Main Area and Open Discussion > Living Room

$12,000 in Bitcoin Stolen

(1/2) > >>

Renegade:
Interesting little article on how some thieves social engineered themselves into stealing $12k in bitcoins:

http://www.wired.com/wiredenterprise/2013/03/digital-thieves-pull-off-12000-bitcoin-heist/

The criminals were able to take control of Bitinstant’s internet domains by convincing its domain registrar, Site5, to hand over control of the company’s Domain Name Service, or DNS. “Armed with knowledge of my place of birth and mother’s maiden name alone (both facts easy to locate on the public record) they convinced Site5 staff to add their email address to the account and make it the primary login,” the company said Monday in a blog post detailing the incident.
--- End quote ---

It has nothing to do with Bitcoin security, but does show that social engineering still works.

40hz:
It also shows that, despite many people's romantic fascination with "alternate currencies," unless you have an established government standing behind your monetary system, it's little more than an interesting social experiment so far.

Your currency is only as good as the reputation and strength of whatever is backing it. As many 'revolutionary' governments discovered the hard way when they first came into power. And it's only as 'safe' as your ability to protect it.

Renegade:
It also shows that, despite many people's romantic fascination with "alternate currencies," unless you have an established government standing behind your monetary system, it's little more than an interesting social experiment so far.

Your currency is only as good as the reputation and strength of whatever is backing it. As many 'revolutionary' governments discovered the hard way when they first came into power. And it's only as 'safe' as your ability to protect it.
-40hz (March 08, 2013, 08:22 AM)
--- End quote ---

The hack had ZERO to do with Bitcoin. The exact same tactics could be used to steal from your Paypal account or anything. It only illustrates that social engineering is still the bread & butter of cyber crime.

e.g. I use the same kinds of tactics used by Rand to mine public data on 40hz. I hijack 40hz.com DNS, then well, game over. Same exact deal.

Lesson learned? Never let anyone know your mother's maiden name, and always tell everyone that you're a simple orphan bastard. :P

As for Bitcoin, you might want to look at it again. What you think you know may be out of date.

It also shows that, despite many people's romantic fascination with "alternate currencies," unless you have an established government standing behind your monetary system, it's little more than an interesting social experiment so far.
-40hz (March 08, 2013, 08:22 AM)
--- End quote ---

This is quite wrong. However, the Basement is the proper place for that discussion. (Sorry. :( )

Your currency is only as good as the reputation and strength of whatever is backing it.
-40hz (March 08, 2013, 08:22 AM)
--- End quote ---

Reputations can be ruined in a day. ;)

The strength is the only thing that matters. But I have a feeling that we're not going to agree on what constitutes "strength" for a currency. The other thing is that any discussion there will quickly get us sent to the Basement. I've got a feeling that monetary policy and all that won't sit well with a lot of people. That whole cognitive dissonance thing and all. ;) So - I'll drop it and keep to the social engineering stuff as that's plenty fun anyways~! ;D

40hz:
at the risk of the basement, exactly who do you call - and more importantly WHO will be willing to open an investigation.

AFAIK something like this would generally be handled under civil rather than criminal law unless you could interest a prosecutor in basing a case around some sort of cybercrime.

Good luck. you can't even get the cops interested in looking into major data security breeches. So when it comes to something like bitcoins, I don't think that will gain much traction with the police.

Not saying it's right. Just saying how it usually works. At least where I live.  :)

Renegade:
at the risk of the basement, exactly who do you call - and more importantly WHO will be willing to open an investigation.

AFAIK something like this would generally be handled under civil rather than criminal law unless you could interest a prosecutor in basing a case around some sort of cybercrime.

Good luck. you can't even get the cops interested in looking into major data security breeches. So when it comes to something like bitcoins, I don't think that will gain much traction with the police.

Not saying it's right. Just saying how it usually works. At least where I live.  :)
-40hz (March 08, 2013, 12:51 PM)
--- End quote ---

True enough. Though I'm not sure that I'd say it's civil as it is still theft. But, that doesn't affect how law enforcement treats/mistreats the issue, which is the real question.

Navigation

[0] Message Index

[#] Next page