AWARD-WINNING

CASINO CRYPTO EXCLUSIVE

CLUBHOUSE 1500+

GAMES 2 MIN

CASH-OUTS 24/7

SUPPORT 100s OF

FREE SPINS PLAY NOW Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal inyour jurisdiction. Advertise here.

dree12



Offline



Activity: 1246

Merit: 1055









LegendaryActivity: 1246Merit: 1055 List of Major Bitcoin Heists, Thefts, Hacks, Scams, and Losses [2] April 19, 2014, 01:57:04 AM

Last edit: November 16, 2014, 12:00:10 AM by dree12 #2 List of events in rough chronological order



Stone Man Loss

Type: Loss

Time: August 09, 2010, 11:35:00 PM ± 600 s

Victim: Stone Man @BitcoinTalk

Status: Coins lost, effectively destroyed

Amount: Exactly 8999 .00000000 BTC

Equivalent in USD: 544 $

Equivalent in January 2014 BTC : 0 .758 BTC

Transaction of interest: eb5b761c7380ed4c6adf688f9e5ab94953dcabeda47d9eeabd77261902fccccf

Due to not keeping proper wallet backups, 8999 BTC sent as change were effectively destroyed when the private key controlling them was lost.



Ubitex Scam [2]

Time: April 2011 to July 2011

Victim: Investors on GLBSE of Ubitex

Status: Ubitex founder known, but nothing has been returned

Amount: About 1138 .98 BTC [3]

Equivalent in USD: 15515 $

Equivalent in January 2014 BTC : 20 .2 BTC

[4] The company was run by a minor, but this fact was not initially known.



Around 1000 BTC of the missing investments are said to have been spent, many of which were further scammed, or converted into USD without follow-up.



The Ubitex scam would not have been possible today. Bitcoin users at the time were enjoying their newly-acquired wealth thanks to significant appreciation. Most investors at the time were extremely naïve. Ubitex was the first company to be listed on the now-defunct GLBSE stock exchange, which has been criticized for its illegal operations.The company was run by a minor, but this fact was not initially known.Around 1000of the missing investments are said to have been spent, many of which were further scammed, or converted into USD without follow-up.The Ubitex scam would not have been possible today. Bitcoin users at the time were enjoying their newly-acquired wealth thanks to significant appreciation. Most investors at the time were extremely naïve.



Stefan Thomas Loss

Type: Loss

Time: June 2011

Victim: Stefan Thomas

Status: Coins destroyed (no thief)

Amount: Estimate 7000 BTC [5]

Equivalent in USD: 124793 $

Equivalent in January 2014 BTC : 163 BTC

Stefan Thomas, an early adopter (and eventually developer) of Bitcoin, uses this loss to teach other Bitcoiners the importance of backupsmany of them. He had three copies of his wallet, and yet lost all of them.



Allinvain Theft

Time: June 13, 2011, 05:52:00 PM ± 600 s[6]

Victim: Bitcointalk.org user allinvain

Status: Thief uncaught

Amount: Exactly 25000 .01000000 BTC [7]

Equivalent in USD: 445688 $

Equivalent in January 2014 BTC : 581 BTC

Chief transaction of interest: 4885ddf124a0f97b5a3775a12de0274d342d12842ebe59520359f976721ac8c3

A polarizing theft, its authenticity has undergone much dispute. Some believe that it was set up as a ploy for donations. However, these critics often lack evidence to back up their claims. Indeed, the victim was an early adopter who mined many coins at a low cost, so there is little reason for him to sabotage Bitcoin's image.



Although the hack attracted great attention in its day, said fame has mostly subsided. Even today, however, the hack still affects Bitcoiners. A common debate among Bitcoin users is that of tainting coins, and this hack is often used as an example for why tainting coins is futile. In just a few years, coins stolen in this hack are now present in nearly every user's wallet. This rapid redistribution is often cited as a reason that a tainted coin system would certainly fail.



June 2011 Mt. Gox Incident

Time: June 19, 2011, 06:00:00 PM ± 1 h (theft), days ensuing (hacks & withdrawals)

Victim: Mt. Gox (some claim also customers)

Status: Thief uncaught

Components of theft:

Stolen by thief: 2000 BTC [8]

Additional withdrawn from Mt. Gox: 643 .27 BTC [9] (lower bound) Amount: Lower bound 2643 .27 BTC

Equivalent in USD: 47123 $

Equivalent in January 2014 BTC : 61 .4 BTC

Transactions: none released officially

BTC /USD exchange service, suffered a severe breach as a consequence of an ownership change. The sale conditions involved a share of revenue to be remitted to the seller. To audit this revenue, the seller was permitted an account with administrator access.[8]



The seller's administrator account was hacked by an unknown process. The priveleges were then abused to generate humungous quantities of BTC . None of the BTC , however, was backed by Mt. Gox. The attackers sold the BTC generated, driving Mt. Gox BTC prices down to cents. They then purchased the cheap BTC with their own accounts and withdrew the money. Some additional money was stolen by non-attacking traders capitalizing on the dropping price and withdrawing in time, including toasty, a member of BitcoinTalk.



Mt. Gox resolved the hack by reverting trades to a previous version. Many customers claim they have lost money from this reversion, but Mt. Gox claims it has reimbursed all customers fully for this theft. After the incident, Mt. Gox shut down for several days.[10]



The event's scale was widely disputed; some report a theft of almost 500000 BTC due to related account hacking. However, these reports are sparse and disreputable. Closer inspection puts the losses at closer to 2500 BTC .



Aside from the direct damages of the theft, the hack involved a database leak. Some weaker passwords were used to conduct the relatively more severe Mt. Gox, then the leading/USD exchange service, suffered a severe breach as a consequence of an ownership change. The sale conditions involved a share of revenue to be remitted to the seller. To audit this revenue, the seller was permitted an account with administrator access.The seller's administrator account was hacked by an unknown process. The priveleges were then abused to generate humungous quantities of. None of the, however, was backed by Mt. Gox. The attackers sold thegenerated, driving Mt. Goxprices down to cents. They then purchased the cheapwith their own accounts and withdrew the money. Some additional money was stolen by non-attacking traders capitalizing on the dropping price and withdrawing in time, including toasty, a member of BitcoinTalk.Mt. Gox resolved the hack by reverting trades to a previous version. Many customers claim they have lost money from this reversion, but Mt. Gox claims it has reimbursed all customers fully for this theft. After the incident, Mt. Gox shut down for several days.The event's scale was widely disputed; some report a theft of almost 500000due to related account hacking. However, these reports are sparse and disreputable. Closer inspection puts the losses at closer to 2500Aside from the direct damages of the theft, the hack involved a database leak. Some weaker passwords were used to conduct the relatively more severe Mass MyBitcoin Thefts



Mass MyBitcoin Thefts

NB : Not to be confused with the far more severe MyBitcoin Theft.

Time: 2011-06-20 through 2011-06-21

Victim: MyBitcoin users with weak account passwords

Amount: Exactly 4019 .42939378 BTC [11]

Equivalent in USD: 71656 $

Equivalent in January 2014 BTC : 93 .4 BTC

Transactions: all to 1MAazCWMydsQB5ynYXqSGQDjNQMN3HFmEu[12]





MyBitcoin estimates indicate 1% of MyBitcoin users were affected.[11] Users that were not affected would be later stolen from anyways, due to the subsequent Users with weak passwords on MyBitcoin who used the same password on Mt. Gox were in for a surprise after the June 2011 Mt. Gox Incident allowed weakly-salted hashes of all Mt. Gox user passwords to be leaked. These passwords were then hacked on MyBitcoin and a significant amount of money lost.MyBitcoin estimates indicate 1% of MyBitcoin users were affected.Users that were not affected would be later stolen from anyways, due to the subsequent MyBitcoin Theft



MyBitcoin Theft

Time: Unknown time in July 2011 (claimed it was a process)

Victim: MyBitcoin & customers

Status: Thief unknown, planned shutdown suspected (disputed theft)

Suspects: Tom Williams, likely pseudonym (founder of MyBitcoin)

Amount: Exactly 78739 .58205388 BTC

Equivalent in USD: 1072570 $

Equivalent in January 2014 BTC : 1400 BTC

Transaction information: none

Little information was released about the MyBitcoin theft, however, many argue that Tom Williams ran it as a scam (and was not a theft per se). In terms of both dollars and bitcoins, this was by far the largest theft, however, it is possible it was simply a scam. Although MyBitcoin offered to release its code as a gift to the community, it failed to follow through on that promise. In the months ensuing, some evidence has been uncovered supporting mortgage broker Bruce Wagner; however, any evidence is inconclusive.



