In 2016 BitTeX Bitfinex lost 120,000 BTC. The thieves took them under the eyes of BitGo, which was to serve as a protector.
On Tuesday, August 2, 2016 on Bitfinex board appeared the bitter news: we were attacked, we must temporarily close, a bit of bitcoin was stolen. It was not yet known how much of the stock was actually stolen. Internet detectives, however, soon noticed an exceptionally high drop in resources held on P2SH addresses that Bitfinex used. The presumption proved to be true, and Zane Tackett, Bitfinex community manager, confirmed: we have lost exactly 119 756 BTC.
This amount represents about 0.75% of all Bitcoins emitted so far and is the second highest loss in Bitcoin's history, right after the infamous Mt. Gox. According to the original reports, it lost 850 thousand BTC, but some have been found and the total loss is around 650 thousand BTC.
Bitfinex has been using a solution he has developed together with BitGo for the past year, which he described as a standard of transparency and security. In the first case, this may be true. Every client of the stock exchange had the funds deposited at an individual address and hence could see that the Exchange is actually in the possession and is solvent. And security? She obviously failed, but we do not yet know what exactly. This will reveal a more detailed investigation.
The addresses on which clients' funds are cleared are so-called multisig. Two of the three existing keys are needed to manipulate resources at that address. One was in Bitfinex standard traffic, the other was in cold storage Bitfinex, ie inaccessible and securely stored, and the third was BitGo. The standard practice was that Bitfinex signed a transaction at the transfer of funds, which was later verified in BitGo and added a second signature. However, we do not have more information about the scrutiny process.
Transactions that stole nearly 120,000 bitcoins were signed with the Bitfinex standard key and the BitGo key. So we know with certainty that the attacker compromised Bitfinex systems and gained its online keys. This is, of course, a very bad thing, which has already happened in the past. That is why there was another party, which in this case had to prevent the transfer of funds. But BitGo did not do it, and within a few tens of minutes it probably signed thousands of transactions that blew 120,000 BTCs.
One possible cause is the compromise of BitGo, but this option has denied the company. The second option is even worse: BitGo's service is unreliable and its design is fatal. The attacker could theoretically compromise the communication channel between Bitfinex and BitGo to make BitGo the transaction signed. But that does not change the fact that the shifting of that amount of resources in such a short time had to be a clearly visible anomaly BitGo had to capture.
Cases Mt. Gox and Bitfinex differ in more ways than they agree. Both exchanges were the biggest dollar exchange in times of trouble. The difference, however, is that the dollar exchanges now have only a small share of the total trade, in percentage terms. Bitcoin now dominates China. Specifically, Bitfinex's share of all stores ranged between 1-2%. In terms of volume and robbery and probably Bitfinex crash are not so significant.
Bitfinex, on the other hand, was one of the most progressive bitcoin stock exchanges. They did not only find classic spot stores, like most competitors, but also leverage or broker lending. There were also other virtual currencies such as Etherum and Litecoin. Assigned funds in these currencies should be unaffected.
The difference is also that if management Mt. Gox was not involved in the fraud, so he kept the losses he knew about at least for a long time, and apparently he was even higher. There is nothing to suggest that Bitfinex would be. According to the information available, the stock market went out with the truth almost immediately as soon as the theft occurred. In addition, business representatives are relatively open and inform about the extent of problems.
Of course, the market has responded to the theft. The course shortly after the announcement sinks about $ 600 for BTC under $ 500. Since then, it has been growing again and approaching the original value. On Thursday, August 4, Bitcoin traded for about $ 560. The market reaction shows that, although it is a great inconvenience, however, it does not have a significant impact on the ecosystem because Bitfinex is just a small piece of puzzle.
There are a number of opinions on how to deal with the situation, how to return the money to their rightful owners. Proposals like agreeing with thieves to return most of the money in exchange for impunity seem to be naïve. A little more serious is the suggestion of joining miners who could reverse their transactions with their computing power. That's just a minority opinion. Most people involved think that Bitcoin would have discredited such a move. One of Bitcoin's main assets is the irreversibility of transactions and the unenforceability of central bank transactions. Regardless of whether transactions are good or bad.
Anyway, thieves will not have a quiet life. Any transactions with stolen Bitcoins will be closely monitored. While techniques for mixing bitcoins are being developed to hide the creator, they also improve techniques for tracking them. Beyond reality is the notion that thieves could safely exchange most of the bitcoins for dollars or other traditional currency. Investigation will certainly facilitate the fact that it is one theft by one attacker or group of attackers. Not like Mt. Goxu, where the bitcoons gradually mysteriously scattered.
