Bitcoin security & safety

Bitcoin SecurityThere have been numerous bank robberies throughout time and cryptocurrencies are not immune to the odd security breach. Bitcoin has notably been hacked several times with huge losses of the virtual currency. In 2014 bitcoin security has improved dramatically and there are high hopes that incidents like the infamous Mt. Gox disaster and the hacking of bitcoin wallet Inputs.lo won’t be repeated.

The anonymity of Bitcoin is its greatest strength but it can also be regarded as a weakness. The lack of a central authority, like a government, means it is tough to hold companies or individuals to account when they compromise Bitcoin security.

Government regulation of banks means we have a lot of trust in them, but the decentralised nature of Bitcoin means that there is some way to go before this crypto currency is held in the same esteem as the brick
and mortar counterparts.

Silk Road 2.0

The Silk Road 2.0 is largely funded by the drug trade and some other criminals cashed in when they stole $2.7 million worth of bitcoins from the escrow holding account.

The Silk Road operators failed to shut down the dark website when the above mentioned Mt. Gox disaster was happening, instead going ahead with a relaunch which inevitably cost vendors a lot of money.

There is one train of thought that the Silk Road 2.0 was set up explicitly to steal users bitcoins, with vendors and customers loathe to go to the authorities because of the nature of the goods on the website.

Mt. Gox Bitcoin Exchange

Mt Gox was at one time one of the leading bitcoin exchanges but it was forced to file for bankruptcy after $468 million worth of bitoins were stolen.

The alarm bells began to ring after for Mt Gox and several other exchanges in February 2014 when Distributed Denial of Service attacks played on bitcoins transaction malleability. In laymens terms it was a way to make it look like withdrawals had not been processed, when in reality they had.

There have been rumours that there may have been internal leaks at Mt. Gox, but there has been no official word from the company heads.

Inputs.Io

In October 2013 one of the major bitcoin wallets service, inputs.io was violated, with a canny hacker stealing over US$1.2 million worth of bitcoins. The theft of 4100 BTC, in two separate hacks, forced the closure of the bitcoin bank and forced the company to admit it couldn’t pay all of its users back.

The hacker compromised inputs.io through accessing some email addresses that had been set up in the early stages of the web wallets development. The hacker was able to reset the passwords on the email accounts because there was no phone numbers attached to them.

“Pony” Botnet

This Bitcoin security breach was more localised with a botnet known as Pony set up to infect a large number of computers. In total the thieves stole about $220,000 worth of crypto currency from numerous web wallets stored on peoples computers.

Pony is believed to have stolen over two million passwords, from Hotmail to porn sites, and given them directly to the hackers from localised machines.

This hack shows the dangers of storing bitcoin wallets on machines connected to the world wide web.

51% Attack

If a user or group of people working together own more than 50 per cent of the computing power within the Bitcoin network it opens up the possibility of a security breach.

The extreme power over the Bitcoin network possessed by the owners of the computing power can be used to alter the block chain and commit fraud, including making transactions that are not recorded.

This type of attack is unlikely to happen, but a mining pool caused minor panic earlier this year when Ghash.io approached the 50 per cent barrier. The pool itself opted to stop accepting new miners and many miners left for smaller pools, meaning the potential breach was averted.