What does a Bitcoin robbery look like?

Kayne Naughton, is a technologist and security researcher with Asymmetric Security. During AusCERT 2014 he took a look into the murky world of Bitcoin and examined the good, bad and ugly of this new currency.

Just to give you some idea of the volatility of Bitcoin, the first actual transaction completed using about 100,000 Bitcoins as payment in the physical world was for the purchase of a pizza. On today's exchange rates, that pizza is now worth about $1.2 million, according to Naughton.

It's little wonder that adventurous investors and criminals see crypto-currencies as being potentially valuable.

Naughton noted in his presentation that the digital nature of Bitcoin allows us to track every transfer historically and visualize these multimillion-dollar thefts in a way never possible in traditional financial networks.

By looking at some of the recent Bitcoin thefts he believes the security industry can learn from this rapidly changing criminal ecosystem and apply the lessons to their own defences, particularly in cloud deployments.

As part of his preparation for the presentation, Naughton told the audience that he mined five Bitcoins. "I sold one and a half of them for about $450AUD. The other three and half were either, sort of, lost, stolen or otherwise went missing through various international exchanges".

He noted that when he began this preparation, they were only worth a few dollars each. But as the exchange rate skyrocketed, he tried to retrieve the lost coins unsuccessfully.

That leads to one of the challenges in securing a Bitcoin wallet. The nature of Bitcoin is that is relies on a series of linked, but independent actions – the so-called blockchain. Although everything is stored in text files, those are encrypted and users hold the keys – not some central agency. So, how are Bitcoins stolen?

Naughton mentioned that the incentives for breaking Bitcoin's cryptography are substantial.

"If you find a bug in Bitcoin, you can extract hundreds of millions of dollars. So, it's a pretty strong incentive to break that crypto," he said.

One of the methods being used to steal Bitcoin has been to compromise cloud services. The ability to purchase scalable cloud computing services at low cost makes them an attractive proposition for some Bitcoin miners. By compromising the cloud provider, thieves, according to Naughton, have been able to access systems and steal Bitcoin wallets.

Part of what makes Bitcoin thefts difficult to track is that the Bitcoin marketplace is just as complex as the real-world financial markets. There are Bitcoin futures traders and their trading systems can be vulnerable.

"Some of these people are moving into market manipulation. If you know prices are going to go down, because you're going to launch a DDoS on the major exchanges, you can effectively short Bitcoin. You can then buy back in at the low point," Naughton explained.

Unscrupulous dealers are also a factor. Some traders are known to have used Bitcoins from customers to play the market and were caught out when the market took an unexpected turn.

These aren’t problems that are unique to Bitcoin and other crypto-currencies but they are harder to trace and investigate, as the required expertise isn’t available within law enforcement at this time. What was clear from Naughton's presentation is that Bitcoin is not all bad although, like traditional currencies and financial markets, it can be used and manipulated for illegal gain.

Maintaining solid system security with cloud providers, if you're using them to store Bitcoin wallets of for Bitcoin mining, is just as much of a priority as for traditional computing tasks.

Tags BitcoinAusCERT 2014

Show Comments