The theft resulted in the closure of MyBitcoin, which was once a successful Bitcoin company in Bitcoin's early days.



Bitomat.pl Loss

Type: Loss

Time: 2011-07-26

Victim: Bitomat.pl

Status: Coins destroyed (no thief)

Amount: Estimate 17000 BTC [13]

Equivalent in USD: 231570 $

Equivalent in January 2014 BTC : 301 BTC

Bitomat.pl, during a server restart, had its remote Amazon service that housed the wallet wiped. No backups were kept. Mt. Gox later bailed bitomat.pl out, and neither customers nor original owners suffered any loss from the incident.



Mooncoin Theft

Time: 2011-09-11

Victim: Mr. Moon, Mooncoin, & Customers

Status: Unknown (Federal intervention suspected)

Amount: Estimate 4000 BTC [14]

Equivalent in USD: 22346 $

Equivalent in January 2014 BTC : 28 .8 BTC

Transactions: numerous

During the waning months of 2011, numerous alternative cryptocurrencies boomed, in part fuelled by Bitcoin's poor performance following the 2011 bubble. Exchanges such as Moonco.in were set up to capitalize on this alternative cryptocurrency boom. Suddenly, Mr. Moon disappeared. It is not known where the funds went.



At the time, SolidCoin was considered to be the most successful alternative cryptocurrency bar Bitcoin itself, though its success was short-lived. Moonco.in's hack had a devastating impact on that currency, with over 800000 SC removed from circulation, only to have been put back through SolidCoin 2.0. The effects on Bitcoin were also substantial, with an estimated 4000 BTC lost. and the effect on Namecoin (another alternative cryptocurrency that was among the largest at that time) was not negligible.



Bitcoin7 Incident

Time: 2011-10-05 (UTC)

Victim: Bitcoin7 & Customers

Status: Indeterminate amount returned to customers by Bitcoin7

Suspects:

Official story: Potential inside job (an employee perpetrated a theft). [15]

Previous official story: Unknown hacker from Eastern Europe or Russia. [16]

Suspected scam by several members of the community. Amount: Lower bound 5000 BTC [15][17]

Equivalent in USD: 15980 $

Equivalent in January 2014 BTC : 20 .7 BTC

An upstart exchange at the time, Bitcoin7, rapidly grew to the third-largest USD exchange (behind then-leaders Mt. Gox and Tradehill) but then suffered a major debilitating hack, or so the official story goes. It is widely suspected that there was no hack and Bitcoin7's operators simply ran away with the funds.



Bitcoin7 shut down because of this hack. The magnitude served as a reminder to the Bitcoin community to stop trusting new exchanges without identification. The platform was however later sold for $10000 in 2013, and has since relaunched at Bitcoiner7.com but being branded still as Bitcoin7.



October 2011 Mt. Gox Loss

Type: Loss

Time: 2011-10-28T21:11 (UTC) [blockchain time, off by up to three hours]

Victim: Mt. Gox

Status: Coins destroyed (no thief)

Amount: Exactly 2609 .36304319 BTC

Equivalent in USD: 8340 $

Equivalent in January 2014 BTC : 10 .8 BTC

Transactions:

111291fcf8ab84803d42ec59cb4eaceadd661185242a1e8f4b7e49b79ecbe5f3

81f591582b436c5b129f347fe7e681afd6811417973c4a4f83b18e92a9d130fd

ddddf9f04b4c1d4e1185cacf5cf302f3d11dee5d74f71721d741fbb507062e9e

305fbc2ec7f7f2bc5a21d2dfb01a5fc52ab5d064a7278e2ecbab0d2a27b8c392

f0137a6b31947cf7ab367ae23942a263272c41f36252fcd3460ee8b6e94a84c1

633acf266c913523ab5ed9fcc4632bae18d2a7efc1744fd43dd669e5f2869ce5

5bd88ab32b50e4a691dcfd1fff9396f512e003d7275bb5c1b816ab071beca5ba

64c01fedd5cf6d306ca18d85e842f068e19488126c411741e089be8f4052df09

3be0ac3dc1c3b7fa7fbe34f4678037ed733a14e801abe6d3da42bc643a651401

9edab6e7fadf1d6006315ff9394c08a7bf42e19cf61502200a1f73994f8da94b

835d4dcc52e160c23173658de0b747082f1937d1184e8e1838e9394bc62c0392

aebe39a99114f1b46fc5a67289545e54cbfec92d08fc8ffc92dc9df4a15ea05a

aa62bdd690de061a6fbbd88420f7a7aa574ba86da4fe82edc27e2263f8743988

6a86e6a5e8d5f9e9492114dafe5056c5618222f5042408ad867d3c1888855a31

7ad47a19b201ce052f98161de1b1457bacaca2e698f542e196d4c7f8f45899ab

0ca7f7299dc8d87c26c82badf9a303049098af050698c694fbec35c4b08fc3df

3ab5f53978850413a273920bfc86f4278d9c418272accddade736990d60bdd53

03acfae47d1e0b7674f1193237099d1553d3d8a93ecc85c18c4bec37544fe386

15ad0894ab42a46eb04108fb8bd66786566a74356d2103f077710733e0516c3a

2d00ef4895f20904d7d4c0bada17a8e9d47d6c049cd2e5002f8914bfa7f1d27b

6d39eeb2ae7f9d42b0569cf1009de4c9f031450873bf2ec84ce795837482e7a6

07d33c8c74e945c50e45d3eaf4add7553534154503a478cf6d48e1c617b3f9f3

6d5088c138e2fbf4ea7a8c2cb1b57a76c4b0a5fab5f4c188696aad807a5ba6d8 Mt. Gox did not pass the impacts of this incident on to customers. Type: LossTime: August 09, 2010, 11:35:00 PM ± 600 sVictim: Stone ManStatus: Coins lost, effectively destroyedAmount:8999Equivalent in USD: 544 $Equivalent in January 2014: 0Transaction of interest: eb5b761c7380ed4c6adf688f9e5ab94953dcabeda47d9eeabd77261902fccccfTime: April 2011 to July 2011Victim: Investors on GLBSE of UbitexStatus: Ubitex founder known, but nothing has been returnedAmount:1138Equivalent in USD: 15515 $Equivalent in January 2014: 20Type: LossTime: June 2011Victim: Stefan ThomasStatus: Coins destroyed (no thief)Amount:7000Equivalent in USD: 124793 $Equivalent in January 2014: 163Time: June 13, 2011, 05:52:00 PM ± 600 sVictim: Bitcointalk.org user allinvainStatus: Thief uncaughtAmount:25000Equivalent in USD: 445688 $Equivalent in January 2014: 581Chief transaction of interest: 4885ddf124a0f97b5a3775a12de0274d342d12842ebe59520359f976721ac8c3Time: June 19, 2011, 06:00:00 PM ± 1 h (theft), days ensuing (hacks & withdrawals)Victim: Mt. Gox (some claim also customers)Status: Thief uncaughtComponents of theft:Amount:2643Equivalent in USD: 47123 $Equivalent in January 2014: 61Transactions: none released officiallyTime: 2011-06-20 through 2011-06-21Victim: MyBitcoin users with weak account passwordsAmount:4019Equivalent in USD: 71656 $Equivalent in January 2014: 93Transactions: all to 1MAazCWMydsQB5ynYXqSGQDjNQMN3HFmEuTime: Unknown time in July 2011 (claimed it was a process)Victim: MyBitcoin & customersStatus: Thief unknown, planned shutdown suspected (disputed theft)Suspects: Tom Williams, likely pseudonym (founder of MyBitcoin)Amount:78739Equivalent in USD: 1072570 $Equivalent in January 2014: 1400Transaction information: noneType: LossTime: 2011-07-26Victim: Bitomat.plStatus: Coins destroyed (no thief)Amount:17000Equivalent in USD: 231570 $Equivalent in January 2014: 301Time: 2011-09-11Victim: Mr. Moon, Mooncoin, & CustomersStatus: Unknown (Federal intervention suspected)Amount:4000Equivalent in USD: 22346 $Equivalent in January 2014: 28Transactions: numerousTime: 2011-10-05 (UTC)Victim: Bitcoin7 & CustomersStatus: Indeterminate amount returned to customers by Bitcoin7Suspects:Amount:5000Equivalent in USD: 15980 $Equivalent in January 2014: 20Type: LossTime: 2011-10-28T21:11 (UTC) [blockchain time, off by up to three hours]Victim: Mt. GoxStatus: Coins destroyed (no thief)Amount:2609Equivalent in USD: 8340 $Equivalent in January 2014: 10Transactions:

dree12



Offline



Activity: 1246

Merit: 1055









LegendaryActivity: 1246Merit: 1055 List of Major Bitcoin Heists, Thefts, Hacks, Scams, and Losses [3] April 19, 2014, 01:57:16 AM

Last edit: November 16, 2014, 12:00:24 AM by dree12 #3 Bitscalper Scam [18]

Time: January 2012 to March 2012

Suspects: Alberto Armandi bitdaytrade @BitcoinTalk bitscalper @BitcoinTalk jjfarren @BitcoinTalk

Victim: Users of Bitscalper

Status: MiningBuddy (bitcointalk.org user) attempted to reorganize bitscalper, but failed. No coins have been returned at all.

