Wednesday, February 10, 2016
The attack caught Cryptsy senior managers by surprise, according to the company's blog post. "[We] just didn't know what happened, didn't want to cause panic, and were unsure who exactly we should be contacting," the company posted. Cryptsy subsequently opened an investigation, shutting down all trades and deposits until more facts become known.
Cryptsy also appealed to bitcoin collectors and developers to aid its efforts to identify and apprehend the hacker known as Lucky7Coin believed to be responsible for the heist. Anyone with information can email the company directly at reward@cryptsy.com. "If they are returned, then we will assume that no harm was meant and will not take any action to reveal who you are," the company stated. "If not, well, then I suppose the entire community will be looking for you."
The company's blog additionally revealed that Lucky7Coin had placed malicious code into Cryptsy's bitcoin and LiteCoin wallets, creating a Trojan command and control unit that was activated following a period of latency. "This Trojan had likely been there for months before it was able to collect enough information to perform the attack," Cryptsy wrote. "It does not appear that this was the original developer for LK7."
The company believes the foul play began after Lucky7Coin offered to "clean up" and maintain the wallet, purportedly making changes that would enable "clients to synchronize blockchain." Instead, the clients lost approximately 13,000 bitcoin and 300,000 LiteCoin.
Before the shutdown, Cryptsy's trade volumes averaged 300,000 transactions a day, according to the company's website. Cryptsy stated that it was gradually replacing clients' losses until bad press caused widespread panic, making it unable to keep up with demand. "The article basically caused a bank run, and since we only had so much in reserves for those currencies, problems began," Cryptsy wrote. "Our current customer liabilities for BTC is around 10,000 BTC, so as you can see, we would like to see the bitcoins returned for both our users and for ourselves."
The blog contained a dismal forecast for Cryptsy's future, laying out the following three options for the company:
While Cryptsy remains open to suggestions and "any other ideas people may have on this," digital currencies in general may face an uphill battle in their quest for widespread adoption. Continuing market volatility and high-profile data breaches such as the March 2014 hack of the Mt. Gox bitcoin exchange have done nothing to reassure consumers, analysts and speculators.
"It seems questionable that crypto currencies, while they may continue to have some utility for anonymous transfers, will reach either the implementation or fundamental scale to qualify as currency or money," stated William Hugh Murray, a certified information systems security professional, in the comments section of Cryptsy's blog post. Murray shares the opinion of prominent bitcoin developer Mike Hearn that bitcoin and other cryptocurrencies have been adversely affected by government oversight and are inherently not scalable.
In blog post dated Jan. 14, 2016, Hearn attributed bitcoin's failure to technical issues and a failure of leadership. "Think about it," he wrote. "If you had never heard about bitcoin before, would you care about a payments network that: couldn't move your existing money; had wildly unpredictable fees that were high and rising fast; allowed buyers to take back payments they'd made after walking out of shops, by simply pressing a button (if you aren't aware of this 'feature' that's because bitcoin was only just changed to allow it); is suffering large backlogs and flaky payments; which is controlled by China; and in which the companies and people building it were in open civil war? I'm going to hazard a guess that the answer is no."
Editor's Note:
The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.