Feeds

Silk Road admins: Sorry for the hack, we're sorting out refunds

Head of drugs market vows to make good on lost cryptogeld

SANS - Survey on application security programs

The masterminds of the SilkRoad 2.0 underground market have vowed to pay back all of the funds lost in a recent Bitcoin hack.

Administrator Defcon said that the team behind the darknet market would be donating all commissions it gathers on transactions towards reimbursing funds which were lifted from its escrow account by hackers last week.

"This leadership and this community will not stop until you are completely repaid," Defcon vowed.

"We know you feel defenseless right now. You are naked. Many of you are convinced there is no logical reason any darknet admin would ever fight to get your coins back."

The post puts to rest fears that Silk Road 2.0 would not attempt to relaunch in the wake of last week's incident which saw some $2.7m worth of Bitcoin vanish when an attacker exploited a transaction malleability vulnerability to empty all of the funds from Silk Road's transaction escrow wallet. According to administrators, 26 per cent of Silk Road's active users saw their entire Silk Road account funds wiped out in the attack.

The site has relaunched but has eliminated any central escrow plan (like the one which was hacked.) Rather, users and vendors will have the option of dealing directly with highly-trusted parties or using a reputation-based decentralized escrow system to hold funds pending delivery.

Additionally, the site said that it will launch support and dispute resolution services to help sort out transactions which were thrown for a loop by the attack itself.

Under the plan, Defcon vowed that the management would not collect any commission for itself until users were refunded "even if it takes a year." Or, perhaps more likely, until law enforcement shuts down the marketplace as it did the first Silk Road iteration.

"This is not an ideal climate, but it is the reality of the darknet today. I cannot emphasize strongly enough that every market which uses centralized escrow will fail," Defcon said.

"Centralization makes a market a huge target for attackers, and a huge target for dishonest administrators."

Meanwhile, Silk Road administrators say they are continuing to pore over information they have received on who might have been behind the hack. Defcon said that early indications are that no members of the administration were behind or complacent in the attack. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.