Amount: Lower bound 1350 BTC [19]

Equivalent in USD: 6461 $

Equivalent in January 2014 BTC : 8 .16 BTC

Bitscalper was founded as an arbitrage engine, and users were invited to deposit money. It was promising extremely high and unrealistic returns. As a result, it was suspected of being a scam from the beginning, fears that were compounded due to a shady and anonymous management. After Bitscalper shut down without returning user funds, BitcoinTalk user MiningBuddy attempted to reform Bitscalper using the remnants of the engine. However, no success was found and the coins could not be returned.



Andrew Nollan Scam [20]

Time: February 2012

Victim: Investors of Shades Minoco, creditors of bitcointalk.org user shakaru, investors of BitArb

Status: Andrew Nollan (a.k.a. shakaru[21]) (thief) known but disappeared, repaid some (not included in amount)

Amount: Lower bound 2211 .07786728 BTC , possibly more [22]

Equivalent in USD: 10895 $

Equivalent in January 2014 BTC : 14 BTC



Linode Hacks

Time: Late 2012-03-01, Early 2012-03-02

Victim: Bitcoinica, Bitcoin.cz mining pool (Marek Palatinus), Bitcoin Faucet, possible others

Status: Thief unknown, not caught. Linode employee suspected.

Amount: Lower bound 46653 .46630495 BTC

Composition of amount:

Bitcoinica : 43554 .02005417 BTC [23]

: 43554 Bitcoin.cx : 3094 .45825078 BTC [24]

: 3094 Bitcoin faucet[25]: 4 .98800000 BTC [26] Equivalent in USD: 223278 $

Equivalent in January 2014 BTC : 282 BTC

Transactions of interest:

5a09f4ef0e91bc7bc044365cd27236fe4ac3c02088ac21ab51c93c8a11d33d4b

7b45c1742ca9f544cccd92d319ef8a5e19b7dcb8742990724c6a9c2f569ae732

901dbcef30a541b8b55fae8f7ad9917ef0754bda5b643705f3773e590785c4d3

a57132e2cbc580ac262aa3f7bac1e441d6573f9633118bc48009618585a0967e

a82ad85286c68f37a2feda1f5e8a4efa9db1e642b4ef53cb9fd86170169e5e68

ff04763e3e8c93e43799dbbca833e183faad7e2611f20f136f47c2f1049481ae

0268b7285b95444808753969099f7ae43fb4193d442e3e0deebb10e2bb1764d0

34b84108a142ad7b6c36f0f3549a3e83dcdbb60e0ba0df96cd48f852da0b1acb

14350f6f2bda8f4220f5b5e11022ab126a4b178e5c4fca38c6e0deb242c40c5f[25] [27] The hardest hit was the bitcoin trading platform, Bitcoinica. This resulted in the unauthorized transfer of BTC from the hot wallets, a term used to describe operational withdrawal wallets, of the services affected. A severe bitcoin-denominated theft, the Linode theft also affected Tradehill, but no coins were stolen from them; instead, Tradehill had a short downtime because of the incident. In the aftermath of this theft, all the services migrated to other platforms. To this day, Bitcoin users fear Linode and usually refrain from using its services. In early March 2012, the New Jersey-based web and cloud hosting company Linode was suspected of robbing many popular Bitcoin services. A vulnerability in the customer support system was used to obtain administrator access to the servers. Once the Linode servers were compromised, eight accounts dealing with bitcoins were targeted.The hardest hit was the bitcoin trading platform, Bitcoinica. This resulted in the unauthorized transfer offrom the hot wallets, a term used to describe operational withdrawal wallets, of the services affected. A severe bitcoin-denominated theft, the Linode theft also affected Tradehill, but no coins were stolen from them; instead, Tradehill had a short downtime because of the incident. In the aftermath of this theft, all the services migrated to other platforms. To this day, Bitcoin users fear Linode and usually refrain from using its services.



Betcoin Theft

Time:

Event Time Theft Commences

Transaction: #1, #2 2012-04-11T10:55:54 Theft Continues

Transaction: #3 2012-04-11T12:15:49 Theft Culminates

Transaction: #4 2012-04-11T12:43:14 All times are blockchain time, and have possible error of up to 3 hours.

Victims: Betco.in, creditors

Status: Hacker not known. Some of creditors' deposits were repaid, around 2900 BTC outstanding.[28]

Amount: Exactly 3171 .50195016 BTC [29]

Equivalent in USD: 15534 $

Equivalent in January 2014 BTC : 19 .5 BTC

Transactions of interest:[30]

266e4682abdf4932c4c271872ca9ba6bfdbe75941eb9ba4c4d81e4d3c7364e4b

40fc8f6b2f222fb2871a38a245132ed1eada9ff6aec8d46ebe74b29c64fd82a7

bf70ac1d2b702dbe0e14fbefb3a0cb2ff5ee5aa425cfe4249f16d6ede7b3ff14

92968a2331a02a3128460a64ba16fbf8d3a2fc79ebc8882300015d3ca0e4fb17 BTC remains to be refunded to creditors today.[28] Similar to the Mooncoin Theft a year ago, and just as devastating, a gambling website's customers lost a large amount of money. This time, the owner took just as large a hit: all the deposits, plus non-live storage, were stolen. 2900remains to be refunded to creditors today.



Tony Silk Road Scam

Time: 2012-04-20

Victim: Buyers on Silk Road

Status: Scammer known to be Silk Road user Tony76

Amount: Estimate 30000 BTC [31]

Equivalent in USD: 146944 $

Equivalent in January 2014 BTC : 184 BTC

Users of Silk Road, an underground drug market using Bitcoin as the default currency, bought significant quantities of illicit drugs from trusted vendor Tony76. Although Silk Road has an escrow system, trusted vendors are allowed to bypass the system and request that the buyers pay first. On April 20, which is a popular day for drug sales in American culture, Tony76 offered drugs at a significant discount. However, none of the products made it to the customers, revealing the sale as an elaborate sham.



May 2012 Bitcoinica Hack

NB : Impacts of this theft may continue to grow pending outcome of liquidation.

Time: May 12, 2012, 11:19:00 AM [blockchain time, off by up to three hours]

Victim: Bitcoinica, LLC

Status:

Hacker unknown, minimal coins were returned.

Venture capital group Wendon Group threatened legal action against Bitcoinica Consultancy.

Receivership in New Zealand ongoing. Amount:

Bitcoinica: Exactly 18547.66867623 BTC

18547.66867623 Creditors of Bitcoinica: Pending liquidation BitMarket.Eu: About 19980 BTC

Total impact: At least 38527 BTC

Equivalent in USD: 191638 $

Equivalent in January 2014 BTC : 241 BTC

Chief transaction of interest: 7a22917744aa9ed740faf3068a2f895424ed816ed1a04012b47df7a493f056e8





On December 21, 2012, it was discovered that BitMarket.eu, a company run by Maciej Trębacz, lost a large portion of customer funds which were stored on Bitcoinica.[32] These customers were reportedly unaware that their funds were stored on Bitcoinica. Return of a portion of these funds is still possible, pending the outcome of liquidation. Zhou Tong, former founder of Bitcoinica, discovered an entry into Bitcoinica's Rackspace server through an excessively privileged compromised email address. This caused the theft of the entire hot wallet, funds stored on-site, as well as the loss of the main database. No backups were kept. Bitcoinica shut down because of this incident. The claims process is still ongoing; however, Bitcoinica is now entering receivership.On December 21, 2012, it was discovered that BitMarket.eu, a company run by Maciej Trębacz, lost a large portion of customer funds which were stored on Bitcoinica.These customers were reportedly unaware that their funds were stored on Bitcoinica. Return of a portion of these funds is still possible, pending the outcome of liquidation.



Bitcoin Syndicate Theft

Time: July 04, 2012, 02:34:19 PM (Mt. Gox time)

Victims:

Bitcoin Syndicate Paul Mumby Shareholders on GLBSE

Suspect: IP 130.83.54.115

Status: Pending

Amount: Exactly 1852 .61553553 BTC

Equivalent in USD: 14595 $

Equivalent in January 2014 BTC : 18 .5 BTC

Medium of theft: Mt. Gox

Transactions of interest: On Mt. Gox. Withdrawal transaction was 4c61d3639f010e30ad305b294cd128f381f58fc161d0badda1f39807dc2f12f7.

A hacker infiltrated the Mt. Gox account used by Bitcoin Syndicate, sold off the USD owned, and withdrew all balances.



July 2012 Bitcoinica Theft

Time: 2012-07-13 (UTC)

Victims:

Bitcoinica, LLC

Creditors of Bitcoinica (former users of Bitcoinica) Suspects:

Suspect Accused by Defended by Additional evidence Zhou Tong AurumXChange

Mt. Gox Tihan Seale Selling bitcoins after event Chen Jinghai Zhou Tong Status: All funds returned

Amount: Exactly 40000 .00000000 BTC [33]

Equivalent in USD: 315133 $

Equivalent in January 2014 BTC : 399 BTC

Medium of theft: On MtGox.

On July 13, 2012, a thief compromised the Bitcoinica Mt. Gox account. The thief made off with around 30% of Bitcoinica's bitcoin assets, which are likely to cost claimants of Bitcoinica debt. Additionally, 40000 USD was also reported to be stolen. The thief is still unknown at this point, but the theft has supposedly been entirely returned. This theft further complicated the [#=may_2012_bitcoinica_hack]May 2012 Bitcoinica Hack[/iurl].



BTC-E Hack

Time:

Event Time Commencing 2012-07-31 00:07 (UTC) Action taken 2012-07-31 06:30 (UTC) Victim: btc-e.com

Suspects:

(unlikely) BTC-E chat user MrWubbles *

* Person has denied committing theft after initially pretending to do it. Evidence supports the faked theft admission as mere trolling.



* * Person has denied committing theft after initially pretending to do it. Evidence supports the faked theft admission as mere trolling. (unlikely) BTC-E (accusation of inside job): Little evidence has been provided; as BTC-E reimbursed its customers, the only thing it could gain from faking the theft was PRand faking poor security is usually not considered useful PR.

Status: Pending

Amount: Estimate 4500 BTC [34]

Equivalent in USD: 35452 $

Equivalent in January 2014 BTC : 44 .9 BTC

BTC . Not all BTC was withdrawn; official estimates state that the scope was limited to 4500 BTC . Similar to the On July 31, 2012, the BTC-E Liberty Reserve API secret key was broken. This key was shorter than it needed to be at only 16 characters long. The attacker initiated many Liberty Reserve deposits and injected large amounts of USD into the system, which were quickly sold for. Not allwas withdrawn; official estimates state that the scope was limited to 4500. Similar to the June 2011 Mt. Gox Incident , the BTC-E market was disturbed during the duration of the hack. The handling of this hack was widely applauded after BTC-E revealed they would cover the losses and revert to a backup made just before the hack.



Kronos Hack

Date: August 2012

Suspects: Alberto Armandi [35] bitdaytrade @BitcoinTalk bitscalper @BitcoinTalk jjfarren @BitcoinTalk

Victim: Kronos.io investors (Brian Cartmell)[36]

Status: Legal action possibly pending

Medium: Mt. Gox

Amount: Estimate 4000 BTC [35]

Equivalent in USD: 42859 $

Equivalent in January 2014 BTC : 53 .6 BTC

[36]



Alberto Armandi reportedly hacked into the website he himself helped code. The vulnerability was in the withdrawal script that Alberto coded, reportedly intentionally as a backdoor.[36] Although incredible, Armandi has also released a story denying he hacked the website. Instead, he blamed the theft on Jonathon Ryan Owens intentionally pocketing the majority of the funds with only 1000 BTC being stolen by an unknown hacker.[37] Kronos.io, a Bitcoinica-esque startup, was hacked in an event shrouded in mystery even today. Led by Jonathon Ryan Owens, who was simultaneously running other new startups on GLBSE (an upstart Bitcoin stock exchange), Kronos.io hired several well-known Bitcoin personalities to do work with HTML and coding. One of these was Alberto Armandi, who was related to Bitscalper , a scam earlier that year.Alberto Armandi reportedly hacked into the website he himself helped code. The vulnerability was in the withdrawal script that Alberto coded, reportedly intentionally as a backdoor.Although incredible, Armandi has also released a story denying he hacked the website. Instead, he blamed the theft on Jonathon Ryan Owens intentionally pocketing the majority of the funds with only 1000being stolen by an unknown hacker.



Bitcoin Savings and Trust

Time: 20112012

Victim: Creditors of First Pirate Savings and Trust, later Bitcoin Savings and Trust

Status: Trendon Shavers (Perpetrator) caught by SEC [38]

Amount: Lower bounds 150649 BTC [38], 193319 BTC [39], 200000 BTC [40]; Estimate 263024 BTC [41]; Upper bound >700467 BTC [42]

Equivalent in USD: 2983473 $

Equivalent in January 2014 BTC : 3700 BTC

More information on Trendon Shavers default



Bitfloor Theft

Time:

Event Time Theft Commences

Transaction: #1 2012-09-04T03:07:39 Theft Continues

Transaction: #2, #3 2012-09-04T03:12:52 Theft Culminates

Transaction: #4, #5 2012-09-04T03:43:33 All times are blockchain time, and have possible error of up to 3 hours.

Victims: Bitfloor, creditors

Status: Hacker not known, but IP is 178.176.218.157. Some coins repayed to creditors.

Amount: Upper bound 24086 .17219307 BTC ]

Equivalent in USD: 273209 $

Equivalent in January 2014 BTC : 339 BTC

Transactions of interest:[43]

83f3c30dc4fa25afe57b85651b9bbc372e8789d81b08d6966ea81f524e0a02be

d5d23a05858236c379d2aa30886b97600506933bc46c6f2aab2e05da85e61ad2

358c873892016649ace8e9db4c59f98a6ca8165287ac80e80c52e621f5a26e46

f9d55dc4b8af65e15f856496335a29e2be40f128a7374c75b75529e864579f93

42ea472060118ee5aee801cdedbc4a3403f3708a87340660f766e2669f0afeb0 [44] Unfortunately, Bitfloor's banks shut down the exchange's operation before all coins could be recouped. Although the keys to the hot wallet of Bitfloor was secured, an unencrypted backup was mistakenly stored on some of the servers. After a hacker gained entry, most of not only the hot wallet but also the cold wallet was stolen. To this date, none of the coins have been returned by the hacker to Bitfloor. Although Bitfloor briefly shut down after the incident, it has since restarted and has committed to repaying its creditors.Unfortunately, Bitfloor's banks shut down the exchange's operation before all coins could be recouped.



Cdecker Theft

Time: September 28, 2012, 07:21:14 PM

Victim: Cdecker

Status: Thief IP may be 178.140.220.181[45]

Amount: Exactly 9222 .21195900 BTC

Equivalent in USD: 104607 $

Equivalent in January 2014 BTC : 130 BTC

Transactions of interest:

6f85951bcecbe64999ad192275af087c5be2922ee13937693992c1ddf9ae8ce6

8e6a2d0b8132d3d9edc1fcffe1b3079de59c10c67522e2abc51c1d84b260fdac A supposedly long-time user of Bitcoin found his personal wallet emptied of a significant amount in late September 2012. Because far more severe personal thefts had occurred in the past, the theft went by without much incident.



2012 50BTC Theft

Date: 2012-10-13

Victim: 50BTC Mining Pool

Status: Unresolved.

Transactions of interest:[46]

9dfdb24667657365c469ff20568fcc820f6f028a125d9c22dc521ae44dcf7c5e

bd2ad7b49c22d12cf2f8f12ef601952aed2a96907af4df732156fd90165b5ef5

d0035ad189634e90239cca82eb53f78e08c0179620b2bd24e2cb291478c7d57a

a2b642bafea45bc128d81314ef33542bc807811ba066329eaa1306bd62bec075 Amount: Exactly 1173 .51659074 BTC

Equivalent in USD: 13437 $

Equivalent in January 2014 BTC : 16 .7 BTC

[46] The 50BTC mining pool suffered a hack of the billing software in late 2012. They were unable to identify the vulnerability. After the incident, 50BTC completely rewrote the billing software.



2012 Trojan

Time:

Event Time Theft Commences

Transaction: #1 2012-10-18 22:56:56 Theft Continues

Transaction: #2, #3, #4, #5, #6, #7, #8, #9, #10 September, October and November 2012 Mralbi @BitcoinTalk theft

Transaction: #11 2012-11-16 03:30:13 Theft Culminates

Transaction: #12, #13 2012-11-16 03:30:13 Victim: Various, incl. Mralbi @BitcoinTalk

Status: Thief IP may be:

97.106.160.84

178.177.115.229 Amount:

Through blockchain: Exactly 3257.00000000 BTC + 0.02450000 BTC tx fees

Through Mt. Gox: Lower Bound 200 BTC Amount: About 3457 BTC

Equivalent in USD: 39146 $

Equivalent in January 2014 BTC : 49 .1 BTC

Transactions of interest:

04e378f81eb620f21927639cd4cda00e0473ca958f4d21f2255f37554b5440fa

065e7ff6b1503fc023876ffe930dcd9866531812e40bbda72835f232c2f23910

0723b67631588b6d5a4a406a9ef8d431c0d5282c6f1cb308fef57c7503d83158

0ae924c33555b294a3f0b256da6a02ab996d30be00eaf184d53281009a3a50d6

3f938408deb6d20a74f6256d3ba0217df266450d4c00c40d94df7b840f66db05

9766b624e004ad1a9369b1b461d33f57e7dddabb43942d34ac10e912cd9ce36b

2db76ebd4b5eecf008334d1bdc1f63f764ca3fb9275557a2a82d52ebf52eea9f

c041a74fd565c3eb247ff4b1fb6eb0ab9299c3e7d58e5172c28cbe9540858d5a

82719bedd0730511385faf68d88b9a03e269a40e3fa5f269efe4a9fc3a821f7f

2bc69aa29f56d7051f9cb19bf923c5e2a81879b4f6a3bc849f4166f56d417c2a

8d6602b0e8e4479d79e5dab0c35bdb4f7545513cb426411348ec1502413a8f80

3a66ebef43041f230e799f1efd3a93e41f875c718da683e236632e13a70cf898

0197692748ba894697a0a48fdfdb3e72f3275b079005efad8be062de38b65edf BTC between September and November of 2012. BitcoinTalk user mralbi was a major victim, losing almost 2600 BTC .[47] The same hacker also stole 200 BTC from Mt. Gox accounts, supposedly with the same trojan which doubled as a keylogger. A trojan horse stole thousands ofbetween September and November of 2012. BitcoinTalk user mralbi was a major victim, losing almost 2600The same hacker also stole 200from Mt. Gox accounts, supposedly with the same trojan which doubled as a keylogger. Time: January 2012 to March 2012Suspects:Victim: Users of BitscalperStatus: MiningBuddy (bitcointalk.org user) attempted to reorganize bitscalper, but failed. No coins have been returned at all.Amount:1350Equivalent in USD: 6461 $Equivalent in January 2014: 8Time: February 2012Victim: Investors of Shades Minoco, creditors of bitcointalk.org user shakaru, investors of BitArbStatus: Andrew Nollan (a.k.a. shakaru) (thief) known but disappeared, repaid some (not included in amount)Amount:2211, possibly moreEquivalent in USD: 10895 $Equivalent in January 2014: 14Time: Late 2012-03-01, Early 2012-03-02Victim: Bitcoinica, Bitcoin.cz mining pool (Marek Palatinus), Bitcoin Faucet, possible othersStatus: Thief unknown, not caught. Linode employee suspected.Amount:46653Composition of amount:Equivalent in USD: 223278 $Equivalent in January 2014: 282Transactions of interest:Time:Victims: Betco.in, creditorsStatus: Hacker not known. Some of creditors' deposits were repaid, around 2900outstanding.Amount:3171Equivalent in USD: 15534 $Equivalent in January 2014: 19Transactions of interest:Time: 2012-04-20Victim: Buyers on Silk RoadStatus: Scammer known to be Silk Road user Tony76Amount:30000Equivalent in USD: 146944 $Equivalent in January 2014: 184Time: May 12, 2012, 11:19:00 AM [blockchain time, off by up to three hours]Victim: Bitcoinica, LLCStatus:Amount:Total impact:Equivalent in USD: 191638 $Equivalent in January 2014: 241Chief transaction of interest: 7a22917744aa9ed740faf3068a2f895424ed816ed1a04012b47df7a493f056e8Time: July 04, 2012, 02:34:19 PM (Mt. Gox time)Victims:Suspect: IP 130.83.54.115Status: PendingAmount:1852Equivalent in USD: 14595 $Equivalent in January 2014: 18Medium of theft: Mt. GoxTransactions of interest: On Mt. Gox. Withdrawal transaction was 4c61d3639f010e30ad305b294cd128f381f58fc161d0badda1f39807dc2f12f7.Time: 2012-07-13 (UTC)Victims:Suspects:Status: All funds returnedAmount:40000Equivalent in USD: 315133 $Equivalent in January 2014: 399Medium of theft: On MtGox.Time:Victim: btc-e.comSuspects:Status: PendingAmount:4500Equivalent in USD: 35452 $Equivalent in January 2014: 44Date: August 2012Suspects:Victim: Kronos.io investors (Brian Cartmell)Status: Legal action possibly pendingMedium: Mt. GoxAmount:4000Equivalent in USD: 42859 $Equivalent in January 2014: 53Time: 20112012Victim: Creditors of First Pirate Savings and Trust, later Bitcoin Savings and TrustStatus:Amount:263024Equivalent in USD: 2983473 $Equivalent in January 2014: 3700Time:Victims: Bitfloor, creditorsStatus: Hacker not known, but IP is 178.176.218.157. Some coins repayed to creditors.Amount:24086Equivalent in USD: 273209 $Equivalent in January 2014: 339Transactions of interest:Time: September 28, 2012, 07:21:14 PMVictim: CdeckerStatus: Thief IP may be 178.140.220.181Amount:9222Equivalent in USD: 104607 $Equivalent in January 2014: 130Transactions of interest:Date: 2012-10-13Victim: 50BTC Mining PoolStatus: Unresolved.Transactions of interest:Amount:1173Equivalent in USD: 13437 $Equivalent in January 2014: 16Time:Victim: Various, incl. MralbiStatus: Thief IP may be:Amount:Amount:3457Equivalent in USD: 39146 $Equivalent in January 2014: 49Transactions of interest:

dree12



Offline



Activity: 1246

Merit: 1055









LegendaryActivity: 1246Merit: 1055 List of Major Bitcoin Heists, Thefts, Hacks, Scams, and Losses [4] April 19, 2014, 01:57:36 AM

Last edit: November 16, 2014, 12:00:39 AM by dree12 #4 Bit LC Theft

Time: Discovered February 13, 2013

Victim: Bit LC Inc. and miners

Status: Suspected theft by Erick, could be misunderstanding.

Amount: Estimate 2000 BTC [48]

Equivalent in USD: 51480 $

Equivalent in January 2014 BTC : 63 .4 BTC

Transactions of interest:

This alleged theft was unique in that coins held in the hot wallet were safe, but coins held in a cold wallet compromised. The thief is not expected to have access to the coins regardless, so there was little financial gain from this theft. Erick, allegedly the only one with physical access to Bit LC Inc.'s cold wallet, has failed to communicate and withdraw coins. Bit LC Inc. therefore was required to declare bankruptcy. There is no proof that Erick intentionally stole the coins; indeed, some evidence asserts that he or she may simply have disappeared in some manner.



BTCGuild Incident

Time: March 10, 2013

Victim: BTCGuild mining pool

Status: 16 thieves, one has returned 47 BTC

Amount: About 1254 BTC [49]

Equivalent in USD: 72556 $

Equivalent in January 2014 BTC : 88 .9 BTC

BTC have been returned to the pool. The pool would on the following day lose even more money thanks to a When BTCGuild was upgrading the Bitcoind client to 0.8, the mining pool used its original upgrade plan. However, 0.8 is unique in that it reindexes the blockchain. This prompted a temporary state in which the pool was paying out for difficulty-1 shares, as that was the extent of the blockchain parsed. Sixteen separate thieves subsequently emptied the hot wallet. 47have been returned to the pool. The pool would on the following day lose even more money thanks to a bug causing its recent upgrade to 0.8 to differ from nodes running 0.7 or lower.



