Feeds

Joke no more: Comedy virty currency Dogecoin gets real in big Xmas heist

Wow. So hack. Very theft. Much sorry. Wow

The Essential Guide to IT Transformation

If you've heard of Dogecoin, maybe you thought it was a joke. A cryptocurrency based on what has been called the meme of the year for 2013, it certainly has all the earmarks of an internet prank. But some people are apparently taking Dogecoin seriously – seriously enough, at least, to steal millions of them from online wallets.

In a move worthy of Scrooge himself, the e-heist took place on Christmas Day. Hackers were reportedly able to compromise the systems of online wallet service Dogewallet and reconfigure the site so that all transactions were rerouted to their own address.

"We're currently looking at logs and have found thousands of attempts to hack our systems," a message posted to Dogewallet's site on Wednesday explained. "Specifically, the attack originated from the hacker gaining access to our filesystem and modifying the send/receive page to send to a static address. We're currently reviewing logs for information."

It's not clear exactly how many Dogecoins fell prey to the incident, but the amount is said to be in excess of 30 million. The value of one Dogecoin is currently estimated at around $0.0006, making the amount stolen worth potentially $18,000 or more in real-world dollars.

In a Reddit post on the matter, Dogewallet's founders say they are scrambling to reimburse users for as much of the lost currency as possible. As The Reg goes to press the big, red "Publish" button on this story, the latest update claims that at least "a few million" Dogecoins have been returned to users so far.

Not everyone in the Dogecoin community buys Dogewallet's explanation, however. In a separate Reddit thread, some users have speculated that the incident may not have been a hack at all, but the result of a deliberate scam designed to bilk gullible users out of their Dogecoins.

Scam or not – and El Reg does not care to speculate on who may have been behind the theft – many Dogecoin fans have argued that most of these losses could have been prevented if Dogewallet users had learned from the example of earlier cryptocurrencies, such as the daddy of them all, Bitcoin.

As recently as November, an Australian man claimed he lost Bitcoin worth more than $1m from an online wallet that was managed by a service called inputs.io. That service has since been taken down, its homepage replaced with a less-than-reassuring apology.

Indeed, even Dogewallet's operators weren't so dreadfully cut up by Wednesday's sad event that they didn't take the opportunity to wag their fingers at some of the service's users.

"Please use offline wallets as online wallets are meant for new users who aren't using them as a storage of coins," they wrote. "Offline wallets are more safe and secure than any online wallet due to possible attacks that can originate from anyone, anywhere."

Anyone, anywhere indeed. Dogewallet has posted the address it believes was the beneficiary of the purloined Dogecoins, but whether that will help recover them is unclear.

As for the future of Dogewallet, it sounds like it doesn't have one. The service is currently shut down and it doesn't seem likely to return.

"We're going to compensate all invested users and as much non-invested user balances as possible and discontinue the website," the operators wrote on Reddit. ®

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Backing up Big Data
Solving backup challenges and “protect everything from everywhere,” as we move into the era of big data management and the adoption of BYOD.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.