In the first Bitcoin theft of its size, a user has lost 25,000 BTC — or nearly $487,749 at today’s market rates — to an unknown thief.
While the Bitcoin community has always been quick to point out that it’s harder to forge a Bitcoin than to forge a dollar, it’s quite easy to take someone else’s Bitcoins: all you have to do is gain access to their computer’s hard drive. Once you’re in, stealing Bitcoins is easier than taking a wallet in the real world, and there’s no recourse for getting them back.
That said, it is possible to verify the movement of funds to ensure complainants are telling the truth due to Bitcoin’s public nature — services such as BlockExplorer allow users to see every transaction that has ever occurred through the network. The receiving account in this case, for instance, can be seen here.
As a decentralized network with no authority and no identities attached to the addresses used to send and receive Bitcoins, once Bitcoins are stolen they’re as good as gone.
While at the time of this writing the BTC is trading at $19.51, I wouldn’t be surprised to see their value drop over the course of the day as this news spreads.
It was waiting for something like this to happen. If someone has all his bitcoins at mtgox then you are a username and password away from a lot of cash. But isnt this with paypal and regular internet banking as well?
Lets not forget that there appears to be quite the activity going on to paint a negative image in regard to bitcoin. Such stories, true or not, often imply that there is something wrong with bitcoin, even in circumstances where users have not adhered to basic principles of keeping their personal data, bitcoin or just business documents, safe.
@Christian Schmitz The victim of the theft himself profusely says it was his fault — though it is a good example of why Bitcoin is not for those without the tech savvy to secure their coins (i.e., most people).
@Doug Clinton If someone had $500k stolen from under their bed I’m sure it would make news — there’s always a journalist looking to laugh at an idiot. If you look through TNW’s coverage of Bitcoin the coverage is balanced and doesn’t tend towards pro or con. This is news and even more so because Bitcoin doesn’t do nearly enough to point out that securing the currency is the consumer’s responsibility, and the number of consumers who can do a sufficient job of that? Not many.
★good★ look love— w w w – jordansforking – c o m
Few hints to secure your pc from internet:
Use a Firewall -. For example, a firewall may allow checking email and browsing the web, but disallow things that are commonly not as useful such as RPC or “Remote Procedure Calls”. In fact, it’s vulnerabilities in RPC that allowed a worms to propagate.Virus Scan – Sometimes, typically via email, virii are able to cross the wall and end up on your computer anyway.Kill Spyware – Spyware is similar to virii in that they arrive unexpected and unannounced and proceed to do something undesiredStay Up-To-Date – I’d wager that over 90% of virus infections don’t have to happen. Software vulnerabilities that the viruses exploit usually already have patches available by the time the virus reaches a computer. The problem? The user simply failed to install the latest patches and updates that would have prevented the infection in the first place. I still see this constantly, as some of the most popular articles here on Ask Leo! deal with exploits that were patched nearly 2 years ago. The solution is simple: enable automatic updates, and visit Windows Update periodically. More: How do I make sure that Windows is up-to-date?.Get Educated – To be blunt, all the protection in the world won’t save you from yourself. Don’t open attachments that you aren’t positive are ok. Don’t fall for phishing scams. Don’t click on links in email that you aren’t positive are safe. Don’t install “free” software without checking it out first – many “free” packages are free because they come loaded with spyware, adware and worse. When visiting a web site, did you get a pop-up asking if it’s ok to install some software you’re not sure of because you’ve never heard of it? Don’t say “OK”. Not sure about some security warning you’ve been given? Don’t ignore it. Choose strong passwords, and don’t share them with others. More: Phishing? What’s Phishing?, How do I get rid of all this SPAM?!?!. Secure Your Mobile Connection – if you’re traveling and using internet hot spots, free Wifi or internet cafes, you must take extra precautions. Make sure that your web email access is via secure (https) connections, or that your regular mail is over an encrypted connection as well. Don’t let people “shoulder surf” and steal your password by watching you type it in a public place. Make sure your home Wifi has WPA security enabled if anyone can walk within range. More: How can I keep my email safe from sniffing?, Can hackers see data going to and from my computer?.Don’t forget the physical – an old computer adage is that “if it’s not physically secure, it’s not secure.” All of the precautions I’ve listed above are pointless if other people can get at your computer. They may not follow the safety rules I’ve laid out. A thief can easily get at all the unencrypted data on your computer if they can physically get to it. The common scenario is a laptop being stolen during travel, but I’ve gotten reports of people who’ve been burned because a family member or roommate accessed their computer without their knowledge. take care
______________________________
1CrCxtfqcntg9A4BJ1a2DqF2m1yt5NAKam
follow me at http://btctrading.wordpress.com/
@axinar On the issue of BTC’s exchange value being affected by a large theft: if you don’t think that could have an effect on the trading value, even if small and temporary, you don’t understand how the people trading in markets and causing the price to go up or down react to events. Those decisions are just as much emotional as they are mathematical in many causes. When things like this happen, sometimes fringe players dump their investments — back into something a little more comfortable such as the dollar. It’s not a condemnation, it’s just what happens.
As for the rest of your comment — it’s next to impossible to read such a big block of unbroken text without developing a headache but I think what you’re saying is that this is Windows’ fault.
