Something is out of the bag at Cryptsy

On January 14th, Cryptsy made a blog post explaining it’s present situation and problems with the exchange. The posts states they finally want to let everyone know what these problems stem from. They were not because of any recent phishing attacks, or even a DDoS attack, nor does it have anything to do personal issues.

The post explains that a person claiming to want to resurrect an un-maintained coin, Lucky7Coin (L7C), contacted them over a year ago. The person, who does not appear to be the original developer, explained to Cryptsy that there was a change he made to Luck7Coin’s IRC code and claimed that it would help community members of the coin synchronize faster. Cryptsy was promised it contained no errors that would cause a fork of the coin. Apparently it contained something much worse than errors. Allegedly Cryptsy’s staff unknowingly installed a IRC backdoor when they upgraded to this new wallet code. In a similar fashion of a trojan, this malicious code allowed for the compromise of Cryptsy to the tune of 13,000 BTC and 300,000 LTC with the internal information it collected several months leading up to the actual thievery.

At this point, Cryptsy wanted to avoid shutting down the website as result of this compromise and subsequent disappearance of  about 7 million dollars worth of customer crypto assets. They began pulling their  profits in an attempt to fill these wallets back up, the post further states, and avoid complete shutdown. They also were pulling from it’s own reserves. This strategy of covering up the compromise did work until Cryptsy’s profits could not keep up with what might be a cover up of Cryptsy’s poor judgment to trust this person’s promise of “I’m responsible”.

When an article about Coinfire came out that contained many false accusations things began to crumble and a bank-run began. Cryptsy could not  keep up with founding the covered-up compromise. The good only promising thing is the stolen funds have not moved since they were taken which makes recovery, in the hopes of Cryptsy and it’s users, more probable or possible. Cryptsy has asked for the return of the stolen funds in the blog post and promising “no questions asked” if they are returned. A bounty of 1000 BTC has also been promised to anyone that can help locate the stolen funds.

In conclusion of the blog post, Cryptsy states it’s options as: “1. We shut down the website and file bankruptcy, letting users file claims via the bankruptcy process and letting the court make the disbursements. – OR – 2. Somebody else comes in to purchase and run Cryptsy while also making good on requested withdrawals. -OR- 3. If somehow we are able to re-acquire the stolen funds, then we allow all withdrawal requests to process.”

Surly the return of these funds would be great for Cryptsy, it’s users, and the industry. As more and more of these scandals emerge, public acceptance seems less and less of a possibility as the cloud of distrust grows darker and darker.  A colleague of mine here at NewsBTC USA just informed me: “They shut down the chat box just a little while ago … dying off to the rage of many with nothing but a gutless whisper!

Cryptsy’s original blog post can be read here:

Subscribe to our newsletter

Batman switches phone service from BatPhone to the new, better and safer alternative.

BitPhone, from Solid Cloud, is changing the world once again using bitcoin technology. BitPhone does not require registration for use, and is in fact an anonymous payphone.

BitPhone is Web RTC (Web Real Time Communications) based that can call SIP (ViOP uniform locator similar to URL) addresses, PSTN (Public Switch Telephone Network) Phones and can provide Peer-to-Peer communication. It allows you to visit the website from any Wi-Fi connected phone or device, Internet Café, local library computer terminal or any place you can connect and simply requires a small deposit of some bitcoin or any other approved altcoin, and you can place your call anywhere in the world to more than 200 countries.

BitPhone allows users to change their ‘Caller ID’ to anything they want and all calls are private, secure and encrypted! The anonymous calls function is implemented by hiding your Caller ID, and works on most devices and smart phone.

No software install is required, you can call directly from your browser. BitPhone allows you a refund of any unused balance, unlike Skype which requires a $10 permanent deposit.

Currently you can pay for your calls using bitcoin, dash, litecoin, dogecoin, startcoin, ripple, mastercoin, namecoin and many other altcoins!

Bitphone does not require you to register or install any special software; however, registered users do receive a savings of 15-25% on call rates.

