Article Lead Image

Bitcoin brokerage loses $12,000 in digital heist

BitInstant, a service that makes it easier to buy Bitcoins, had $12,000 stolen from its company account in a social engineering attack.


Kevin Morris

Internet Culture

Posted on Mar 8, 2013   Updated on Jun 1, 2021, 10:16 pm CDT

A Bitcoin broker fell victim to a major digital heist over the weekend after hackers snuck their way into its accounts and made off with $12,000 worth of the digital currency.

The attack briefly shut down Bitcoin brokerage firm BitInstant over the weekend, as hackers took over its DNS servers and email accounts.

BitInstant, which acts as a middleman between Bitcoin exchanges and people looking to invest in the currency, said the attack did not compromise any customer accounts. Instead, hackers stole directly from the company’s own accounts—a bit of silver lining for a brokerage that at one point last year was exchanging $2.5 million of Bitcoins every month. An attack on its customers could have been disastrous.

Here’s how it went down: A hacker, which BitInstant believes is based in Russia, used publicly available info to weasel their way into the company’s domain name server (DNS) and kick out the legitimate owners. That gave them control over BitInstant email accounts. The next step was easy. The hacker went to online BitCoin exchange VirWox and asked to reset their passwords. Once they received the password reset email, they had full access to the BitInstant account on VirWox.

BitInstant wasn’t surprised by the attack. A company rep wrote in a blog post:

“We’ve long been targeted by someone using social engineering tactics to attempt to compromise our various accounts at exchanges, with our hosting provider Amazon AWS and even on my personal accounts, mostly without success. At no time have we ever had a single system or account compromised through technical means, or indeed at all before yesterday.”

This isn’t the largest heist in Bitcoin history. That dubious honor goes to Bitcoinica, a now-defunct digital exchange. In 2012, hackers made off with 60,000 bitcoins, worth hundreds of thousands of dollars at the time—a theft of such magnitude that it contributed to Bitcoinica shutting down entirely a few months later.

Bitcoin has been seeing a popularity explosion in recent months. It’s easy to see this latest hack as a sign that Bitcoin is a risky currency to own. But it’s also a sign of Bitcoin’s growing legitimacy. Thieves don’t usually waste their time on Monopoly money.

Photo by Jackbet/Flickr

Share this article
*First Published: Mar 8, 2013, 5:12 pm CST