2013 Fork

Time: 2013-03-11

Victims: OKPay, many mining pools including slush, BTCGuild, etc.

Status: OKPay double-spend attack resolved.

Amount: Exactly 960 .09645667 BTC [50]

Equivalent in USD: 55551 $

Equivalent in January 2014 BTC : 68 .1 BTC

A major blockchain fork occurred due to a bug in Bitcoin-Qt clients which had not upgraded to the new 0.8 version. Unfortuantely, those clients formed the majority of Bitcoin users at the time. The resulting fork split mining pools; those that had upgraded lost block revenue. Some mining pools took the hit, whereas others passed the cost on to miners.



The fork also made possible isolated double-spending attacks. Only one such attack was conducted, costing OKPay significantly. Luckily, the thief has since returned the money.



Bitcoin Rain

Date: 2011-10-03 to 2013-03-28

Victims: Investors in Bitcoin Rain, account holders on Mercado Bitcoin.

Perpetrator: Leandro César

Amount: Estimate 4000 BTC [51]

Equivalent in USD: 231440 $

Equivalent in January 2014 BTC : 284 BTC

[52] As Bitcoin Rain's funds were stored there, investors in Bitcoin Rain as well as account holders on Mercado Bitcoin lost money. Some money was reportedly paid back, but the vast majority is still outstanding. A suspected long-running con likened to the infamous Bitcoin Savings and Trust , Bitcoin Rain finally defaulted on March 28, 2013. Leandro César claimed there was a security breach on his exchange website Mercado Bitcoin.As Bitcoin Rain's funds were stored there, investors in Bitcoin Rain as well as account holders on Mercado Bitcoin lost money. Some money was reportedly paid back, but the vast majority is still outstanding.



ZigGap

Date: February to April 2013

Victim: Investors and creditors of ZigGap

Amount: About 1708 .65967460 BTC [53]

Equivalent in USD: 195490 $

Equivalent in January 2014 BTC : 240 BTC

BTC , ZigGap saw little business. The founder seems to have also suffered mental illness in the latter stages of business operation.[54] User aethero, who was originally a reputable Bitcoiner, founded ZigGap after two previously succesful ventures, including BitPantry. Purporting to offer easy ways to purchase, ZigGap saw little business. The founder seems to have also suffered mental illness in the latter stages of business operation.



Ozcoin Theft

Time: 2013-04-19

Victim: Ozcoin mining pool

Status: Thief, a user of Strongcoin, known but not disclosed. Strongcoin seized funds and returned 568 .94 BTC to the mining pool operator.[55]

Amount: Exactly 922 .99063322 BTC [56]

Equivalent in USD: 105600 $

Equivalent in January 2014 BTC : 130 BTC

A hacker managed to infilterate Ozcoin's payout script, such that all money was paid out to the hacker's address. Luckily, a day later Strongcoin seized most of the stolen funds and promptly returned them to Ozcoin.



Vircurex Theft

Date: 2013-05-10

Victim: Vircurex and shareholders

Transactions of interest:[57]

cbce6bd1e274a9ea9d6946feaf4a1b0f80a5885a8482f4ebf3caa052f22bb4bf

85489430661f3041608749acb3019a1dcbf07a60f22e4bc43acfd05b46496cc9 Amount: Exactly 1454 .01500000 BTC [58]

Equivalent in USD: 163351 $

Equivalent in January 2014 BTC : 200 BTC

[57] Initially, Vircurex operated normally despite the loss, though it no longer paid dividends to shareholders. In March 2014, due to strain caused by large withdrawals (in addition to a default by AurumXChange, a fiat processor Vircurex used), Vircurex froze large quantities of many currencies; however, it promises to pay these back eventually.[59] The hot wallet and warm wallet of Bitcoin to alternative cryptocurrency exchange service Vircurex was emptied in May 2013, resulting in a significant loss of three currencies: Bitcoin, Terracoin, and Litecoin.Initially, Vircurex operated normally despite the loss, though it no longer paid dividends to shareholders. In March 2014, due to strain caused by large withdrawals (in addition to a default by AurumXChange, a fiat processor Vircurex used), Vircurex froze large quantities of many currencies; however, it promises to pay these back eventually.



James Howells Loss

Type: Loss

Date: July 2013[60]

Victim: James Howells

Amount: Estimate 7500 BTC [61]

Equivalent in USD: 627659 $

Equivalent in January 2014 BTC : 764 BTC

[61] A hard drive containing keys to bitcoins generated in 2009 were accidentally thrown away in 2013 after a period of meteoric price rallies. The owner, James Howells, reportedly attempted to retrieve the money by going to the landfill where the hard drive was buried, but gave up after learning of the difficulty of retrieving trash.



Just Dice Incident

Time: 2013-07-15

Victim: Just-Dice, Just-Dice investors

Suspect: Just-Dice.com user celeste, who claims he was hacked.

Status: Bets rolled back.

Related transaction: 0aa67253b162c6ddae04bbc5b01a0283591a74288cdd1c2073a3181ec7e124da[62]

Amount: Exactly 1300 .15500000 BTC [63]

Equivalent in USD: 108807 $

Equivalent in January 2014 BTC : 132 BTC

BTC .[64] Because the hot wallet did not contain that much money, Just-Dice.com administrator Chris Moore (dooglus) manually processed the transaction from the cold wallet. However, he forgot to remove the balance in Just-Dice.com's database. The Just-Dice.com user then proceeded to bet the fake balance on the gambling website and subsequently lost it all. Because of the manner Just-Dice.com is structured, the website lost money even though the malicious user did not earn any money from the theft.



To recoup losses, the operator rolled back the gambling losses and corrected the wrong balance. This resulted in losses for all investors of Just-Dice.com; however, the operator explains that nobody actually lost money because the bet should never have happened. In conclusion, it seems that odd decisions on the malicious user's part and probability ensured no actual loss from the incident, even though 1300 BTC was stolen. The amount was simply lost back to Just-Dice.com thanks to luck in the website's favour. A player on Just-Dice.com with an especially large balance asked to withdraw 1300Because the hot wallet did not contain that much money, Just-Dice.com administrator Chris Moore (dooglus) manually processed the transaction from the cold wallet. However, he forgot to remove the balance in Just-Dice.com's database. The Just-Dice.com user then proceeded to bet the fake balance on the gambling website and subsequently lost it all. Because of the manner Just-Dice.com is structured, the website lost money even though the malicious user did not earn any money from the theft.To recoup losses, the operator rolled back the gambling losses and corrected the wrong balance. This resulted in losses for all investors of Just-Dice.com; however, the operator explains that nobody actually lost money because the bet should never have happened. In conclusion, it seems that odd decisions on the malicious user's part and probability ensured no actual loss from the incident, even though 1300was stolen. The amount was simply lost back to Just-Dice.com thanks to luck in the website's favour.



Silk Road Seizure

Dates:

2013-10-02: First seizure (Silk Road user funds)

2013-10-25: Second seizure (Ross Ulbricht's personal coins) Victim: Silk Road, Ross Ulbricht, Silk Road users

Perpetrator: FBI seizure



Amount:

First seizure: 27618 .69843217 BTC [65]

Second seizure: 144336 .39449470 BTC [66] Total: Exactly 171955 .09292687 BTC

Equivalent in USD: 26867560 $

Equivalent in January 2014 BTC : 32700 BTC

[67] Although it operated under the jurisdiction of the United States, it made little attempt to comply with US law.[68] However, clever use of the Tor technology allowed Silk Road to escape the authorities for years.



Finally, in October 2013, the FBI was able to produce conclusive evidence of Ross Ulbrict's culpability. Ulbricht was found in San Francisco and arrested.[69] In the days ensuing, it seized a large portion of Ulbricht's personal wealth in addition to stored balances by Silk Road users.[70] However, the FBI has yet to successfully seize an estimated remaining 400000 BTC in Ulbricht's personal wallet.[71].



The first seizure came right as Silk Road's domain was seized, and included funds belonging to Silk Road users. The second seizure came several weeks later, seizing coins belonging to Ross Ulbricht himself.



