- Beyhive coming for Sainsbury’s supermarket over Ivy Park shade 6 Years Ago
- Antique store blasted for selling ‘white only’ signs Today 1:45 PM
- DaBaby explains altercation with hotel employee after video goes viral Today 12:32 PM
- Kanye faces backlash for headlining Christian event with anti-LGBTQ leaders Today 10:31 AM
- Why is Yennefer of Vengerberg so different in Netflix’s ‘The Witcher’? Today 10:00 AM
- Actress slammed for ‘acid attack-face’ TikTok challenge Today 9:46 AM
- ‘Weathering With You’ blends fantasy and realism in a magical love story Saturday 6:18 PM
- Kidnapped teen used Snapchat to get rescued Saturday 4:35 PM
- What fans do and don’t want to see in future ‘Far Cry’ installments Saturday 4:26 PM
- Aaron Carter accused of stealing lion art for merch Saturday 3:10 PM
- Instagram’s hidden like counts were inspired by a ‘Black Mirror’ episode Saturday 2:06 PM
- Student says they were expelled for tricking teacher into making inappropriate TikTok Saturday 12:26 PM
- Space Force uniforms relentlessly mocked, memed Saturday 10:52 AM
- Man flamed after admitting he called police on Target employee over a toothbrush Saturday 9:10 AM
- Netflix’s ‘Vivir Dos Veces’ searches for a last chance at first love Saturday 8:00 AM
Millions in Bitcoin gone after attack on Silk Road 2
Estimates of loses exceed $54 million USD.
The operators of Silk Road 2, an online Deep Web marketplace that can only be accessed through the anonymous web browsing system Tor, has been hacked. The attackers reportedly made out with millions of dollars worth of Bitcoins, all of the users’ funds that the site’s operators had been holding as part of transactions.
It’s been estimated that somewhere in the neighborhood of 88,000 bitcoins were stolen as a result of the attack. At the current market price, that haul is valued at approximately $54 million USD. However, Nicholas Weaver, a researcher at the International Computer Science Institute told Forbes that the amount of bitcoins stolen is likely closer to $2.6 million USD.
Silk Road 2 was launched last November, shortly after the original Silk Road was shut down by law enforcement authorities and its alleged mastermind, Ross Ulbricht, was arrested in San Francisco.
In an message posted to the Silk Road’s internal forum on Thursday, the site operator, who goes by the pseudonym Defcon, recounted the situation:
Our initial investigations indicate that a vendor exploited a recently discovered vulnerability in the Bitcoin protocol known as “transaction malleability” to repeatedly withdraw coins from our system until it was completely empty….This attack hit us at the worst possible time. We were planning on re-launching the new auto-finalize and Dispute Center this past weekend, and our projections of order finalization volume indicated that we would need the community’s full balance in hot storage. In retrospect this was incredibly foolish, and I take full responsibility for this decision.
The issue of transaction malleability is one that’s thrown the entire Bitcoin community into chaos in recent days. According to Coindesk, ?it’s an attack that lets someone change the unique ID of a bitcoin transaction before it is confirmed on the bitcoin network. The change makes it possible for someone to pretend that a transaction didn’t happen, if all the right conditions are in place.”
Conducted on a mass scale, as occurred earlier this week when an unknown entity used the technique to launch a coordinated denial of service attack on a number of Bitcoin exchanges around the world.
The attack caused MtGox, the single most high-profile Bitcoin exchange in existence, to temporarily halt all withdrawals until the issue of transaction malleability was dealt with. Others exchanges, such as the Slovenia-based Bitstamp, have followed suit.
In his or her note, Defcon admitted that the fault for the hack attack lays at the feet of the site’s operators. ?I have failed you as a leader, and am completely devastated by today’s discoveries,” Defcon wrote. ?I should have taken MtGox and Bitstamp’s lead and disabled withdrawals as soon as the malleability issue was reported. I was slow to respond and too skeptical of the possible issue at hand. It is a crushing blow. I cannot find the words to express how deeply I want this movement to be safe from the very threats I just watched materialize during my watch.”
Defcon wrote that there are currently efforts underway to track down the thief.
Even so, there are some who question Defcon’s version of events. In a post to Reddit’s r/Bitcoin forum, wrote a post charging that, ?it is clear that Silk Road 2 funds were stolen by the operators.”
Online black markets like Silk Road 2 have long been targets for hackers. Last December, hackers who targeted the online wallets of Sheep Marketplace stole over $100 million in Bitcoin the days before the marketplace shut down entirely.
Illustration by Jason Reed
Aaron Sankin is a former Senior Staff Writer at the Daily Dot who covered the intersection of politics, technology, online privacy, Twitter bots, and the role of dank memes in popular culture. He lives in Seattle, Washington. He joined the Center for Investigative Reporting in 2016.