Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Bitcoin Discussion
List of Major Bitcoin Heists, Thefts, Hacks, Scams, and Losses [4]
by
dree12
on 19/04/2014, 01:57:36 UTC
Bit LC Theft
Time: Discovered February 13, 2013
Victim: Bit LC Inc. and miners
Status: Suspected theft by “Erick”, could be misunderstanding.
Amount: Estimate 2000 BTC[48]
Equivalent in USD: 51480 $
Equivalent in January 2014 BTC: 63.4BTC
Transactions of interest:
This alleged theft was unique in that coins held in the hot wallet were safe, but coins held in a cold wallet compromised. The thief is not expected to have access to the coins regardless, so there was little financial gain from this theft. Erick, allegedly the only one with physical access to Bit LC Inc.'s cold wallet, has failed to communicate and withdraw coins. Bit LC Inc. therefore was required to declare bankruptcy. There is no proof that Erick intentionally stole the coins; indeed, some evidence asserts that he or she may simply have disappeared in some manner.

BTCGuild Incident
Time: March 10, 2013
Victim: BTCGuild mining pool
Status: 16 thieves, one has returned 47 BTC
Amount: About 1254 BTC[49]
Equivalent in USD: 72556 $
Equivalent in January 2014 BTC: 88.9BTC
When BTCGuild was upgrading the Bitcoind client to 0.8, the mining pool used its original upgrade plan. However, 0.8 is unique in that it reindexes the blockchain. This prompted a temporary state in which the pool was paying out for difficulty-1 shares, as that was the extent of the blockchain parsed. Sixteen separate thieves subsequently emptied the hot wallet. 47 BTC have been returned to the pool. The pool would on the following day lose even more money thanks to a bug causing its recent upgrade to 0.8 to differ from nodes running 0.7 or lower.

2013 Fork
Time: 2013-03-11
Victims: OKPay, many mining pools including slush, BTCGuild, etc.
Status: OKPay double-spend attack resolved.
Amount: Exactly 960.09645667BTC[50]
Equivalent in USD: 55551 $
Equivalent in January 2014 BTC: 68.1BTC
A major blockchain fork occurred due to a bug in Bitcoin-Qt clients which had not upgraded to the new 0.8 version. Unfortuantely, those clients formed the majority of Bitcoin users at the time. The resulting fork split mining pools; those that had upgraded lost block revenue. Some mining pools took the hit, whereas others passed the cost on to miners.

The fork also made possible isolated double-spending attacks. Only one such attack was conducted, costing OKPay significantly. Luckily, the thief has since returned the money.

Bitcoin Rain
Date: 2011-10-03 to 2013-03-28
Victims: Investors in Bitcoin Rain, account holders on Mercado Bitcoin.
Perpetrator: Leandro César
Amount: Estimate 4000 BTC[51]
Equivalent in USD: 231440 $
Equivalent in January 2014 BTC: 284 BTC
A suspected long-running con likened to the infamous Bitcoin Savings and Trust, Bitcoin Rain finally defaulted on March 28, 2013. Leandro César claimed there was a security breach on his exchange website Mercado Bitcoin.[52] As Bitcoin Rain's funds were stored there, investors in Bitcoin Rain as well as account holders on Mercado Bitcoin lost money. Some money was reportedly paid back, but the vast majority is still outstanding.

ZigGap
Date: February to April 2013
Victim: Investors and creditors of ZigGap
Amount: About 1708.65967460BTC[53]
Equivalent in USD: 195490 $
Equivalent in January 2014 BTC: 240 BTC
User aethero, who was originally a reputable Bitcoiner, founded ZigGap after two previously succesful ventures, including BitPantry. Purporting to offer easy ways to purchase BTC, ZigGap saw little business. The founder seems to have also suffered mental illness in the latter stages of business operation.[54]

Ozcoin Theft
Time: 2013-04-19
Victim: Ozcoin mining pool
Status: Thief, a user of Strongcoin, known but not disclosed. Strongcoin seized funds and returned 568.94BTC to the mining pool operator.[55]
Amount: Exactly 922.99063322BTC[56]
Equivalent in USD: 105600 $
Equivalent in January 2014 BTC: 130 BTC
A hacker managed to infilterate Ozcoin's payout script, such that all money was paid out to the hacker's address. Luckily, a day later Strongcoin seized most of the stolen funds and promptly returned them to Ozcoin.

