Cyberthieves stole more than 4,100 bitcoins, worth $1.2 million, in a hacker “heist” on a site used to store the currency online, inputs.io. The hack is among the largest thefts in the currency’s four-year history.The bitcoins were stolen after hackers accessed the site inputs.io, according to SlashGear. The site offered online wallets for storing bitcoins, which also mixed up wallets to anonymize coins and speed up payments, according to Wired.
TradeFortress, who worked for the company, said in a forum post, “I don’t recommend storing any bitcoins accessible on computers connected to the internet.” Bitcoin can be stored in offline “wallets”, or even written down as a private cryptographic key, Wired points out.
TradeFortress has said he will offer partial refunds from his own funds, and from the remaining bitcoins on the site – totalling 1,540 bitcoin.
He also said that he was worried about his personal safety. Yahoo News said that the “anonymity” of bitcoin transactions has led to speculation that the robbery may have been an “inside job”.Some forum users taunted him with jokes such as “buy me a Rolex at least.” Tradefortress does not want to be identified, as he is “not much older than 18”, according to an ABC News report.
Slashgear’s report said the attackers compromised, “the hosting account through compromising email accounts (some very old, and without phone numbers attached, so it was easy to reset). The attacker was able to bypass 2FA due to a flaw on the server host side. Because of this, the hackers did gain access to the wallet’s database.”The attacks happened on October 23 and 26, according to Wired.
The hackers transferred the bitcoin backend code to another compromised server. The site said in an official message, ““I know this doesn’t mean much, but I’m sorry, and saying that I’m very sad that this happened is an understatement.”
The alleged theft is one of the largest in the currency’s four-year history, according to Yahoo. TradeFortress said that he was unlikely to report the theft to police.
”The police don’t have access to any more information than any user does when it comes to bitcoin. Some say it gives them control of their money,” he said in an interview with ABC.
ESET Malware Researcher Robert Lipovsky wrote in an earlier We Live Security post that Bitcoin and other crypto-currencies are being targeted by cybercriminals.“There are numerous malware families today that either perform Bitcoin mining or directly steal the contents of victims’ Bitcoin wallets, or both,” Lipovsky writes.