins, Namecoins and Litecoins.

We lost our daily volume, approx. 4500 BTC. The attacker couldn't withdraw more
as most BTC were distributed over several offline wallets.

At 10:30 we restored the database to the state it was at 04:00, right before the attack. All trades after 4:00 are reverted.

People who attempted withdrawals before 04:00 MSK will get their funds withdrawn later today.

For people who deposited BTC, LTC and NMC after 04:00 MSK the funds will be put to their balances before market opens.
We are working on the scripts for this.

If you deposited USD after 04:00 MSK you should send us your login, amount and payment system used by email or PM.

Our plan:

1. The trade will be disabled until we restore the balances to the point before market crash.

2. After that, the trade and deposit/withdrawal will be back on, approx. within 1-2 days.

Icq - 610112128
Skype - btc-e.support
E-mail - [email protected]
sr. member
Activity: 387
Merit: 250
what about a fat finger trade? Huh
full member
Activity: 238
Merit: 100
legendary
Activity: 1694
Merit: 1002
newbie
Activity: 27
Merit: 0
I posted this in the other thread, but it deserves repeating.

Here are my suggestions for all victims.

1. Sell ALL USD immediately. There is almost certainly not enough USD to pay out.
2. Withdraw ALL BTC immediately. Unless fractional reserve was employed, there should be enough. No BTC was reported to have injected, so this may be your only option of financial recovery.
3. Change passwords for other websites immediately. The database is likely to leak, if a SQL injection was the culprit.

Best of luck to all victims.

re: point 3.....
if your password for one site, was the same as another, you deserve to get hacked....
legendary
Activity: 1246
Merit: 1077
I posted this in the other thread, but it deserves repeating.

Here are my suggestions for all victims.

1. Sell ALL USD immediately. There is almost certainly not enough USD to pay out.
2. Withdraw ALL BTC immediately. Unless fractional reserve was employed, there should be enough. No BTC was reported to have injected, so this may be your only option of financial recovery.
3. Change passwords for other websites immediately. The database is likely to leak, if a SQL injection was the culprit.

Best of luck to all victims.
newbie
Activity: 35
Merit: 0
It is interesting to watch this story unfold.
member
Activity: 98
Merit: 10
(:firstbits => "1mantis")
hero member
Activity: 868
Merit: 1000

i had 1BTC in BTC-e cuz I've recently trying trading LTC

now i have 47$ Cheesy

oh and its back to normal... time to buy some bitcoin!


please no rollback Cheesy


Hahahaha. This post made my day! Excellently done, Sir! Hope you can buy btc and withdraw! Smiley
member
Activity: 116
Merit: 10
bitcoin afficionado
legendary
Activity: 1022
Merit: 1000
OK, lets calculate: How much of this is hitting MtGox in order to cash out in USD?

bitcoincharts.com shows ~50k BTC during the heist (which may be withdrawn successfully) --> anything on the blockchain??

Further 3-4k BTC in the aftermath, probably some lucky traders trying to make a killing and cash out in BTC, USD or LTC.

It is questionable if any of this even leaves btc-e.com in the first place, if so the big sum probably will be laundered and maybe dumped on MtGox, or held for some time, because to actually withdraw that amount, it has to go through some bank account after all.
hero member
Activity: 868
Merit: 1002
Hmmm...my LTCs were bought.  I'm assuming, unless everything is gone, that there'll be rollback.
Don't hold your breath.
http://blockexplorer.com/block/00000000000002c5ca7b4bf9559532cfd8a1248b6e6978bde768c76aa4165b33
legendary
Activity: 2198
Merit: 1311
Hmmm...my LTCs were bought.  I'm assuming, unless everything is gone, that there'll be rollback.
legendary
Activity: 1946
Merit: 1006
Bitcoin / Crypto mining Hardware.
All the litecoins were bought up as well, up to 0.5$/LTC (which is a rough 8x increase)
its $1/LTC now Cheesy

legendary
Activity: 1946
Merit: 1006
Bitcoin / Crypto mining Hardware.
All the litecoins were bought up as well, up to 0.5$/LTC (which is a rough 8x increase)
its $1/LTC now Cheesy
legendary
Activity: 1022
Merit: 1000
All the litecoins were bought up as well, up to 0.5$/LTC (which is a rough 8x increase)
Pages:
Jump to: