Topic: Has your business suffered an attack by hackers since the Mt. Gox crisis began? (Read 849 times)
June 21, 2011, 02:51:13 PM
This is yet another reason why we use OpenID, there are no passwords to steal.
June 21, 2011, 10:19:42 AM
+1
I was thinking the same thing myself. The only thing I could come up with is that some bitcoin users are newbie hackers so it's them being greedy and testing their skills.
I was thinking the same thing myself. The only thing I could come up with is that some bitcoin users are newbie hackers so it's them being greedy and testing their skills.
June 21, 2011, 10:11:00 AM
Fortunately, our operation is simple enough that there are no user passwords (other than administrative, obv.) to be compromised, so it seems that the damage is limited to losing some coin, which sucks, but could be worse...
Anyone else seeing a wave of hacking activity? I'm wondering if this is directly driven by the leaked mt.gox data, or if it's a social phenomenon: a hacker got some props for crashing Mt. Gox, and so hacking bitcoin accepting sites is the new thing to do. It seems kinda nihilistic for people who are into freedom of the internet to try to disrupt the adoption of a project with such liberatory potential...
Anyone else seeing a wave of hacking activity? I'm wondering if this is directly driven by the leaked mt.gox data, or if it's a social phenomenon: a hacker got some props for crashing Mt. Gox, and so hacking bitcoin accepting sites is the new thing to do. It seems kinda nihilistic for people who are into freedom of the internet to try to disrupt the adoption of a project with such liberatory potential...
June 21, 2011, 10:02:05 AM
BiddingPond.com suffers multiple attacks daily and has seen at least a tenfold increase in attacks in the recent days.
What we do to make sure it isn't a complete catastrophe in case of a data breach(all data breaches are catastrophes) is the following:
1)User passwords are hashed and have individual salts.
2)Large quantities of Bitcoin funds are not held on the server. Funds are kept in an outside wallet split between multiple systems until forwarded by support staff to the proper recipient.
3)We are in the process of implementing a system where all e-mails from us will be PGP clear signed.
What we do to make sure it isn't a complete catastrophe in case of a data breach(all data breaches are catastrophes) is the following:
1)User passwords are hashed and have individual salts.
2)Large quantities of Bitcoin funds are not held on the server. Funds are kept in an outside wallet split between multiple systems until forwarded by support staff to the proper recipient.
3)We are in the process of implementing a system where all e-mails from us will be PGP clear signed.
June 21, 2011, 09:42:02 AM
I'm trying to get a sense of the full negative impact of this on the economy for an article, and I discovered that http://www.iusecoins.com was hacked last night and the wallet might have been drained. Is this an isolated incident, or have others had similar experiences?
Jump to: