The digital currency known as the bitcoin continues to be controversial as investors consider just how safe they are. After all, aside from the ever-changing value of them and the fact that they’re not regulated, there’s the idea that hackers could get to them. That’s certainly a possibility if you store them on the Internet, like one online digital wallet company did. Cyber thieves got away with $1.2 million worth of bitcoins, simply by attacking the site inputs.io.
Founder reports theft
Robert McMillan of Wired reports that someone who goes by the handle of TradeFortress told them about the theft of 4,100 bitcoins from the company he founded—inputs.io. Even though bitcoins are a digital currency which pretty much requires the Internet to trade them, he recommends that users store them on a computer that isn’t connected to the Internet. Otherwise, hackers could get in and steal them.
Bitcoins are pretty much a unique key or string of code discovered through data mining. Inputs.io was in the digital wallet business, and it stored thousands of bitcoins for customers. It seemed like a good idea at first. The company not only stored bitcoins but also mixed up users’ wallets to keep the bitcoins anonymous and sped up payments made through bitcoins.
According to the founder of inputs.io, hackers compromised his site on Oct. 23 and again three days later, making off with 4,100 bitcoins. That was about $1.2 million worth of the digital currency stolen in the two attacks. Only some users had their bitcoins stolen. TradeFortress reported that some of the bitcoins owned by his other business CoinLenders were also taken.
The founder of inputs.io says he doesn’t have enough money to pay back all of those whose bitcoins were stolen. He plans to issue partial refunds, however. He says with all of his personal bitcoins and “remaining cold storage coins on Inputs,” he has 1540 BTC to pay back everyone whose bitcoins were stolen.
How the hackers did it
He said the hackers who stole the bitcoins did it by pretending to be someone they weren’t so they could gain access to Inputs’ systems through Linode, the company’s cloud-hosting provider. The hackers reportedly compromised a number of email accounts which eventually made it possible for them to reset the password for their Linode server.