DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Bitcoinica breach done by leaked source code results In 40,000+ being stolen

Posted on July 14, 2012 by Lee J

Back in may, well known and trusted bitcoin service Bitcoinica was breached and bitcoins were stolen as a result. Since then the website has claim to shut down and has a "claims" process for those who were effected in the main breach. Well it appears that from that hack others were able to obtain access to another lump of coins which were locked in an account that had its login credentials for a 3rd party api which stored the data. The most recent attack has got alot of people flaming all over reddit and bitcointalk.org that the owner of such service should never be trusted again and that they also claim to be security experts. The Owners have also tried to justify this by throwing the blame around between "new and old" owners and the middle men involved.

We were not privy to all the problems when taking on Bitcoinica. Zhou was being paid $8000 a month for operating Bitcoinica in his part time while Tihan was scrambling to get the site working. During the last month, Zhou was not taking pay, to refund the money stolen by the Linode compromise. Tihan was rushing to get the paperwork finished because Zhou is attending school. We kept sending the paperwork back saying it’s incomplete and there’s problems, so when the initial compromise happened, the company was not yet fully formed. The initial confusion was over who is responsible as the GP – the part time owner devoting maybe 5 hours a week? The new owners who had no experience operating the site? The middleman who acts on behalf of the owner and has no technical knowledge? That’s why payments were initially complicated and delayed.

The bit of code that is said to of caused this whole issue is this:

genjix:~/tmp/bitcoinica_legacy/config/initializers$ cat mtgox_credentials.rb if Rails.env.production? MtGox.configure do |config| config.key = "c02e1a27-5524-449f-ba65-aff9581ddedc" config.secret = ’83U1ROG++O3vwBqFrxpcdyLIoChpgnowImy1oMVQwBLalaLevZDmWeCPJFTrYW00OQ7XUgG53LsIL2pBZ2PQgA==’ end end

AS you can see they allowed this to be leaked and clearly they have never changed or updated the 3rd party api and account details to prevent any further damage. Now we aren’t here to say whats right and wrong, but clear the Bitcoinica administration has totally failed to keep a duty of care with its clients funds. A police investigation is claimed to of been started into this breach as well as stated by a Sr member of the bitcointalk foum: "We will open a police investigation and get this clear on the police’s side. We will not however be able to share such details publicly while an investigation is in progress." Keep up to date with how the community feels about this on the Bitcointalk forum: https://bitcointalk.org/index.php?topic=93074 The source code for Bitcoinica was also published, now being hosted on deposit files in a compressed file that’s 6.2mb. https://depositfiles.com/files/2p6zvadzs

Category: Breach Incidents

Post navigation

← 860+ Sites Defaced By 3CA, 3xp1r3 Cyber Army
Android Forums Breached, 1,000,000+ User Account Details At Risk →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Comstar LLC agrees to corrective action plan and fine to settle HHS OCR charges
  • Australian ransomware victims now must tell the government if they pay up
  • U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
  • Victoria’s Secret takes down website after security incident
  • U.S. Government Employee Arrested for Attempting to Provide Classified Information to Foreign Government
  • St. Cloud Provides Update on Ransomware Attack in 2024
  • Bradford Health Systems detected abnormal network activity in December 2023. They first sent out breach notices this week.
  • Websites selling hacking tools to cybercriminals seized
  • ConnectWise suspects cyberattack affecting some ScreenConnect customers was state-sponsored
  • Possible ransomware attack disrupts Maine and New Hampshire Covenant Health locations

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Why AI May Be Listening In on Your Next Doctor’s Appointment
  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare
  • Nebraska Bans Minor Social Media Accounts Without Parental Consent
  • Trump Taps Palantir to Compile Data on Americans
  • The US Is Storing Migrant Children’s DNA in a Criminal Database
  • Home Pregnancy Test Company Wins Dismissal of Pixel Wiretapping Suit
  • The CCPA emerges as a new legal battleground for web tracking litigation

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.