Vircurex Theft
Date: 2013-05-10
Victim: Vircurex and shareholders
Transactions of interest:[57]
  • cbce6bd1e274a9ea9d6946feaf4a1b0f80a5885a8482f4ebf3caa052f22bb4bf
  • 85489430661f3041608749acb3019a1dcbf07a60f22e4bc43acfd05b46496cc9
Amount: Exactly 1454.01500000BTC[58]
Equivalent in USD: 163351 $
Equivalent in January 2014 BTC: 200 BTC
The hot wallet and “warm” wallet of Bitcoin to alternative cryptocurrency exchange service Vircurex was emptied in May 2013, resulting in a significant loss of three currencies: Bitcoin, Terracoin, and Litecoin.[57] Initially, Vircurex operated normally despite the loss, though it no longer paid dividends to shareholders. In March 2014, due to strain caused by large withdrawals (in addition to a default by AurumXChange, a fiat processor Vircurex used), Vircurex froze large quantities of many currencies; however, it promises to pay these back eventually.[59]

James Howells Loss
Type: Loss
Date: July 2013[60]
Victim: James Howells
Amount: Estimate 7500 BTC[61]
Equivalent in USD: 627659 $
Equivalent in January 2014 BTC: 764 BTC
A hard drive containing keys to bitcoins generated in 2009 were accidentally thrown away in 2013 after a period of meteoric price rallies. The owner, James Howells, reportedly attempted to retrieve the money by going to the landfill where the hard drive was buried, but gave up after learning of the difficulty of retrieving trash.[61]

Just Dice Incident
Time: 2013-07-15
Victim: Just-Dice, Just-Dice investors
Suspect: Just-Dice.com user “celeste”, who claims he was hacked.
Status: Bets rolled back.
Related transaction: 0aa67253b162c6ddae04bbc5b01a0283591a74288cdd1c2073a3181ec7e124da[62]
Amount: Exactly 1300.15500000BTC[63]
Equivalent in USD: 108807 $
Equivalent in January 2014 BTC: 132 BTC
A player on Just-Dice.com with an especially large balance asked to withdraw 1300 BTC.[64] Because the hot wallet did not contain that much money, Just-Dice.com administrator Chris Moore (“dooglus”) manually processed the transaction from the cold wallet. However, he forgot to remove the balance in Just-Dice.com's database. The Just-Dice.com user then proceeded to bet the fake balance on the gambling website and subsequently lost it all. Because of the manner Just-Dice.com is structured, the website lost money even though the malicious user did not earn any money from the theft.

To recoup losses, the operator rolled back the gambling losses and corrected the wrong balance. This resulted in losses for all “investors” of Just-Dice.com; however, the operator explains that nobody actually lost money because the bet should never have happened. In conclusion, it seems that odd decisions on the malicious user's part and probability ensured no actual loss from the incident, even though 1300 BTC was stolen. The amount was simply lost back to Just-Dice.com thanks to luck in the website's favour.

Silk Road Seizure
Dates:
  • 2013-10-02: First seizure (Silk Road user funds)
  • 2013-10-25: Second seizure (Ross Ulbricht's personal coins)
Victim: Silk Road, Ross Ulbricht, Silk Road users
Perpetrator: FBI seizure

Amount:
  • First seizure: 27618.69843217BTC[65]
  • Second seizure: 144336.39449470BTC[66]
Total: Exactly 171955.09292687BTC
Equivalent in USD: 26867560 $
Equivalent in January 2014 BTC: 32700 BTC
Silk Road was a former underground marketplace that dealt primarily in Bitcoin. Run by Ross Ulbricht, it was once widely known for frequent narcotic sales.[67] Although it operated under the jurisdiction of the United States, it made little attempt to comply with US law.[68] However, clever use of the Tor technology allowed Silk Road to escape the authorities for years.

Finally, in October 2013, the FBI was able to produce conclusive evidence of Ross Ulbrict's culpability. Ulbricht was found in San Francisco and arrested.[69] In the days ensuing, it seized a large portion of Ulbricht's personal wealth in addition to stored balances by Silk Road users.[70] However, the FBI has yet to successfully seize an estimated remaining 400000 BTC in Ulbricht's personal wallet.[71].

The first seizure came right as Silk Road's domain was seized, and included funds belonging to Silk Road users. The second seizure came several weeks later, seizing coins belonging to Ross Ulbricht himself.

