Bitcoin prices tumble after cyberattack halts major exchanges
A major hacking ripped through Bitcoin, crippling exchanges for several hours early on Wednesday morning, after hackers exploited a weakness in the digital currency’s core infrastructure network.
Deploying a distributed denial-of-service (DDoS) attack, a method which overwhelms websites with requests for data, companies were unable to process Bitcoin transactions.
“This went from an isolated exercise that was happening to a single exchange to a relatively broad-based attack,” said Andreas Antonopoulos, chief security officer of digital wallet provider Blockchain.
Antonopoulos, who first made the discovery, said he wasn’t sure how many were involved in the attack or where it originated from.
The top two exchanges – Bitstamp and BTC-e – controlling more than half of market transactions, suspended or delayed coin withdrawals, as trading platforms stepped up checks and inspections on order books.
Both company’s prices dropped more than US$100 (HK$780) to US$664.25 on the Coindesk price index following the interference discovery, extending the lowest price levels reached on both exchanges.
In a statement, London-based exchange Bitstamp said a denial-of-service attack using transaction malleability left it unable to check account balances.
“As such, Bitcoin withdrawals and deposit processing will be suspended temporarily until a software fix is issued,” the company said.
On Monday, Japan’s Mt Gox exchange revealed it had been hit with “unusual activity” relating to transaction malleability. The announcement by the company led to a price plunge.
It said the issue affected all exchanges, but cryptocurrency developers hit back at the Tokyo-based firm accusing it of attempting to shift blame onto users and Bitcoin itself.
Antonopoulos, trying to explain how the hackers penetrated Bitcoin exchanges, said: “You can’t change where the money has come from…what you can do is make it appear like it’s a different transaction.”
“When the network sees that, it tries and ignores one and only processes the other, and that causes confusion.”
He stressed customer funds and exchanges are not at risk. Lo Ken-bon, chief executive and co-founder of unaffected Hong Kong-based exchange Asia Nexgen, said high-level discussion among exchanges was taking place to address the situation at a technical level.
“Everybody needs to fix their networks. Hackers are attacking the infrastructure but you have to find a way to prevent or re-route around the problem.”
But Lo said there would be a fix.
Some websites, as well as users of Bitcoin wallet software, will have to update their program with fixes to prevent future attacks, according to Jeff Garzik, a Bitcoin software developer told Bloomberg.
Popular wallet service Coinbase – which raised US$30 million from investors last year – said customers faced delays to “legitimate” transactions.
“The current coordinated DDoS attack on exchanges appears to be more potent than past ones, and certainly the timing of this attack, which exploits the transaction malleability problem Mt Gox cited [on Tuesday], is peculiar,” said Garrick Hileman, an economic historian at the London School of Economics and founder of MacroDigest.com.
“However, the current attack does not appear at present to be something the Bitcoin technology and community cannot handle,” the alternative currency researcher added.