The attack on Bitstamp wallets has cost the companies customers millions of dollars and can potentially be traced to the recent dip in bitcoin prices. Investigations by the company and law enforcement are still going on and will likely continue for many months. CoinJournal reached out to Wall of Coins founder Robert Genito for some direction for our readers. Wall of Coins uses a similar framework and his responses to our questions may help our readers protect their assets in the future.
CoinJournal: Let´s begin with comparing the hack at Bitstamp with the losses at Mt. Gox. Bitstamp had its wallets hacked and with Mt. Gox it was the servers, correct?
Robert Genito: I don’t know if that’s correct, but one thing for sure is that coins went into places that customers did not want them to go: beyond their access and control. I believe BitStamp’s wallet was hacked through their website, starting with their support forum. I base this on what was going on with Wall of Coins servers during and after BitStamp’s issue. I started watching this the moment my own withdrawal on BitStamp had the status, “Failed.”
You see, when one market is successfully hacked, the successful action is repeated across many other exchanges, markets, Bitcoin-driven applications, etc. This is where we have gained knowledge from the attacks on our own servers.
I reached out to BitStamp to offer possible clues to help them with any law enforcement investigation. Our system administrator has compiled Wall of Coins server access logs, error logs, and any other pertinent information that may help contribute to BitStamp’s unfortunate situation. BitStamp replied to me that they have forwarded the email to management, and I hope that this is something useful for BitStamp.
CoinJournal: From a security perspective, is hacking a wallet easier than hacking a server?
Robert Genito: This is a very deep question. I asked Genitrust’s (Wall of Coins’ parent) head security analyst, and he basically said it is difficult to answer. I believe that it is easier to hack several wallets that are stored on a server that is always online and I truly believe that in the end, the wallet that only exists on a personal workstation is safer.
Overall, when you have bitcoin in “cold storage” for savings or large value storage, the most you have to trust is at least the following:
- The computer that generated the “cold storage” wallet was not already compromised.
- You trust the individual(s) who generated the wallet to have responsibly protected the wallet’s private information.
- None of this wallet exists as a copy on any other media than the medium that you control. For example: there is no copy of any of the contents of the paper wallet: https://en.bitcoin.it/wiki/Paper_wallet
However, when your wallet is stored on another web service, or if you are using a mobile wallet that actually stores your wallet on their web service, there are huge security risks. The reward for penetrating these systems are simply too high to ignore. For example, with cold storage, most security issues are within your physical control. When you use a website to store your wallet, you are trusting your bitcoin with a company that cannot even trust its own technology! When you trust other services, not only do you have the same trust issues if you were to generate the wallets yourself, but you have significantly more issues on top of that! There are a number of other items that are beyond the control of web wallet services, such as Coinbase and Circle:
- They must trust the security of all software on their platform. This is impossible for all exchanges.
- They must trust the interests of the individuals involved in the transactional processes, system administration, and/or system operations.
- They must trust themselves from abusing their own system, which hopefully they have eliminated this risk in their business process – and it is looking like Mark Karpeles from Mt Gox certainly did not eliminate this risk.
- They must recognize and accept that it is only a matter of time until all coins in their hot wallets are stolen.
This is just too much extra risk.
CoinJournal: Do you think that the current drop in prices is due to the losses at Bitstamp?
Robert Genito: Yes, mostly. Who knows…maybe there will be another black market bust, where some agency claims a few dozen thousand bitcoins were recovered. Of course, these would be later auctioned. Or perhaps a security intelligence and analytics company will slowly re-buy the coins after a price drop, and then slowly liquidate to their bank accounts. Millions of dollars would not be uncommon income for these organizations.
While these are Hollywood-type speculations, the losses at BitStamp are indeed a factor along with many other factors: we are at a time where newer miners are looking to get out and liquidate what bitcoin earnings they have, merchants are using services to automatically dump a portion of their coins into market buyer demands, and other individuals are out there simply looking to convert and use on local currency (perhaps due to extra market fear). Either way, this is not necessarily a bad thing for Bitcoin: this encourages others to spend and use bitcoin, rather than hoard it.
