Bitcoin 'bank' loses $1.3 million after mysterious hacking attack

Owner denies 'inside job' heist

The teen owner of an Australian 'bank' that reported the theft of 4,100 Bitcoins (BTC) now worth $1.4 million Australian dollars (£820,000 or $1.3 million USD) has denied accusations that their loss was some kind of inside job.

Using the nickname 'Tradefortress' to protect his identity, the unnamed 18-year old told ABC News that hackers had broken into his site inputs.io on 23 and 26 October and stolen the currency from his digital wallet in two chunks.

The site was no longer able to pay the balances to the BTC owners, a message on the site said although separate reports in the Australian media claim that input.io's owner had originally planned to reimburse owners using his own Bitcoin holding.

"The attacker compromised the hosting account through compromising email accounts (some very old, and without phone numbers attached, so it was easy to reset). The attacker was able to bypass 2FA [two-factor authentication] due to a flaw on the server host side," the message continued.

Anyone with an account holding more than one Bitcoin (worth an astonishing US $347 each as of 8 November, an increase on their October valuation) should email the support address, it said.

"I know this doesn't mean much, but I'm sorry, and saying that I'm very sad that this happened is an understatement."

According to the ABC interview, Tradefortress was not planning to report the theft to the police who would in any case struggle to investigate events for a currency that leaves no conventional audit trail.

If confirmed, Bitcoin sceptics will use the loss to point out the currency's lack of regulation and traceability leaves it wide open to fraud. Bitcoin traders use digital banks to store Bitcoins on the understanding that they are more secure than an individual PC, another assumption that might need reappraisal.

Many see the rise of the currency a gigantic intellectual game designed to test a number of hypotheses, including the possibility that machine-driven currencies with a pre-defined volume (the number of Bitcoins will never exceed 21 million) and no central control represent the future of money.

Equally, a currency needs trust and despite its surging price, Bitcoins lack mainstream acceptance. There is ample evidence that some of its popularity is down to the fact that it offers a way to launder criminal transactions to and from the world of 'real' money; the infamous Silk Road criminal market shut down by the FBI last month used Bitcoins as its currency.

Worse, there appears to be theoretical weaknesses in the process for generating the coins that could allow complex forms of fraud to develop. A recent McAfee report predicted trouble for Bitcoins if criminality ends up co-opting the currency for its own uses.

Join the CSO newsletter!

Error: Please check your email address.

Tags abcPersonal TechBTsecurity

More about ABC NetworksABC NetworksBTCFBIMcAfee Australia

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John E Dunn

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place