Hit with DoS, several Bitcoin exchanges suspend withdrawals
Posted on 12 February 2014.
As popular Bitcoin exchanges continue to be bombarded with malformed transactions, a lot of them have decided to temporarily prevent its customers to withdraw their funds.

The problem, initially thought to be confined to Japan-based exchange Mt. Gox, lies in a flaw affecting Bitcoin wallets, but not the Bitcoin ledger.

As several others exchanges - most prominently Bitstamp and BTC - have also halted or delayed withdrawals until the problem is solved, the Bitcoin exchange rate took a sharp dive.

The Bitcoin Foundation has moved to reassure users and to explain the situation:
Somebody (or several somebodies) is taking advantage of the transaction malleability issue and relaying mutated versions of transactions. This is exposing bugs in both the reference implementation and some exchange’s software.

We (core dev team, developers at the exchanges, and even big mining pools) are creating workarounds and fixes right now. This is a denial-of-service attack; whoever is doing this is not stealing coins, but is succeeding in preventing some transactions from confirming. It’s important to note that DoS attacks do not affect people’s bitcoin wallets or funds.

Users of the reference implementation who are bitten by this bug may see their bitcoins “tied up” in unconfirmed transactions; we need to update the software to fix that bug, so when they upgrade those coins are returned to the wallet and are available to spend again. Only users who make multiple transactions in a short period of time will be affected.

As a result, exchanges are temporarily suspending withdrawals to protect customer funds and prevent funds from being misdirected.

Mt. Gox has also announced that it is collaborating with the Bitcoin development team on a solution.

It is still unknown who is behind the attacks, but it's reasonable to believe that the attacks are coordinated, and that the attackers' ultimate goal was to temporarily bring the price of Bitcoin down in order to allow market speculation. It wouldn't be the first time that DDoS attacks are used to influence financial markets.









Spotlight

How to talk infosec with kids

Posted on 17 September 2014.  |  It's never too early to talk infosec with kids: you simply need the right story. In fact, as cyber professionals it’s our duty to teach ALL the kids in our life about technology. If we are to make an impact, we must remember that children needed to be taught about technology on their terms.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Sep 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //