Feeds

Linode hackers escape with $70K in daring bitcoin heist

Compromised servers ransacked for digital cash

Build a business case: developing custom apps

Updated Popular web host Linode has been hacked by cyber-thieves who made off with a stash of bitcoins worth $71,000 (£44,736) in real money.

The crooks pulled off the heist after obtaining admin passwords for Linode's network gear. Having infiltrated its systems, the thieves proceeded to target several Bitcoin-related servers, stealing $15k (£9.45k) from one merchant and more than 10,000 bitcoins ($56k, £35k) from Bitcoinica, a trading exchange for the digital currency. Bitcoinica has promised to reimburse customers for any losses. It said in a statement:

Many of you have heard that several bitcoin services were victims of a recent Linode security breach today. Unfortunately, Bitcoinica is also among the services affected.

On 2012-03-01 at 6:30 UTC, our "hot wallet" hosted at Linode and containing over 10,000 BTC was emptied. The unauthorized access is consistent with that experienced by other bitcoin services, described by Linode as unauthorized access from Linode's "customer support interface".

Punters should avoid using any bitcoin addresses previously used to fund their Bitcoinica accounts, Bitcoinica advises:

We must assume that the thief has retained private keys associated with old bitcoin deposit addresses. This would allow them to access any new bitcoins sent to old deposit addresses. As of now, our website will only display new deposit addresses which are not affected by this. However any old bitcoin addresses which you may have recorded for convenience should never be used ever again. This is the most important thing.

Linode admitted it had been compromised and issued a statement to say the digital safety deposit boxes of eight customers had been ransacked. It promised to review and improve its security procedures in the wake of the hack:

This morning, an intruder accessed a web-based Linode customer service portal. Suspicious events prompted an immediate investigation and the compromised credentials used by this intruder were then restricted. All activity via the web portal is logged, and an exhaustive audit has provided the following:

All activity by the intruder was limited to a total of eight customers, all of which had references to "bitcoin". The intruder proceeded to compromise those Linode Manager accounts, with the apparent goal of finding and transferring any bitcoins. Those customers affected have been notified. If you have not received a notification then your account is unaffected. Again, only eight accounts were affected.

The portal does not have access to credit card information or Linode Manager user passwords. Only those eight accounts were viewed or manipulated - no other accounts were viewed or accessed.

Security is our number one priority and has been for over eight years. We depend on and value the trust our customers have placed in us. Now, more than ever, we remain committed to ensuring the safety and security of our customers' accounts, and will be reviewing our policies and procedures to prevent this from ever recurring.

Bitcoins are a form of electronic currency that can be exchanged for real cash. The system relies on public-key cryptography and peer-to-peer networking to transfer the coins between users' wallets. Isolated incidents of cyber-crooks using number-crunching botnets to generate bitcoins were detected last year.

Some miscreants appeared to have moved over to stealing bitcoins directly but it's unclear whether the smash-and-grab raid against Linode is a one-off, or the start of a new tactic in cybercrime. ®

Updated to add

Although Bitcoinica's official statement says over 10,000 BTC were stolen, the actual total appears to be 43,554 BTC.

Endpoint data privacy in the cloud is easier than you think

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Multipath TCP speeds up the internet so much that security breaks
Black Hat research says proposed protocol will bork network probes, flummox firewalls
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers
They're not emails, they're business records, says court
Plug and PREY: Hackers reprogram USB drives to silently infect PCs
BadUSB instructs gadget chips to inject key-presses, redirect net traffic and more
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
prev story

Whitepapers

7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?