Bitcoin exchange, Bitfinex, today reported that hackers have stolen 1,200 Bitcoin (worth $78m), causing a 20% drop in the value of the currency. Please see expert comments below in response to the hack, from former LulzSec member, Mustafa Al-Bassam – IT Security Advisor at Secure Trading, a UK-based payments company.
“Bitcoin exchanges like Bitfinex get hacked on a regular basis, and this isn’t the biggest loss we’ve seen of this type. Mt. Gox lost $500M worth of Bitcoins in 2014 and in 2015 the US government seized and sold over $20M worth from Silk Road. However this is the biggest theft we’ve seen in a while, so it is bound to cause some shock within the community.
“Industry standards around the secure storage of Bitcoins in an exchange have evolved greatly over the past few years and it appears that Bitfinex weren’t following basic recommended practices. Most Bitcoin exchanges nowadays store the majority of customer funds in a cold wallet that isn’t connected to the Internet to prevent hacks, so that hackers could only steal a limited amount of funds that can easily be covered.
“Although Bitcoin itself is inherently secure, a hacker can steal the keys to your wallet if you don’t store the keys securely. This isn’t an inherent flaw of the Bitcoin protocol, and this is what happened with Bitfinex. The community has come a long way over the past few years with technology to allow secure wallets, such as hardware wallets and cold wallet software, but there is still a lot more to be done. Users who store a large amount of Bitcoin in an exchange should be aware that if they don’t have the cryptographic keys to their Bitcoin, they don’t have total control over it.”