fbpx

#Web

Bitcoin bank ‘Flexcoin’ folds after £365,000 theft

By  | 

Flexcoin, an Edmonton-based Bitcoin bank, has been forced to close after a theft of 896 Bitcoins to a hacker attack on Sunday equalling £365,000.

The company reported that the entire stock of Bitcoins stored on-line or in “hot wallet” were wiped out by the hacker. Canadian police are investigating this theft of digital currency worth £365,000 from the Bitcoin bank.

“On March 2nd 2014 Flexcoin was attacked and robbed of all coins in the hot wallet,” read the Flexcoin’s statement. “As Flexcoin does not have the resources, assets, or otherwise to come back from this loss, we are closing our doors immediately.”

Flexcoin confirmed that the Bitcoins in “Cold Storage” or offline are safe and customers will be contacted by the company. Upon verification of their identities, the Bitcoins will be sent to customers free of charge. The company said that it “will work with law enforcement to decipher the source of the hack.”

This closure comes just a week after the Japan-based Mt. Gox filed for bankruptcy protection reporting a massive loss of 850,000 Bitcoins, resulting in $63.6 million in debt, about twice of its assets.

Flexcoin, on Wednesday, posted more details on exactly how the hacker has managed to transfer the virtual currency –

The attacker logged into the Flexcoin front end from IP address 207.12.89.117 under a newly created username and deposited to address 1DSD3B3uS2wGZjZAwa2dqQ7M9v7Ajw2iLy

The coins were then left to sit until they had reached 6 confirmations.

The attacker then successfully exploited a flaw in the code which allows transfers between Flexcoin users. By sending thousands of simultaneous requests, the attacker was able to “move” coins from one user account to another until the sending account was overdrawn, before balances were updated.

This was then repeated through multiple accounts, snowballing the amount, until the attacker withdrew the coins. (Here and Here)

Also on Tuesday, a small Bitcoin exchange, Poloniex, reported a theft of 12.3% of its reserves by hacker using a technique that resulted in overdrawn accounts.