An administrator for the popular yet illicit Silk Road 2 online marketplace made the announcement that it had lost all of their customers' bitcoins in a recent hack on their network. The virtual currency that had been stolen came out to an estimated worth of approximately $2.7 million. Silk Road 2 is a successor to the original Silk Road website, which was deactivated by the FBI in 2013. The website is notorious for being an online marketplace for drugs, weapons, and other illegal packages.
Consumers who use Silk Road 2 access it through the Tor Internet network, which allows users to browse the Internet anonymously. That way, they cannot be tracked down for purchasing or selling the illicit materials listed on the website. Unfortunately, this anonymity still did not protect the system from malicious hackers who manipulated the withdrawal system into emptying the funds directly into their pockets.
According to the Silk Road 2 administrator known as Defcon, a vendor had discovered a vulnerability referred to as “transaction malleability,” where a hacker changes the code used to verify transactions. The code, called a transaction hash, creates a marker that identifies the exchange of funds before it is recorded, which is part of standard bitcoin procedure. Yet by changing the ID marker, the system can be tricked into thinking that the transaction hadn't taken place, causing it to repeat the withdrawal until the database is empty.
Similar attacks on websites that utilize bitcoins involving MtGox and Bitstamp had occurred earlier in the week, which is prompting those that use bitcoins to suspend transactions entirely until a solution is found. Many, like Defcon, feared that doing so would cause a fatal loss of business, but now it is clear that the consequences of ignoring the exploit are far worse than just a few days or even weeks without income.
Defcon assures customers that the rest of their information is safe, stating that “nobody is in danger, no information has been leaked, and server access was never obtained by the attacker.” Regardless, the attacks have caused the value of bitcoins to drop from $830 to just over $600, reflecting a growing loss of faith in the security of bitcoin.
Edited by Cassandra Tucker
Back to Mobile Commerce Insider Home