The semi-anonymous developers who ran MyBitcoin.com have left a cryptographically signed message on the front page of their site talking about why the site went AWOL last month along with almost $250,000 worth of BTC. Although the message is extremely sparse, contains few details, and no way to actually contact or identify responsible parties, it’s the best we’ve seen going so far in this emerging saga.
The statement itself is labeled an “incident report” and outlines an explanation of what MyBitcoin.com explains is their reaction to a hacking incident. Betabeat writer Adrianne Jeffries has compiled together a examination of the history of the MyBitcoin.com incident starting with the site vanishing from the Internet (with its entire purse of BTC) on July 29. The incident report claims that they noticed a great deal of bitcoins missing from their wallet; they then realized that their security had been compromised and took the site offline to protect the wallet.dat file.
The statement goes on to state that they felt that their response was “rash, but necessary” so that they could perform system-wide forensics; however, it doesn’t explain why they didn’t immediately then contact their users and communicate their intentions until today.
Thursday, August 4th, 2011
From the desk of Tom Williams, operator of MyBitcoin.com
For immediate release.
As you have probably noticed, MyBitcoin.com had been down for almost a week due to an unfortunate event.
On Friday of last week we noticed that one of our pooled holding servers was missing a large amount of Bitcoins. After a prompt investigation we realized that the security of ourSCI(Shopping Cart Interface) system had been breached by an unknown attacker.
Our response was rash, but necessary. We simply switched the system off until we could have system-wide forensics performed. The forensics took some time, as the system is quite complex by nature.
After weighing all of our options, we have realized that we have no option but to go into receivership. We will settle all accounts with a online claim process that we are currently in the process of working out.
We will release more detailed information about the security breach, the claim process, and our balance sheet in the next few days.
Tom Williams
Who is Tom Williams? The message appears to come from one Tom Williams, a name used when contacting the public in previous incident reports and also attached to the domain name registration. Although the registration is hidden behind an offshore privacy service, Privacy Shark Domain Trust, designed to protect the anonymity of the registrant. The PGP signature authenticates to a cryptographic key belonging to “MyBitcoin LLC (SCIVerification Key)” <nobody@mybitcoin.com> generatedMay 3rd 2010. This key appears to have been used in previous missives generated from the desk of Tom Williams; but very little is known about this individual at all.
As the easiest and most friendly Bitcoin e-wallet available, MyBitcoin.com became the go-to site to store bitcoins for users; so when they went offline, a great deal of coins were lost from the economy. Estimates fluctuate but it’s thought that the site held around $250,000 worth of bitcoins (in the current economy.) Vocal Bitcoin advocate, Bruce Wagner, had 25,000 BTC sitting in MyBitcoin.com’s coffers when it disappeared and he’s gone on record on The Bitcoin Show (episode 33) about his experience.
Recently another huge loss hit the Bitcoin market when Bitomat.pl went offline with potentially more than 17,000 BTC on hand when their wallet vanished into the æther due to a technical failure.
Due to the large number of coins lost, and the lack of communication, has spurred the Bitcoin community to attempt their own investations. The Bitcoin hivemind pulling volunteers from the Freenode IRC channel #bitcoin-police have been developing a dossier (available on PasteBin) of what they believe is information about the site the accompanying incident.
From the current information, it looks like MyBitcoin.com may simply be showing signs of an extremely sketchy operation and users should be used as a warning to users to look for transparency and establishment when storing their bitcoins. It may turn out that MyBitcoin has suffered extremely bad management, and a lack of PR capability; however, the bitcoin-police right now are leaning toward possible misconduct or fraud.
Since you’re here …
… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.
The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE:
