Feeds

Joke no more: Comedy virty currency Dogecoin gets real in big Xmas heist

Wow. So hack. Very theft. Much sorry. Wow

Using blade systems to cut costs and sharpen efficiencies

If you've heard of Dogecoin, maybe you thought it was a joke. A cryptocurrency based on what has been called the meme of the year for 2013, it certainly has all the earmarks of an internet prank. But some people are apparently taking Dogecoin seriously – seriously enough, at least, to steal millions of them from online wallets.

In a move worthy of Scrooge himself, the e-heist took place on Christmas Day. Hackers were reportedly able to compromise the systems of online wallet service Dogewallet and reconfigure the site so that all transactions were rerouted to their own address.

"We're currently looking at logs and have found thousands of attempts to hack our systems," a message posted to Dogewallet's site on Wednesday explained. "Specifically, the attack originated from the hacker gaining access to our filesystem and modifying the send/receive page to send to a static address. We're currently reviewing logs for information."

It's not clear exactly how many Dogecoins fell prey to the incident, but the amount is said to be in excess of 30 million. The value of one Dogecoin is currently estimated at around $0.0006, making the amount stolen worth potentially $18,000 or more in real-world dollars.

In a Reddit post on the matter, Dogewallet's founders say they are scrambling to reimburse users for as much of the lost currency as possible. As The Reg goes to press the big, red "Publish" button on this story, the latest update claims that at least "a few million" Dogecoins have been returned to users so far.

Not everyone in the Dogecoin community buys Dogewallet's explanation, however. In a separate Reddit thread, some users have speculated that the incident may not have been a hack at all, but the result of a deliberate scam designed to bilk gullible users out of their Dogecoins.

Scam or not – and El Reg does not care to speculate on who may have been behind the theft – many Dogecoin fans have argued that most of these losses could have been prevented if Dogewallet users had learned from the example of earlier cryptocurrencies, such as the daddy of them all, Bitcoin.

As recently as November, an Australian man claimed he lost Bitcoin worth more than $1m from an online wallet that was managed by a service called inputs.io. That service has since been taken down, its homepage replaced with a less-than-reassuring apology.

Indeed, even Dogewallet's operators weren't so dreadfully cut up by Wednesday's sad event that they didn't take the opportunity to wag their fingers at some of the service's users.

"Please use offline wallets as online wallets are meant for new users who aren't using them as a storage of coins," they wrote. "Offline wallets are more safe and secure than any online wallet due to possible attacks that can originate from anyone, anywhere."

Anyone, anywhere indeed. Dogewallet has posted the address it believes was the beneficiary of the purloined Dogecoins, but whether that will help recover them is unclear.

As for the future of Dogewallet, it sounds like it doesn't have one. The service is currently shut down and it doesn't seem likely to return.

"We're going to compensate all invested users and as much non-invested user balances as possible and discontinue the website," the operators wrote on Reddit. ®

The smart choice: opportunity from uncertainty

More from The Register

next story
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you been on YouPorn lately, perhaps? White House website?
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Black Hat anti-Tor talk smashed by lawyers' wrecking ball
Unmasking hidden users is too hot for Carnegie-Mellon
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
prev story

Whitepapers

Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.