Coin Desk Items....
LocalBitcoins Names Malware As
Cause of Wallet Issues
LocalBitcoins users took to reddit and official LocalBitcoins forums today (17th April), reporting that some bitcoin wallets managed by the company have been emptied, and that transactions have been delayed.
The Finland-based bitcoin buying and selling service has now issued an official response to these claims via its blog, stating that the problem is likely the result of a malware intrusion.
In the post, LocalBitcoins announced it would limit hot wallet activity on its services while it addresses the issue.
Further, it released its initial assessment of the situation:
The company also downplayed that there were larger issues with the site, stating:
LocalBitcoins said it would investigate the issue further over the weekend,
Malware attack
LocalBitcoins explained that based on the small number of users affected, and the fact that the compromised accounts did not have two-factor authentication enabled, the intrusions may be the result of malicious code.
Read the post:
The attack appears automated, according to the company. It went on to suggest that intrusions seem to be common to users that do not have two-factor authentication in place, and that logins on those accounts are coming from seemingly random IP addresses. Though, at press time, one comment on the post suggested that users who had two-factor authentication enabled may have been affected.
Protecting bitcoins
LocalBitcoins has decided to limit the transactions going in and out of its hot wallet for hosted storage until it finds a way to root out the possible malware issue, according to the company’s forums.
This means that withdrawals are being temporarily delayed:
The first thing users should do to protect bitcoins in any wallet is to enable two-factor authentication on an account, which uses a secondary element such as a phone to verify a user’s identity.
Another important thing to do is to disable JavaScript, which is susceptible to zero-day exploits. Bitcoin users with balances on hosted or “hot” wallets should always consider keeping their main cache of bitcoins in an offline or “cold” wallet.
This story is still developing. CoinDesk will monitor and provide updates as new details become known.
Former Neo & Bee Employees
Release Damning Statement
Former employees of Neo & Bee have taken to reddit to voice their version of the events that led to the demise of the Cyprus-based bitcoin company.
The post, which is signed by Neo & Bee’s former COO George Papageorgiou and former compliance and risk management officer Øystein Aaby, details their view that they were “misled” throughout the company’s operation.
The post follows the publication of a statement on reddit by the company’s CEO Danny Brewster on 15th April. He asserted that he has in no way committed fraud and has not embezzled customer or company funds, as has been suggested.
In today’s post, the former employees convey their regret that the company ultimately failed and profit shareholders were not protected.
They go on to provide a detailed explanation of what they claim happened within the company, stating that the information has already been testified to the police in Cyprus, where a warrant was recently issued for Brewster’s arrest.
According to the post, members of the company’s senior management team repeatedly asked Brewster to share the firm’s balance sheet and documentation relating to the number of bitcoins in its possession, which he failed to provide.
It continues:
The post goes on to detail a number of senior management meetings held at theNeo & Bee offices in the second half of last month. In these meetings, Brewster reportedly made contradictory claims about the number of bitcoins owned by the company and by him personally.
Demands
The former CEO and risk management officer claim that, on 20th March, Brewster was asked – and agreed – to step down as CEO. He then flew to the UK with the aim of raising investment.
“On the 31st, we sent him a demand letter requesting he returns and give explanations regarding his absence in the face of dire problems with the company, and the brand decomposing each day he is away and the company is unfunded. The deadline expired on 18:30 Cyprus time, April the 2nd, Wednesday,” the reddit post reads.
It concludes:
China’s Banks Close More
Bitcoin Accounts Following
PBOC Deadline
Published on April 17, 2014 at 17:35 BST | Asia, News, Regulation
There is continued uncertainty for bitcoin exchanges in China tonight as some large-volume exchanges reported verbal closure notices from banking partners today.
Exchanges OKCoin and Huobi said they had bank accounts closed as of Friday afternoon China time, posting the news on their respective sites.
China has still not ‘banned bitcoin’, despite certain rumors. The implied restrictions refer only to the way bitcoin exchange accounts are funded by their users, and there is no word that withdrawals from exchanges or any other bitcoin transactions are affected.
That said, what follows is a public announcement from Chinese exchange CHBTCand a translation of its subsequent conversation about the issue with one of its banking partners.
The initial announcement read:
Phone call
The telephone conversation between CHBTC and its banking associate went as such:
CHBTC: Has the bank received specific directives in the form of documentation?
Bank: It is not convenient for us to answer that, but prior to this we did not know your company was engaged in the bitcoin business, and so since we can find and call you, you can understand that someone has been eyeing all the company accounts used to do bitcoin business, and proactively told us.
C: Must we close our account; can we just zero out our balance?
B: Well it is up to you, however you know that someone is eyeing your account, do you think that it would be appropriate [to keep it open]? since I am making this call to you today, the meaning should be very clear, and I hope that you guys won’t make it difficult for me, and I can’t be more explicit than this.