We have no information about Bitfinex's total resources. But it is assumed that those stolen represent the majority. Bitfinex is planning to run the site again so users can see how much they have on their addresses. This is related to the question of whether everyone should receive the balance of their address, or the remaining bitches should be shared among all. The second option seems more likely because users have no way of protecting their resources. All of them were directed by Bitfinex, although on individual addresses. This would mean that finding the balance would not be of any use to the client.
Some clients also pointed out that BitGo last February secured deposit insurance up to $ 250,000 per head. However, the announcement was soon erased, indicating that probably no refunds would be made. The insurance would probably only cover the funds in the BitGo wallet, not the funds at the partners, for which the company has only one key and therefore has no control over them.
Bitfinex is unlikely to recover from the theft, unless the case can be resolved quickly and the bitches returned. Otherwise, it looks more like bankruptcy. In that case, the release of the remaining funds would probably take many months, if not a flight, which is another big problem for clients. It will also be interesting to watch BitGo hit. This service is, by the way used by other big Euro-American exchanges, such as Bitstamp or Kraken. However, their use of BitGo may vary significantly. Both stock exchanges announced that the vast majority of bitcoins are in cold storage.
Cost / mo
|LANSOL GmbH||zyanWEB ULTIMATE||GBP||9||Unlimited||100GB||Germany||99.2%|
|Description: create cloud server, cloud based server hosting, cloud application server|
|Description: ruby server monitoring, gfi server monitor, wow mop private server|
|bookandhost.com||Win Book 1GB||GBP||6||10Gb||1Gb||Uganda||99.595%|
|Description: cloud based server backup solutions, server monitoring tool, cloud hosted servers|
|Description: dedicated server hosting australia, cloud based server backup, server backups|
|Description: cloud backup services for servers, server monitoring cloud, windows server monitoring tools|
|Description: exchange server monitoring, windows server recovery, server monitoring|
|Internetagentur Was||Basic Host 4||GBP||2||Unlimited||4.88GB||Germany||99.082%|
|Description: running wordpress on windows server, linux server monitoring, windows 2008 server backup|
|Description: cloud file servers, sql server backup strategy, small business server backup solutions|
|Description: systems management server, windows cloud servers, cloud backup servers|
|Description: best server backup solution, server cloud canada, cost of cloud server|
|Net-Build GmbH||Net-Build Business||GBP||17||Unlimited||24,41GB||Germany||99.92%|
|Description: xen server backup, monitor windows server performance, server backup solution|
|AAPT||WebBiz||GBP||47||2000 MB||250 MB||Australia||99.802%|
|Description: back up servers, server on cloud, cloud server setup|
|Description: cloud server host, cloud server services, server disaster recovery|
|Description: how to backup server, performance monitor windows server 2008 r2, monitoring server performance|
|Description: online server backup solutions, monitoring server software, cloud vs server|
|1&1 Internet AG||1&1 Unlimited Pro Windows||GBP||18||Unlimited||Unlimited||Germany||99.689%|
|Description: server image backup, sql server backup table, cloud virtual servers|
|Description: cloud server solutions, window server backup, cloud backup for servers|
|Description: hp server monitoring software, australian dedicated server hosting, servermonitor|
|Description: server network monitoring software, windows server 2003 installation, server network monitoring|
|Description: server backup system, online server backups, cloud based mail server|
|Description: online server backup, windows server backup system state, cloud plex server|
|Description: cloud server provider, server monitoring dashboard, simple server monitoring|
|DM Solutions e.K.||Reseller Basic v3||GBP||31||Unlimited||35.00GB||Germany||99.073%|
|Description: cloud servers reviews, server 2008 image backup, sql server with check option|
|STATION55||Germany Webhosting - Einsteiger Bronze Hosting||GBP||8||Unlimited||5GB||Germany||99.781%|
|Description: backblaze server backup, creating a cloud server, web server monitoring tools|
|Description: cloud server costs, windows server 2003 group policy editor, best server backup|
|Description: cloud backup server, datacenter server architecture, online backup servers|
|Description: server backup tools, server cloud, server performance monitoring|
|Description: web server monitoring, build a cloud server, windows server 2008 system restore|
GBP 9 / Month
GBP 136 / Month