This seizure is notable in that it is the first major legally authorized seizure. At the moment, Ulbricht is awaiting trial in New York.[72] Silk Road was a former underground marketplace that dealt primarily in Bitcoin. Run by Ross Ulbricht, it was once widely known for frequent narcotic sales.Although it operated under the jurisdiction of the United States, it made little attempt to comply with US law.However, clever use of the Tor technology allowed Silk Road to escape the authorities for years.Finally, in October 2013, the FBI was able to produce conclusive evidence of Ross Ulbrict's culpability. Ulbricht was found in San Francisco and arrested.In the days ensuing, it seized a large portion of Ulbricht's personal wealth in addition to stored balances by Silk Road users.However, the FBI has yet to successfully seize an estimated remaining 400000 BTC in Ulbricht's personal wallet.The first seizure came right as Silk Road's domain was seized, and included funds belonging to Silk Road users. The second seizure came several weeks later, seizing coins belonging to Ross Ulbricht himself.This seizure is notable in that it is the first major legally authorized seizure. At the moment, Ulbricht is awaiting trial in New York.



GBL Scam

Time: Between May 2013 to October 2013

Date of shutdown: 2013-10-26[73]

Victim: Chinese investors in GBL.

Amount: Estimate 22000 BTC [73]

Equivalent in USD: 3437446 $

Equivalent in January 2014 BTC : 4190 BTC

Beijing-based GBL was advertised as a Hong Kong-based exchange and shut down after attracting significant investment. At the time, there was a Bitcoin craze in China, which lasted for much of the latter half of 2013 and was credited as the leading cause of the November 2013 bubble.



Inputs.io Hack

Date: 2013-10-26[74] (disputed)

Victim: Inputs.io, passed on to creditors.

Perpetrator: Accusations of inside job.

Transaction of interest: 9536feebe3a50b94f85ca27d56e669a7209bd4188385d55c5b97227c95cf7f74[75]

Amount: Estimate 4100 BTC [76]

Equivalent in USD: 640615 $

Equivalent in January 2014 BTC : 780 BTC

[77][78] When the theft was announced in November 2013, TradeFortress began offering partial refunds; however, 4100 BTC was not paid back as that was the shortfall from the supposed hack. Inputs.io, a web wallet service run by BitcoinTalk user TradeFortress, was supposedly hacked in October 2013 and was unable to repay user balances in full. There are many accusations of the hack being an inside job. TradeFortress had a contentious reputation and had supposedly scammed two separate people before this incident.When the theft was announced in November 2013, TradeFortress began offering partial refunds; however, 4100was not paid back as that was the shortfall from the supposed hack.



BASIC-MINING

Date: October 2013[79]

Victim: Investors of BASIC-MINING

Perpetrator: BitcoinTalk user creativex

Amount: About 2131 .000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000000000000000 BTC [80]

Equivalent in USD: 332963 $

Equivalent in January 2014 BTC : 405 BTC

Mining company BASIC-MINING took advantage of the ASIC boom to become a leading publically-traded mining company by early 2013. After the collapse of BTC-TC, the exchange on which it was traded, the founder disappeared with substantial assets.



Bitcash.cz Hack

Date: 2013-11-11

Victim: Bitcash.cz

Perpetrator: Unknown

Transaction of interest: 44f66e60460926d1ac75667ce3060429000f7cbd30e9afe5a1f3af62cae7727f[81]

Amount: Exactly 484 .76688536 BTC [82]

Equivalent in USD: 247422 $

Equivalent in January 2014 BTC : 303 BTC

A Czech Bitcoin exchange, bitcash.cz, reported a hack in mid-November 2013. The hack was relatively minor; however, Bitcoin prices were very high at the time relative to the preceding and succeeding months.



BIPS Hack

Date: 2013-11-17

Victim: BIPS, passed on to creditors

Perpetrator: Unknown

Transaction of interest: ec01b909b6522e005071e694e3d865056189faff1be516c5e95812720b8cf585[83]

Amount: Exactly 1295 .00000000 BTC [82]

Equivalent in USD: 660959 $

Equivalent in January 2014 BTC : 808 BTC

The then up-and-coming payment processor BIPS suffered a major breach in mid-November 2013, a month that saw numerous other companies shut down due to hacks. BIPS refused to refund creditors, justifying the loss as inevitable for a web wallet. BIPS made an attempt to continue business despite the hack.



PicoStocks Hack

Date: 2013-11-29

Victim: PicoStocks

Perpetrator: Unknown

Transactions of interest:[84]

d99281bae8acafc6c96cefb54d37f81e5f78898fd8ccb12493f89236bec476e6

28c9d7b0b31c9262958b88c42b1703098d44574e0830173c0b5cfe2a79490881 Amount: Exactly 5896 .23098163 BTC [82]

Equivalent in USD: 3009397 $

Equivalent in January 2014 BTC : 3680 BTC

PicoStocks, a stock exchange using a novel means of circumventing legal regulation, reported that someone that previously had access to PicoStocks keys used them to defund both hot and cold wallets. Creditors were reportedly unaffected as, despite the magnitude of the loss, PicoStocks covered it completely.



Sheep Marketplace Incident

Date: 2013-12-02

Victim: Sheep Marketplace users

Perpetrator: Official story blames user EBOOK101; suspicion of an inside job[85]

Transactions of interest: Disputed

Amount: Estimate 5400 BTC [85]

Equivalent in USD: 4070923 $

Equivalent in January 2014 BTC : 4980 BTC

BTC , which was passed down to its users. This official story is disputed, with many claiming the actual loss was far more severe. However, estimates of over 90000 BTC being stolen by the operator of Sheep were found to have accidentally tracked BTC-E internal wallet movements, thus discrediting this alternative explanation.[86] Czech-based underground marketplace Sheep supposedly suffered a major breach causing the loss of 5400, which was passed down to its users. This official story is disputed, with many claiming the actual loss was far more severe. However, estimates of over 90000being stolen by the operator of Sheep were found to have accidentally tracked BTC-E internal wallet movements, thus discrediting this alternative explanation. Time: Discovered February 13, 2013Victim: Bit LC Inc. and minersStatus: Suspected theft by Erick, could be misunderstanding.Amount:2000Equivalent in USD: 51480 $Equivalent in January 2014: 63Transactions of interest:Time: March 10, 2013Victim: BTCGuild mining poolStatus: 16 thieves, one has returned 47Amount:1254Equivalent in USD: 72556 $Equivalent in January 2014: 88Time: 2013-03-11Victims: OKPay, many mining pools including slush, BTCGuild, etc.Status: OKPay double-spend attack resolved.Amount:960Equivalent in USD: 55551 $Equivalent in January 2014: 68Date: 2011-10-03 to 2013-03-28Victims: Investors in Bitcoin Rain, account holders on Mercado Bitcoin.Perpetrator: Leandro CésarAmount:4000Equivalent in USD: 231440 $Equivalent in January 2014: 284Date: February to April 2013Victim: Investors and creditors of ZigGapAmount:1708Equivalent in USD: 195490 $Equivalent in January 2014: 240Time: 2013-04-19Victim: Ozcoin mining poolStatus: Thief, a user of Strongcoin, known but not disclosed. Strongcoin seized funds and returned 568to the mining pool operator.Amount:922Equivalent in USD: 105600 $Equivalent in January 2014: 130Date: 2013-05-10Victim: Vircurex and shareholdersTransactions of interest:Amount:1454Equivalent in USD: 163351 $Equivalent in January 2014: 200Type: LossDate: July 2013Victim: James HowellsAmount:7500Equivalent in USD: 627659 $Equivalent in January 2014: 764Time: 2013-07-15Victim: Just-Dice, Just-Dice investorsSuspect: Just-Dice.com user celeste, who claims he was hacked.Status: Bets rolled back.Related transaction: 0aa67253b162c6ddae04bbc5b01a0283591a74288cdd1c2073a3181ec7e124daAmount:1300Equivalent in USD: 108807 $Equivalent in January 2014: 132Dates:Victim: Silk Road, Ross Ulbricht, Silk Road usersPerpetrator: FBI seizureAmount:Total:Equivalent in USD: 26867560 $Equivalent in January 2014: 32700Time: Between May 2013 to October 2013Date of shutdown: 2013-10-26Victim: Chinese investors in GBL.Amount:22000Equivalent in USD: 3437446 $Equivalent in January 2014: 4190Date: 2013-10-26(disputed)Victim: Inputs.io, passed on to creditors.Perpetrator: Accusations of inside job.Transaction of interest: 9536feebe3a50b94f85ca27d56e669a7209bd4188385d55c5b97227c95cf7f74Amount:4100Equivalent in USD: 640615 $Equivalent in January 2014: 780Date: October 2013Victim: Investors of BASIC-MININGPerpetrator: BitcoinTalk user creativexAmount:2131Equivalent in USD: 332963 $Equivalent in January 2014: 405Date: 2013-11-11Victim: Bitcash.czPerpetrator: UnknownTransaction of interest: 44f66e60460926d1ac75667ce3060429000f7cbd30e9afe5a1f3af62cae7727fAmount:484Equivalent in USD: 247422 $Equivalent in January 2014: 303Date: 2013-11-17Victim: BIPS, passed on to creditorsPerpetrator: UnknownTransaction of interest: ec01b909b6522e005071e694e3d865056189faff1be516c5e95812720b8cf585Amount:1295Equivalent in USD: 660959 $Equivalent in January 2014: 808Date: 2013-11-29Victim: PicoStocksPerpetrator: UnknownTransactions of interest:Amount:5896Equivalent in USD: 3009397 $Equivalent in January 2014: 3680Date: 2013-12-02Victim: Sheep Marketplace usersPerpetrator: Official story blames user EBOOK101; suspicion of an inside jobTransactions of interest: DisputedAmount:5400Equivalent in USD: 4070923 $Equivalent in January 2014: 4980