Sidenote is that any operating system can be insecure in an inexperienced user’s hands — not just Windows. Security breaches are the fault of the user as much, if not moreso, than the operating system. Back to the main point:
I don’t think that I or anyone else reporting on this story have said that the theft was caused by a flaw in Bitcoin’s design. The speed with which Bitcoin users come out of the woodworks and declare a “smear campaign” and act like someone did attack Bitcoin is almost cult-like. What has been said, and can’t be denied by any rational mind, is that a system that requires the user to secure their assets digitally is not going to be friendly to the vast majority of consumers who do not possess the technical chops to do so.
@Joel Falconer Hello Joel,
First of all, Bitcoin is not an investment, it is a means of transferring money. In the long term, this theft will not have any effect on its adoption, but will in fact, spur people to make the wallet harder to get at.
Secondly, I never type comments into comment boxes when I am taking time to make a full response. My original comment text had many line breaks, but these were stripped out by the comment software you are using.
Its a fact that any software can be insecure, but windows is insecure by default. Everyone who knows anything about operating systems accepts this.
If you do not want to be accused of smearing Bitcoin with sensational FUD stories, then dont write them. Be objective, and demonstrate that you know what you are talking about, or dont bother until you do.
In the end, Bitcoin is going to spread to everyone; the client is in its infancy, and as it improves adoption will explode
If you are old enough to remember Mosaic, you will understand exactly what is happening right now; the Bitcoin client today is Mosaic. When the Bitcoin client is as polished as Google Chrome, Safari or Firefox, then it will be in the hands of hundreds of millions.
There WILL be widespread adoption of Bitcoin. What you have to ask is wether or not you will be remembered as someone who thought and wrote seriously about it at its inception, or wether you will be seen as just another journalist without any insight.
Sorry If I am coming across a little harsh, but I’m fed up with reading ill informed garbage about something so wonderful, transformative and important as Bitcoin
“While at the time of this writing the BTC is trading at $19.51, I wouldn’t be surprised to see their value drop over the course of the day as this news spreads.”
Yeah… I think 90% of the people invested in BTC know about it, and they were widely unphased. It was more of a security wake up call than a “quick everyone bail!”
Sad to hear but it was only ever going to be a matter of time before this happened :(
It seems there has been no or little movement of the value, at least in Mt Gox.
The guy failed to lock down his ‘doz box, sure. But even if he was running a reasonably locked down instance of linux, stealing bitcoins is still very possible.
What’s scary is the raw amount of money some people store in their bitcoin wallets. It doesn’t matter how well you secure something — if there’s a lot of $ to steal somewhere, then someone is going to try and steal it. That might mean through social engineering tricks, physical theft of hardware, etc. The problem is that humans are ultimately the error-prone weak links that can unknowingly make themselves vulnerable.
Bitcoin makes a lot of sense for transferring money. As for keeping a huge pile of money safe, you *might* want to stick to traditional means (ie, a bank that has a vested interest in keeping it secure).
Check out http://www.bitprotection.info at least someone is doing something about it!
Traders learn not to react emotionally in this way. Either that or they never make money.
And to think that the people investing in Bitcoin are your typical traders seems completely illogical.
This is stupid. There’s no news here. This is what happens when you put all your eggs in an insecure basket, so to speak. I’m running the same risk if I carry $500,000 in my wallet. Which is why I generally don’t carry more than $50, unless I’m planning to go deposit it or I’m about to spend it.
There is NO reason you can’t have more than one Wallet.dat file, and if you’re keeping this kind of money, you really should – one that has the majority of your Bitcoins and one that just has a few. Keep the “main” file on a Flash drive and only use it when you need it, and transfer your money between the two as necessary.
This guy got burned because someone stole the wallet he was hoarding all his Bitcoins in. Which really, really sucks, and I feel for him, but it’s not newsworthy.
@Joel Falconer @Doug Clinton “Bitcoin doesn’t do nearly enough to point out that securing the currency is the consumer’s responsibility”
If you’re going to make that claim, then you have to also say that the US Federal Reserve doesn’t do enough to point out that securing your money is your responsibility, because the reality is that neither says much about this.
The reality is that this is only news because it’s the first time it happened. What you’re talking about is what I consider the “not a credit card problem”, which isn’t specific to Bitcoin at all. Securing ACTUAL currency is literally ALWAYS the consumer’s responsibility. The difference is that US dollars have been around long enough that people have learned how to keep them relatively safe. Bank trucks, guns, safes, etc.
Also – this isn’t about securing things. It’s about doing the smart thing. It wouldn’t matter if his PC wasn’t secured if he didn’t keep 2000+ Bitcoins on it. Common sense says, “keeping $50 or so in your wallet for spending money is a good idea, and keeping $50 or so in your center console for emergency gas money is a good idea, but keeping $1000+ in either place is a very bad idea because someday you might run into a pickpocket or robber and lose whatever you keep in there.” Common sense also says, “don’t ever assume that your money is secure – security is not by accident, the bank keeps money safe with an armored truck, a vault, passcodes, and guns.” No matter what, any given currency is only safe if you handle it safely, and frankly, it doesn’t sound like this guy even thought about how to handle all his Bitcoins.
I really do feel bad about this. But aside from the fact that it’s the first time it happened, there’s no real news here.
Could this have been avoided with a safer client? I think so.
The client has no password protection whatsoever at the moment of opening or making any transactions. Hopefully the dev. team will put it in their list of priorities to do some work on the clients.