BitCoin exchange loses $250,0000 after unencrypted keys stolen

BitFloor's founder wrote that he failed to encrypt a digital wallet containing the secret encryption keys

Hackers stole about US$250,000 from BitFloor, a BitCoin exchange, on Monday, and it does not have the money to reimburse account holders, according to the website's founder.

BitCoins are an electronic currency that are generated as computers solve a changing mathematical problem. A BitCoin is essentially just a secret number, which is protected from unauthorized transfers by public key cryptography, that is associated with an 34-character alphanumeric "address" that a user holds.

BitFloor, based in New York City, allowed account holders to buy and sell BitCoins, exchange the currency for U.S. dollars and transfer the money using the ACH (Automated Clearing House) system.

The cryptography wrapped around BitCoins is designed to make it nearly impossible to derive the private keys needed to gain possession of the secret number. But in the case of BitFloor, hackers found the keys.

Roman Shtylman, BitFloor's founder, wrote on a forum that the hackers obtained an unencrypted backup of the keys, which were then used to transfer coins held by BitFloor. The backup "was made when I manually did an upgrade and was put in the unencrypted area on disk," he wrote.

"I realize the details of the failure and attack are interesting but I am currently focused on user accounts and exchange status going forward," he wrote.

BitFloor's reserve of BitCoins -- about 24,000 -- was wiped out. A BitCoin was worth about $10.46 as of Wednesday, according to Mt. Gox, another BitCoin exchange.

U.S. dollar accounts with BitFloor were not affected as well as records for accounts and trades, Shtylman wrote. BitFloor turned over around 64,000 BitCoins a month, worth some $717,000. It took a 0.3 percent commission from trades, amounting to around $2,100 in revenue for the site, Shtylman wrote.

"As a last resort, I will be forced to fully shut BitFloor down and initiate account repayment using current available funds," Shtylman wrote. "I still have all of the logs for accounts, trades, transfers. I know exactly how much each user currently has in their account for both USD and BTC [BitCoin]. No records were lost in this attack."

One user asked if BitFloor could secure some investor funds in order to pay back customers. "This would be a possibility if investors interested in helping continue operations show interest," Shtylman wrote. "It is certainly something I am thinking about."

Send news tips and comments to

Join the CSO newsletter!

Error: Please check your email address.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jeremy Kirk

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place