This seizure is notable in that it is the first major legally authorized seizure. At the moment, Ulbricht is awaiting trial in New York.[72]

GBL Scam
Time: Between May 2013 to October 2013
Date of shutdown: 2013-10-26[73]
Victim: Chinese investors in “GBL”.
Amount: Estimate 22000 BTC[73]
Equivalent in USD: 3437446 $
Equivalent in January 2014 BTC: 4190 BTC
Beijing-based “GBL” was advertised as a Hong Kong-based exchange and shut down after attracting significant investment. At the time, there was a Bitcoin craze in China, which lasted for much of the latter half of 2013 and was credited as the leading cause of the November 2013 bubble.

Inputs.io Hack
Date: 2013-10-26[74] (disputed)
Victim: Inputs.io, passed on to creditors.
Perpetrator: Accusations of inside job.
Transaction of interest: 9536feebe3a50b94f85ca27d56e669a7209bd4188385d55c5b97227c95cf7f74[75]
Amount: Estimate 4100 BTC[76]
Equivalent in USD: 640615 $
Equivalent in January 2014 BTC: 780 BTC
Inputs.io, a web wallet service run by BitcoinTalk user TradeFortress, was supposedly “hacked” in October 2013 and was unable to repay user balances in full. There are many accusations of the hack being an inside job. TradeFortress had a contentious reputation and had supposedly scammed two separate people before this incident.[77][78] When the theft was announced in November 2013, TradeFortress began offering partial refunds; however, 4100 BTC was not paid back as that was the shortfall from the supposed “hack”.

BASIC-MINING
Date: October 2013[79]
Victim: Investors of BASIC-MINING
Perpetrator: BitcoinTalk user “creativex”
Amount: About 2131.000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000000000000000BTC[80]
Equivalent in USD: 332963 $
Equivalent in January 2014 BTC: 405 BTC
Mining company BASIC-MINING took advantage of the ASIC boom to become a leading publically-traded mining company by early 2013. After the collapse of BTC-TC, the exchange on which it was traded, the founder disappeared with substantial assets.

Bitcash.cz Hack
Date: 2013-11-11
Victim: Bitcash.cz
Perpetrator: Unknown
Transaction of interest: 44f66e60460926d1ac75667ce3060429000f7cbd30e9afe5a1f3af62cae7727f[81]
Amount: Exactly 484.76688536BTC[82]
Equivalent in USD: 247422 $
Equivalent in January 2014 BTC: 303 BTC
A Czech Bitcoin exchange, bitcash.cz, reported a hack in mid-November 2013. The hack was relatively minor; however, Bitcoin prices were very high at the time relative to the preceding and succeeding months.

BIPS Hack
Date: 2013-11-17
Victim: BIPS, passed on to creditors
Perpetrator: Unknown
Transaction of interest: ec01b909b6522e005071e694e3d865056189faff1be516c5e95812720b8cf585[83]
Amount: Exactly 1295.00000000BTC[82]
Equivalent in USD: 660959 $
Equivalent in January 2014 BTC: 808 BTC
The then up-and-coming payment processor BIPS suffered a major breach in mid-November 2013, a month that saw numerous other companies shut down due to hacks. BIPS refused to refund creditors, justifying the loss as inevitable for a web wallet. BIPS made an attempt to continue business despite the hack.

PicoStocks Hack
Date: 2013-11-29
Victim: PicoStocks
Perpetrator: Unknown
Transactions of interest:[84]
  • d99281bae8acafc6c96cefb54d37f81e5f78898fd8ccb12493f89236bec476e6
  • 28c9d7b0b31c9262958b88c42b1703098d44574e0830173c0b5cfe2a79490881
Amount: Exactly 5896.23098163BTC[82]
Equivalent in USD: 3009397 $
Equivalent in January 2014 BTC: 3680 BTC
PicoStocks, a stock exchange using a novel means of circumventing legal regulation, reported that someone that previously had access to PicoStocks keys used them to defund both hot and cold wallets. Creditors were reportedly unaffected as, despite the magnitude of the loss, PicoStocks covered it completely.

Sheep Marketplace Incident
Date: 2013-12-02
Victim: Sheep Marketplace users
Perpetrator: Official story blames user EBOOK101; suspicion of an inside job[85]
Transactions of interest: Disputed
Amount: Estimate 5400 BTC[85]
Equivalent in USD: 4070923 $
Equivalent in January 2014 BTC: 4980 BTC
Czech-based underground marketplace Sheep supposedly suffered a major breach causing the loss of 5400 BTC, which was passed down to its users. This official story is disputed, with many claiming the actual loss was far more severe. However, estimates of over 90000 BTC being stolen by the operator of Sheep were found to have accidentally tracked BTC-E internal wallet movements, thus discrediting this alternative explanation.[86]