BitInstant becomes latest bitcoin theft victim

BitInstant becomes latest bitcoin theft victim

Using simple social engineering techniques, an attacker has managed to steal around $12,500 in bitcoins from virtual currency exchange BitInstant.

BitInstant went offline over the weekend before reappearing on Monday with a blog post explaining the attack.

According to the post, an attacker contacted the site's domain registrar - proxying through a network owned by a UK haulage company - posing as the writer and using a "very similar" e-mail address.

Armed with details of the writer's place of birth and mother's maiden name, presumably found online, the attacker convinced the domain registrar, Site5, to add their e-mail address to the account and make it the primary login.

After gaining access, the attacker managed to steal $12,480 worth of bitcoins and send them in three instalments to other bitcoin addresses.

However, says the post, various security measures, such as multi-factor authentication and auto lockdowns prevented any more theft and no personal or transactional information from users has been leaked.

The attack is just the latest in a long line of thefts from various bitcoin exchanges over the last couple of years, highlighting the security hurdles the technology poses.

Despite this, the virtual currency has been riding a wave in recent weeks, hitting a record price of more than $46 as speculation mounts that it is set to break into the mainstream, boosted by a deal between MT. Gox and CoinLab which should see an expanded USD presence.

Comments: (0)

Find out more
Dorsum white paper - Building your future wealth management solution vol. 2

Trending Stories