C: what happens if we do not want to close our account, and insist on waiting for a document/notice?
B: Then it is up to you. We are calling because we would like you guys to close your account. If there are new notices, we might just directly execute; in any case you guys should transfer the account’s balance to another bank card, and then engage in the process of closing down your account.
C: OK then, we will cooperate! prepare to close the account.
B: Your cooperation is much appreciated.
C: Can we know when you received the notice, was it before 4/15, or is it in the past two days?
B: It is not convenient for me to disclose the specific time, but for us we wouldn’t dawdle over such matters, so you can figure it out yourself.
C: Do we have to close down both business and personal accounts?
B: I am only in charge of personal accounts, but my colleague for the business account will also contact you immediately.
C: do we have specific account closing time?
B: As fast as possible!
One of many
CHBTC added that these messages came from just one of its banking partners, and it had not received any similar notices from other business associates. It was, however, preparing for that eventuality and would not be using personal bank accounts to fund exchange accounts in future.
Chinese exchanges will no doubt find other ways to serve their customers, the most likely option being the voucher system pioneered by BTC China in which third-party code numbers are used to deposit and withdraw funds.
BTC China’s CEO Bobby Lee told CoinDesk all of its bank accounts are still open.
“Contrary to some rumors, we still have not received any notices from any of our banks or the PBOC, requesting to close accounts. All of our customers can continue to use our banking deposit channels to fund their exchange accounts on BTC China,” he added.
Crypto Coin News.....
http://www.cryptocoinsnews.com/news/cryptsy-in-disarray/2014/04/17
Cryptsy in disarray
The popular cryptocurrency trading site Cryptsy.com has been having some noticeable issues these past few hours. Users of Cryptsy have been reporting negative balances, frozen transfers, suspended withdrawals. Speculation is that a recent update is causing the issues. Cryptsy is aware of the issues, but no official statement has been released yet.
Who’s been hit?
I spoke to BlackDogeOfWallSt, one of the developers of BlackCoinPool.com (BCP), which has probably been the hardest-hit community from Cryptsy’s problems. BCP has had to delay their payments due to the problems. BCP’s payouts have to go through an exchange first — one of the exchanges they use most is Cryptsy. Cryptsy isn’t the only exchange they use, but it’s one of their most used. BCP has to go through Cryptsy because BlackCoin can’t be mined, so the pool mines other cryptocurrencies and converts them to BlackCoin through Cryptsy. The BlackCoins are then distributed to the miners in the pool. When Cryptsy froze, BCP had no way to convert their mined cryptocurrencies to BlackCoin, so none of their miners could get paid. BCP is the official BlackCoin mining pool, and a large portion of BlackCoins come from it.
We will continue to update you on this situation as more news is released.
Edit 1: 4/17/14 9:29 AM EST. No official statement has been released by Cryptsy, and it seems as though users are still experiencing problems. This could be Mt. Gox part 2, which would be very, very, bad… Or it could not, only time will tell. The worst thing Cryptsy could do right now is leave the public out of the dark — their customers need to know what’s going on, or they will switch to other exchanges.
Edit 2: 4/17/14 10:04 AM EST. Cryptsy has released an official statement regarding the shutdown of services. They say they chose to keep Cryptsy online while performing modifications to a new ledger system (holds and organizes data such as user balances), which ended up being a mistake. This was the cause of the goofed user balances. They then turned off withdrawals, but the incorrect balances were messing with the trading system, so they shut that down too. Cryptsy says a full system audit has been run to ensure the accuracy of balances, and that everything is back to normal.
If you can’t click on the link above, here’s Cryptsy’s official release on their blog (copy and paste the link into your browser): http://blog.cryptsy.com/post/82992987380/4-16-2014-maintenance-post-mortem
Edit 3: 4/17/14 10:20 AM EST. While Cryptsy claims that everything is back to normal, the first person I spoke to about it online begged to differ. The user (who wishes to remain anonymous) says he’s credited as owing Cryptsy 1,200,000 (1.2 million) dogecoins (about $784), when he only had about 700,000 dogecoins in his account during the problems. I’ll continue to look into this situation.
Edit 4: 4/17/14 10:28 AM EST. The second user I talked to online who has coins in Cryptsy, ‘loq’, is also having issues. Yesterday loq was trading cryptos before he knew of Cryptsy’s troubles. He was making profit so he kept on trading, and once he had a fair amount of Dogecoins he attempted to withdraw them. His withdrawal is still pending, and it’s been 24 hours, while it usually only takes a few seconds to confirm and withdraw. loq has a -0.23 bitcoin balance (yes, negative), and a -160,000 Dogecoin balance.
Edit 5: 4/17/14 2:16 PM EST. The user who wishes to remain anonymous just told me that his balance has been restored and everything seems to be ok. He opened a ticket with Cryptsy support and received a response four hours later.
No comments:
Post a Comment