Cryptsy theft->bankruptcy

[dan@geer.org]

...You probably want to see the article (jpegs of relevance)...

www.databreachtoday.com/bitcoin-heist-steals-millions-from-exchange-a-8803

   Cryptsy Faces Potential Bankruptcy Over Just-Revealed 2014 Hack
   Mathew J. Schwartz (euroinfosec) o January 15, 2016

   Bitcoin Heist Steals Millions from Exchange

   Cryptocurrency exchange Cryptsy, which trades bitcoins as well
   as more than 100 types of "altcoins" such as litecoin and namecoin,
   disclosed Jan. 15 that it was robbed in 2014. As a result of the
   breach, the exchange has now suspended all trades and says it
   will file for bankruptcy unless the stolen bitcoins are returned.

   Florida-based Cryptsy says the attacker stole 13,000 bitcoins,
   worth $5 million today, as well as 300,000 litecoins, worth
   $970,000 today. The exchange says the theft was not related to
   the recent phishing and distributed denial-of-service attacks
   that it's suffered. It suspects that the most recent developer
   behind Lucky7Coin - LK7 - is the culprit behind the attacks,
   based on a backdoor that it found inside its network.

   "About a year and a half ago, we were alerted ...  a reduction
   in our safe/cold wallet balances of bitcoin and litecoin, as
   well as a couple other smaller cryptocurrencies," Cryptsy says
   in a blog post. It says its investigation ultimately found that
   the developer of the Lucky7Coin cryptocurrency "had placed an
   IRC backdoor into the code of
    wallet, which allowed it to act as a sort of a Trojan, or
   command-and-control unit."

   The exchange adds: "This Trojan had likely been there for months
   before it was able to collect enough information to perform the
   attack," which was executed on July 29, 2014. A user of code-sharing
   site GitHub in March 2015 detailed that apparent backdoor in the
   Lucky7Coin IRC code, noting that it would give an attacker "the
   ability to run arbitrary commands on the victim's host."

   Cryptsy suspects that whoever originally developed Lucky7Coin
   isn't responsible for the backdoor, but rather someone named
   "Jack," who claimed to have taken over development of the
   cryptocurrency codebase and related code, and who contacted
   Cryptsy on May 22, 2014. "You're the only exchange for this coin
   and I hope you will let me take care of it. I'm responsible,"
   Jack claimed.

Message From New Lucky7Coin Developer

   [Cryptsy-720.jpg] Cryptsy says it fell for a Trojan attack
   initiated by "Jack."

Connection to Jailed 'Silk Road' Secret Service Agent

   Cryptsy is not the first exchange to have faced insolvency after
   hackers stole its bitcoins (see Bitcoin Exchange Hacked With
   Word Macro). But why didn't the exchange come forward sooner?
   Officials at Cryptsy couldn't be immediately reached for comment.
   But in the blog post, Cryptsy says it initially tried to cover
   the missing funds using its exchange profits and appears to
   suggest that everyone would have been worse off, had it gone to
   authorities, because its U.S. Secret Service contact was none
   other than Special Agent Shaun Bridges. "I think we all know
   what happened with him," the Cryptsy blog post notes.

   In August, Bridges pleaded guilty to both money laundering and
   obstruction of justice. He was accused of abusing his position
   while a member of the Secret Service's Electronic Crimes Task
   Force that was investigating the notorious darknet narcotics
   marketplace called Silk Road (see Former Secret Service Agent
   Pleads Guilty to $800K Bitcoin Theft).

   Cryptsy, which is a member of the Financial Crimes Enforcement
   Network, also says it attempted to contact the FBI Miami field
   office recently, but was redirected to the Internet Crime Complaint
   Center.  IC3, as it's also known, is run by the FBI, the National
   White Collar Crime Center and the U.S. Bureau of Justice Assistance;
   it deals with Internet crime complaints (see Hackers Claim FBI
   Information-Sharing Portal Breached). The exchange says it has
   yet to hear back from IC3.

Will Missing Bitcoins Come Home?

   Cryptocurrency news site CoinDesk reports that declining trading
   volumes have undercut the exchange's profits and that the exchange
   has halted trading twice in the past two weeks, blaming one of
   those outages on a phishing attack that employed users' email
   addresses and phone numbers.

   But a class-action lawsuit filed Jan. 13 against Project Investors
   - doing business as Cryptsy - and Paul Vernon, who it says is
   the founder, operator, and CEO of Cryptsy, alleges that since
   November 2015, "certain Cryptsy users started having difficulties
   and inabilities withdrawing any and all forms of currency from
   their accounts." The plaintiff, Virginia-based Jinyao Liu, "seeks
   damages based upon the unlawful conduct of defendants in denying
   account holders the ability to obtain funds in their accounts
   and in misappropriating funds held in the Cryptsy accounts,"
   according to the lawsuit.

     Thank you everyone for the patience while we get these issues
     resolved. Team is working hard and we will try to do more
     frequent updates.
      BigVern (@cryptsy) December 10, 2015

   In its Jan. 15 blog post, Cryptsy says it now faces a 10,000
   bitcoin ($3.8 million) shortfall and identifies three available
   business options: It shutters the website and files for bankruptcy;
   someone purchases the exchange and makes good on the requested
   withdrawals; or the attacker returns the stolen bitcoins - no
   questions asked.

   While that might sound far-fetched, Cryptsy says that after the
   July 29, 2014, theft, based on the bitcoin wallet address tied
   to the theft, "those bitcoins have not moved once since this
   happened" which "gives rise to the possibility they can be
   recovered."

   To help, Cryptsy has offered a reward of 1,000 bitcoins ($380,000)
   for "information which leads to the recovery of the stolen coins."

Bye-Bye, Litecoins

   Cryptsy doesn't reference the fate of the missing litecoins. But
   they appear to have been cashed out: On July 2, 2014, someone
   dumped exactly 300,000 litecoins - quite a coincidence - onto
   an exchange all at once, which was such a large volume of coins
   that it temporarily drove down the price of each individual
   litecoin from $8.50 to just $2.

   As noted on a related Reddit conversation: "The volume was so
   high that he basically chewed through the entire buy side of the
   order book, all the way down to someone who had (probably on a
   lark) put in a buy order at $2," reports Reddit user FreeJack2k2.
   "After clearing out the ask side of the order book, the new sell
   orders only dropped to the low $7 range (the recovery from $2
   was immediate) and eventually got bought back to where we are
   now, at around $8. Whoever had that $2 buy order in the books
   made out like a bandit."