BTER Stolen Funds Are Moving – Exchanges Please Advise


We had a rough month, with multiple hackings from BTER to CAVITEX and other exchanges as well. So  1.680.000$ million of Bitcoin has been stolen from, it passed 9 days and the hacker is on the move again!

We first tough it was a node (our mistake), now we know it’s a very well hidden hacker but also we suspect an inside job. Why ? Because on BTER front page it stated clearly that the funds were stolen from their “COLD WALLET”.

What is the notion of a Cold Wallet? A cold storage system should meet a handful of criteria:

  • It must never be connected to the internet or any public network
  • It should store its own keys
  • Those keys should never ever be communicated to an online system
  • The only inputs to the system should be unsigned transactions or messages
  • The only outputs from the system should be signed transactions or messages

Or the has not stated correctly by saying “Cold Wallet”, which it will be a bit awkward since they appeared to be an experienced player on Bitcoin market.

Anyway let’s get to the subject and see where the funds are splitted. From the original 7 Accounts now they are 4 untouched with 220.000$ each and 3 of them are moving. We will highlight with RED those that are moving. Started to move on 2015-02-20 Started to move on 2015-02-18 Started to move on 2015-02-17

So let’s follow their path and see on which new accounts they are leading us to. And when we tried to do this, we got ourself dizzy, it’s a major mixing between accounts and some of them are lopping,  some of the funds looks like they ended up in some sort of exchange. We will post some of the accounts that they are still having funds on them and what we found so far. But I am sorry for the people that had their money in BTER, they’ve lost them big time, in an ugly way.

So this is part of them, some of them have small amounts from 500$ – 5000$, which I believe will be used to withdraw them in an exchange or for personal spending.

The movement is very fast and it’s getting extremely hard to track all of them. I notice that some funds are going in old accounts that have 12 mil$ in Bitcoin or 2 mil$ in Bitcoin, which it makes me think that they are gone into exchanges already.

If you track them and find new addresses except the ones listed here, post them in the comment section and we will update the list for everyone to view.

Also, if can somebody explain us why BTER said “Funds stolen from cold wallet”, when a cold wallet/storage should be offline, that would be awesome. We can only go with the idea that they have not expressed as they wanted to do or some employee or somebody from inside did this robbery.

Stay tuned for more updates about the movement or any new accounts we find, also if you like our agility on this theft don’t forget to use our ChangeTip button.

Thanks – 24/7 Crypto News Team.


About Author

Full Name : Razvan Gabriel Paun , Owner of 24/7 Crypto News . Cryptoenthusiast , Bitcoin Fanatic . If you want to contact regarding any information you can email : office (at) . An active member of the Cryptocurrency Community, and enjoys collecting, trading, and writing about various coins & Bitcoin latest news .

  • Sameer

    It was mentioned in another article online that it wasn’t a truly cold wallet, it had some sort of feature to withdraw from the cold to hot and maybe this was where the vulnerability was.

  • Danno Ferrin

    IIRC the explanation was that their hot wallet had been drained and they had not realized it was illegitimate withdrawals. So they topped off their cold wallet from the hot wallet. More of a social engineering attack than an attached wallet flaw.

    • rawwr

      1. you dont simply refill the hot wallet with 7000 BTC
      2. The fund were moved directly from the “cold” wallet. not through the hot wallet

Read previous post:
Coin Magi – Dream Transformed In Reality for CPU Miners

Coin Magi is a peer-to-peer global currency that facilitates instant payments to anybody in the world. Magi is decentralized and...