BTER Got Hacked 7000 Bitcoins Stolen In 7 Different Accounts

4

The Currency Exchange BTER announced that it  lost 7,170 bitcoins or roughly $1.75 million at press time, in a hack on its cold wallet system.

In a statement posted on the their website BTER.COM, the company state that it had shut down its platform to prevent any other attack and the users withdrawals “will be arranged later”.

On Chinese social media platform Weibo, BTER claimed that it was working with law enforcement officials on the matter.  It remains unclear exactly how the BTER cold wallet was compromised, it was used the same exploit when 1.65M$ in NXT funds, were stolen?. We will see in our future updates.

BTER says it is offering a 720 BTC bounty “for chasing it back”, although the company did not elaborate on the exact nature of the bounty.

So in that situation 24/7 Crypto News Team, decided to put their detective hat on, and start a research. Here is our findings :

The 7120 Bitcoins are distributed equally to 7 accounts, all of them were relayed in a Swiss Based IP  “46.28.204.193” which is hosting a crypto related website, https://coingavel.com .  The Bitcoin network used the same relay IP for all 7 transactions, when the funds were stolen out of BTER , we know that relay IP it’s not necessarily the source IP, but we will investigate further.  If you can help us with this research you can use our Contact button. We think we’ve done our research pretty well, but  will need Authorities support to trace all this back to the original hacker.

https://blockchain.info/address/1AFbZuU5PufViRhNCChw8br6beo6K78r2H
https://blockchain.info/address/1KPNHv8mfMPNivHptAiwwytUVZmzovVF8f
https://blockchain.info/address/1MgM7WMAVteJ3k4PqfyB9AKdaBnHvdxvdG
https://blockchain.info/address/14kgEXiKWCN46BEHVNwYjyuohFN83Uc5Jt
https://blockchain.info/address/1J4TJQKgh1phPMcsV8cbRkAhV2Q6V8wW25
https://blockchain.info/address/1Q2MxBc9Zbe6A35mTcD5jyU8PMr4K6oqGC
https://blockchain.info/address/1Muse5NL7nDPPHVreF2Gkq5wv5XLbC2Qtz

[UPDATE 2-15-2015 – 9:55 PM +2 UTC]

We have a possible  future aid in finding the real hacker! With help from Franko Collective people who started as well to research on this horrible situation of BTER we gathered some info about that relay IP from Switzerland. His name is Woźniak Sebastian . Why do we believe it’s a possible aid? Well, he seems to be a hacking & Bitcoin enthusiast having an article on Hacking9 & a profile on Bitcoin Foundation.  He help’s the Bitcoin Network by having a node, If we can get to his node server we can lookup in logs and see were the transaction it’s gone and what possible IP we got, so it will remain a mystery till further information. Until we investigate more into this serious issue. We will keep you updated on our tracing to the guy who robbed BTER, again this is “Wozniak Sebastian” is just a link, a hint,  somebody that could help us track the real hacker down by looking in his possible node logs.

[UPDATE 16-02-2015 – 9:50 AM +2 UTC]

We have been contacted by Wozniak Sebastian, he has no connection with the hacking and it’s a big supporter of the Bitcoin ecosystem by setting up a node. His node had been a relay to these transactions and he also stated that will help in this investigation as much as it is possible and stays in his power. We will come back with more information as soon as we get them.

For now we got e-mails from people who are willing to help and use software that could help us find the real IP of the attacker. The funds haven’t moved yet and they got a weird encrypted note on each transaction.

Sebastian Wozniak official statement:
Regarding the theft of the bitcoins I want to say that I’m deeply concerned about it. I’m also running an Bitcoin exchange Bitcurex.com where I’m an CEO, and I understand how this things can be anoying and damaging to bitcoin ecosystem. We will do anything to monitor any high volume of bitcoin transfer in our exchange to help catch the thief.
Bitcoin exchanges has become and easy target, running exchange is a hard work, and our main concerne is security of users funds.
Once again We hope that person behind it will be brought to justice and the stolen Bitcoins will be recovered as soon as possible.

[UPDATE 16-02-2015 – 1:45 PM +02:00 UTC]

We are sad to find out that the relay NODE 46.28.204.193″ didn’t had any monitoring service installed on it, that would have helped us to reach the real source of hack much more easier, this made us think that due to high hacks in Bitcoin ecosystem, we will need nodes that use monitoring services so in cases of theft’s like this one, we can easy pin down the hacker or at least his proxy and from there we can go further in finding him.

Meanwhile, some users seem to enjoy BTER losses and some are so desperate that are sending Bitcoin transactions to the hacker addresses with different notes. Here is the screenshot with the latest notes on the hacker addresses.

ss+(2015-02-16+at+01.40.08)

24/7 Crypto News will continue to research and watch the situation of BTER, keeping our readers updated to this situation as soon as we get new information.

About Author

Full Name : Razvan Gabriel Paun , Owner of 24/7 Crypto News . Cryptoenthusiast , Bitcoin Fanatic . If you want to contact regarding any information you can email : office (at) cryptobuzzing.com . An active member of the Cryptocurrency Community, and enjoys collecting, trading, and writing about various coins & Bitcoin latest news .

  • whyowhy

    good job cryptonews247 hope you will find out more. watching it. those bad people need to feel real pressure.

  • BTC

    Oh dear, the vigilantes are out with their pitchforks. Which innocents are going to get splayed in this hunt? Surely 99% of the blame goes to those who think their competent enough to run a bitcoin exchange in the wild west knowing the only thing they lose when the envitable crooks come in, is their clients’ capital?

  • BTC

    The ip address displayed identifies the bitcoin node which broadcast this transaction to blockchain.info first. It does not necessarily mean the ip address was the true source of the transaction

  • ultimatecurse

    No point buying bitcoin until these companies want to refund the customers when their accounts are hacked. Companies like coinbase are a bank with no insurance if your money is taken from you. That is to risky for me when I see all these peoples bitcoin taken out following the sites security measures and using double passwords and they still get their accounts emptied out. Look at mt gox. This bitcoin is still not secure yet. I am not sure if it ever will be.

Read previous post:
Survive On Bitcoin
CNN’s Morgan Spurlock will survive for a week on Bitcoin?

The episode’s tagline is, “Can Morgan Spurlock survive for a week on Bitcoin? Go inside the strange new world of...

Close