dree12



Offline



Activity: 1246

Merit: 1055









LegendaryActivity: 1246Merit: 1055 List of Major Bitcoin Heists, Thefts, Hacks, Scams, and Losses [5] April 19, 2014, 01:57:53 AM

Last edit: November 16, 2014, 12:38:05 AM by dree12 #5 Silk Road 2 Incident

NB : Not to be confused with the Silk Road Seizure.

Date: 2014-02-13

Victim: Silk Road 2 users

Perpetrator: Official story[87] blames three attackers; many suspect an inside job.

Transactions of interest: See

Amount: Estimate 4400 BTC [88]

Equivalent in USD: 3624866 $

Equivalent in January 2014 BTC : 4400 BTC

[87] Others note that transaction malleability is unlikely to result in coins being stolen and belive the Silk Road 2 incident to be an inside job.



Several months after the incident, it was reported that Silk Road 2 is paying users back with funds earned from commissions[89] Defcon, an administrator at underground marketplace Silk Road 2 (not to be confused with Silk Road), noticed that funds held for the escrow service were stolen in February 2014. Transaction malleability, an issue with the Bitcoin protocol at the time that also affected some other services, was blamed for the theft.Others note that transaction malleability is unlikely to result in coins being stolen and belive the Silk Road 2 incident to be an inside job.Several months after the incident, it was reported that Silk Road 2 is paying users back with funds earned from commissions



2014 Mt. Gox Collapse

Date: Ongoing

Victim: Mt. Gox and users

Perpetrator: Unknown

Amount: Estimate 850000 BTC [90]

Equivalent in USD: 700258171 $

Equivalent in January 2014 BTC : 850000 BTC

Formerly the largest Bitcoin exchange, Mt. Gox was the center of the Bitcoin economy for three years. Unfortunately, the codebase behind the exchange was out of date and poorly-written. The exchange had already suffered a series of security breaches, some publicized and likely many kept secret. In February 2014, Mt. Gox announced that it was bankrupt. Perhaps 750000 BTC of customer funds have not been returned. More information will be added as the story develops.



Fallout from this theft includes the collapse of Cyprus-based Neo & Bee, which blamed its losses on Mt. Gox.



Flexcoin Theft

Date: 2014-03-02

Victim: Flexcoin and users

Perpetrator: IP address 207.12.89.117[91]

Transactions of interest:[91]

a1b887233c06490fbdeb2c8779fd47e1f93a68d16928766d45879dcfc39571e2

e03686a33aacbd462cb0a64345513dfb6c20a442a4cc651e5e2eaeca54bfe0f7

4811e548e7f2cb3785c30daecafcb4bffa239da7228a13ee48f1226f179f0cec

00e2b00fb3c5cf2edb71c8f4a856111e614c3681503c583eab84cd67a2850ef9

b21e9bee8a9bfe040b8bfde23c6ba26e345b22581cb96f5af8b6fcbf6579a075

fde8ae93bb8fe82583dd9bc94528b07eebddf7257d30b7d25a1e4726948fa466

ebc684fd60f537d26fb82e26aeb4e2f00bf570ca1fd2eb2052eb10487be465ee

90908281e8a6039569e83c6b28b3a8ea582c6d9b9bd58f66962bca6918c49e1d Amount: Exactly 896 .10380000 BTC [92]

Equivalent in USD: 738240 $

Equivalent in January 2014 BTC : 896 BTC

[91] Creditors were not reimbursed. Canadian-based Bitcoin bank Flexcoin reported a security breach causing the loss of most hot wallet funds, thanks to a race condition.Creditors were not reimbursed.



CryptoRush Theft

Date: 2014-03-11[93]

Victim: CryptoRush (alternative cryptocurrency exchange) and users

Perpetrator: Identified as an IP from Ukraine.

Amount: About 950 BTC [93]

Equivalent in USD: 782641 $

Equivalent in January 2014 BTC : 950 BTC

BTC and a significant amount of other cryptocurrencies such as Litecoin.



The exchange attempted to continue operations and withhold its insolvency from its users. Some days later, it created its own propietary cryptocurrency, purporting to pay dividends to owners.



The exchange later suffered another bug leading to the loss of cryptocurrency balances in Blackcoin. A support employee later leaked details of the theft and the attempts to cover it up.[93] Cryptocurrency exchange cryptorush.in suffered a security breach leading the the loss of almost 1000and a significant amount of other cryptocurrencies such as Litecoin.The exchange attempted to continue operations and withhold its insolvency from its users. Some days later, it created its own propietary cryptocurrency, purporting to pay dividends to owners.The exchange later suffered another bug leading to the loss of cryptocurrency balances in Blackcoin. A support employee later leaked details of the theft and the attempts to cover it up.



MintPal Incident

Date: 2014-10-14[94]

Victim: MintPal users

Perpetrator: Likely Alex Green[95]

Amount: Lower bound 3894 .49250000 BTC [94]

Equivalent in USD: 3208412 $

Equivalent in January 2014 BTC : 3890 BTC

Cryptocurrency exchange MintPal was abruptly shut down by Moopay executive Alex Green, which may be a pseudonym. The cold wallet was allegedly emptied by Green. Date: 2014-02-13Victim: Silk Road 2 usersPerpetrator: Official storyblames three attackers; many suspect an inside job.Transactions of interest: See official statement Amount:4400Equivalent in USD: 3624866 $Equivalent in January 2014: 4400Date: OngoingVictim: Mt. Gox and usersPerpetrator: UnknownAmount:850000Equivalent in USD: 700258171 $Equivalent in January 2014: 850000Date: 2014-03-02Victim: Flexcoin and usersPerpetrator: IP address 207.12.89.117Transactions of interest:Amount:896Equivalent in USD: 738240 $Equivalent in January 2014: 896Date: 2014-03-11Victim: CryptoRush (alternative cryptocurrency exchange) and usersPerpetrator: Identified as an IP from Ukraine.Amount:950Equivalent in USD: 782641 $Equivalent in January 2014: 950Date: 2014-10-14Victim: MintPal usersPerpetrator: Likely Alex GreenAmount:3894Equivalent in USD: 3208412 $Equivalent in January 2014: 3890

dree12



Offline



Activity: 1246

Merit: 1055









LegendaryActivity: 1246Merit: 1055 Re: List of Major Bitcoin Heists, Thefts, Hacks, Scams, and Losses April 19, 2014, 02:11:17 AM

Last edit: April 19, 2014, 03:13:34 AM by dree12 #9



Since the last thread was full, I moved everything to this new thread. Now 8 posts are reserved and if necessary I can consume this post.

I added the backlog of thefts that were delayed due partially to space limitations and mostly to my personal time limitations. Some are still missing because I need to research them more. They will be added in due time.

The rankings were originally done manually, which is becoming difficult as the list grows. Hence I have begun work on an automatic ranker. This should be finished soon, but given my propensity for delaying things, it probably will not be. In the coming weeks I will also move from June 2013 BTC to a more recent standard.

Thank you to those who kept me updated!



Things left on the backlog waiting for more research:

GBL

Bitclockers.com

Pony botnet

Cryptorush

Neo & Bee

(By the way: Feel free to reply now; the number of posts reserved is plenty.) So, an update from the last thread:Thank you to those who kept me updated!Things left on the backlog waiting for more research:(By the way: Feel free to reply now; the number of posts reserved is plenty.)