Attacker overwhelmed system, like a DDoS attack, says failed exchange
We haven’t been following the bitcoin issue because for enterprise-sized companies – who are our readers – the digital currency isn’t used for transactions.
But Flexcoin, an exchange that closed this week because of hackers, has posted an explanation that software developers and IT security staff should pay attention to because it gives some insight into how their applications and systems might be attacked.
Flexcoin said in a statement that on March 2 it was attacked and robbed of all coins in its digital hot wallet.
“We have determined that the extent of the theft was enabled by a flaw within the front-end,” the statement said.
“The attacker logged into the flexcoin front end from IP address 188.8.131.52 under a newly created username and deposited to address 1DSD3B3uS2wGZjZAwa2dqQ7M9v7Ajw2iLy
“The coins were then left to sit until they had reached 6 confirmations.
“The attacker then successfully exploited a flaw in the code which allows transfers between flexcoin users. By sending thousands of simultaneous requests, the attacker was able to “move” coins from one user account to another until the sending account was overdrawn, before balances were updated.
“This was then repeated through multiple accounts, snowballing the amount, until the attacker withdrew the coins.
“Flexcoin has made every attempt to keep our servers as secure as possible, including regular testing. In our ~3 years of existence we have successfully repelled thousands of attacks. But in the end, this was simply not enough.
“Having this be the demise of our small company, after the endless hours of work we’ve put in, was never our intent. We’ve failed our customers, our business, and ultimatley the Bitcoin community.”Related Download
Cisco Secure Mobility Knowledge Hub
This Knowledge Hub provides an end-to-end look at what it takes to discover, plan, and implement a successful Secure Mobility strategy.