On 2 March 2014 Flexcoin, who claimed to be ‘the world’s first Bitcoin bank’, was attacked. It is reported 896 bitcoins, valued at $600,000, were stolen.
Exploiting a flaw in the code which allows transfers between Flexcoin users, the hacker logged into the Flexcoin website from IP address 126.96.36.199, created a new username and deposited to address 1DSD3B3uS2wGZjZAwa2dqQ7M9v7Ajw2iLy.
Users who put their bitcoins in ‘cold storage’, held in computers not connected to the internet, will be reimbursed. However bitcoins which were stolen from the ‘hot wallet’, stored online, cannot be.
Flexcoin have made a statement announcing “As Flexcoin does not have the resources, assets, or otherwise to come back from this loss, we are closing our doors immediately.”
This news comes just a few days after MtGox, another bitcoin exchange, filed for bankruptcy, after losing an estimated 750,000 bitcoins, including 100,000 of its own, valued at £500m. The cause of this loss is still being investigated, but it is also believed to be as a result of hacking.
As many as 70% of websites have vulnerabilities which, if targeted by a hacker, could lead to theft of valuable data. Regular and thorough web application testing can detect web vulnerabilities and identify weaknesses susceptible to hack.
For more information about how you can secure your websites and network visit http://www.signalnetworks.co.uk/it-security/.