CoinJournal: Bitstamp says that bitcoins stored in cold storage are safe but have closed down deposits to wallets. In your opinion, is this true?
Robert Genito: Secured cold storage takes the proper steps, planning, and maintenance. It’s not cheap: Genitrust sells these off line workstations for $10,000 a pop. It still requires discipline and a strict adherence to protocol, and I believe that with $10 million in funding BitStamp better have this discipline.
BitStamp’s effort to educate their users to discontinue sending bitcoin to their associated account is a good move on their part. I believe BitStamp is a good actor in the Bitcoin industry, and I truly believe they care about the Bitcoin industry for more reasons other than the fact that it built their business. However, I would hate for their public announcements to turn out to be a fabricated lie. It is highly possible that the Bitcoin deposit addresses served by BitStamp are deposit addresses to their cold storage wallets. BitStamp’s current verbiage is worrisome: “some of BitStamp’s operational wallets were compromised, resulting in a loss of less than 19,000 BTC.” To me, “operational wallets” are cold storage wallets, although they could be referring to the wallet of the “website” or “web app” operations.
BitStamp’s verbiage is unclear. Regardless, I remain hopeful that they do have the situation under control: their time estimate of a re-launch makes sense, and the time frame is not too unreasonable. Either way, I know absolutely nothing about their actual internal business processes, their human resources, etc.
CoinJournal: Wall of Coins uses a similar framework. Can you tell our readers how your service is safer than one like Bitstamp?
Robert Genito: Wall of Coins and BitStamp both use the Django web framework, but I believe our similarities end there. Wall of Coins is safer because it’s simple: we use 100% cold storage. Our technical processes, as well as business processes, are reviewed significantly by our security analysts. We use GPG encryption, our team is educated on why it’s in place and how to use it, and not a single one of us possess the ability to steal coins from the system. Furthermore, we will happily consult on all of this to help push Bitcoin safety forward.
CoinJournal: There has been some speculation that the losses were far greater than $5.1 million. Do you think this is true and, if so, why?
Robert Genito: Considering the fact that significant market value dropped before BitStamp noticed the problem, bitcoin at the time was easily liquidated at over $300 per coin. Nearly 19,000 coins at $300 is much closer to $6 million. Personally, I do not believe that the losses were much greater than 19,000 bitcoin, because I trust that BitStamp is a company with good policies and procedures to load their hot wallet with coins from cold storage. It is likely this procedure that helped them realize there was a problem, and likely only the coins from their hot wallet(s) were completely emptied.
CoinJournal: There have been a lot of losses similar to the Bitstamp hack, do you think people should avoid online bitcoin storage?
Robert Genito: For now, absolutely! The industry has a lot of changes to do until online bitcoin storage is a reasonable option. We are adamant that we have one of these solutions, and we are looking for additional funding to accomplish this.
CoinJournal: What would you recommend for both exchanges and individuals as far as security go?
Robert Genito: Let’s talk about exchanges. When it comes to funds that you are holding for your customers (wallet security), anything less than 100% cold storage is inappropriate, unprofessional, and down-right lazy. Online services for storing bitcoin are essentially acting like a bank; however, most banks are older than Bitcoin itself, and have adapted to the immunity necessary for a financial world filled with scammers and thieves.
Exchanges need to stop storing hot wallets on their servers, and start employing people to manage a 100% cold storage solution. BitStamp’s situation should be a lesson to all of us: having a cold storage solution, even if you have to hire a team of 50 people, is certainly less expensive than BitStamp’s $6 million mistake. Complete, 100% cold storage is more than possible, and Wall of Coins demonstrates this fluently while remaining 100% transparent about our finances by listing ALL of our deposit addresses.
Individuals should have 2 wallets: 1 wallet for daily or weekly spending, and 1 wallet for savings. For a spending wallet, we endorse a native wallet on your mobile phone.
The best people can do today, if they want the protection of a savings wallet, is take a day out of the weekend to learn about paper wallets. Software solutions such as Armory are great, but there’s a lot more to learn about properly managing and securing the wallet. Genitrust does this as a secure, one-time service that includes a review of Bitcoin best practices. There’s a small fee, but your time and savings are worth it: Genitrust’s phone number can be obtained at Genitrust.