Litecoin is often referred to as the silver to Bitcoin’s gold. It is one of the oldest and most successful digital currencies.

Litecoin had historically been second in market capitalization to Bitcoin and is still now third, behind Ripple.

Litecoin was released October 7, 2011 by Charles Lee, a former Google employee using the scrypt algorithm.

Legions of Litecoin hard-core miners, armed with their GPU mining rigs, will forever echo the litecoin battle cry and continue make the Litecoin network as secure as they possibly can.

In the past two weeks litecoin had nearly tripled in price, from $3 at the end of June to almost $9 ($8.65 more accurately) on July 10th.

Many speculations of why the price was soaring came to the surface from many sources, mining difficulty, forthcoming block reward halving, a Chinese influenced pump and dump, attacks on the bitcoin network all have been accredited to the relatively quickly soaring price.

Possible causes of the increase might be eliminated by what happened on July 10th when the price dropped, back to sub $4 prices on the same day it was nearing 200% growth.

The price dropping before the estimated Aug 25th 2015 block reward halving seems to be sufficient evidence that the block halving cannot be the cause of the price increase.The block reward halving may be fueling some demand certainly but, cannot be a the single explanation of recent upward movement.

Unlike the block reward halving, mining difficulty can never be projected. For that reason, mining difficulty and any reports suggesting mining difficulty, can surely be discredited as the explanation.

Speculation on the price increase stemming from a retraction coming from Bitcoin because of security concerns of the Bitcoin network can also be discredited given the price drop of Litecoin, so most likely Bitcoin did not reflect the price movements.

The price drop of July 10th, does offer some evidence of bulls in the market creating a pump and dump.

It may have garnered additional support coming from the anticipated block reward halving in the pump phase and that upward pressure from the block reward halving will continue.

The block reward halving means the same amount of electricity will yield half the number of coins.

Of course ignoring any mining difficulty changes and other unpredictable variables, the upcoming block reward halving is a definite signal of stronger demand and quite possibly what we are seeing is a premonition of things to come, in that light keep an eye on Litecoin in the coming days as this recent indecent could be a signal to venture back into the light.

Milan Based IT Company That Sells Bitcoin Surveillance Capability To Law Enforcement, Hacked. Bitcoin transactions are much easier than once thought after Hacking Team, the Italian spy-ware vendor, was hacked early this month, and 400GB of internal data was released, after after review of internal e-mails from the company. These documents clearly illustrate how simple Hacking Team’s “Money Module” worked, and they provide a small glimpse into why customers were particularly interested in it.

In general, the Italian spy-ware company sold software allowing targets to be under a stealth type of surveillance using a computer or smart-phone, clients included law enforcement agencies worldwide. In January 2014, Hacking Team internally introduced a new feature as part of the version 9.2 upgrade of the RCS (Remote Control System) suite, the new version includes a way to track cryptocurrencies like Bitcoin and many others.

The Money Module also included support for Bitcoin alternatives including Litecoin, Feathercoin, and Namecoin.

Nick Weaver, a researcher at the International Computer Science Institute in Berkeley, California, also reviewed the same e-mails saying that “this feature should not be surprising, it is pretty straight-forward to grab the wallet.dat and related files using malicious code to get the password for the file when the user attempts to access their bitcoin.

Similarly, one can also do a search for Bitcoin related keywords in e-mail messages and other content on targeted computer, once you have a copy of the wallet.dat file you have the entire transaction history.

The wallet.dat file contains a user’s private keys, when combined with public transactions posted to the blockchain, the Bitcoin veil of protection is extracted. To make a long story short, the attacker gets the keys to untold amounts of data.
Very close to what American federal authorities came up with to prove that the Ross Ulbricht Bitcoin transactions were the same as Dread Pirate Roberts transactions.

Using Hacking Team’s solution, it would not matter if a target had encrypted wallet.dat, or was using an online wallet such as Coinbase. The embedded key-logger would the password, as as one leaked company e-mails revealed, the Money Module feature by default would instantly export data to the evidence files of the RCS software.