Linode Breach Leads to Massive Heist of 46,000 BTC from Bitcoinica, Faucet


Numerous media sources are reporting now on a massive heist of Bitcoin wallets as the result of the hack of the cloud-hosting provider Linode. Last night, Ars Technica was able to confirm that over 46,703 BTC (almost $228,845 USD worth) had been stolen by the hackers from wallets stored on Linode’s servers even Marek Palatinus of lost over 3,000 BTC.

The Bitcoin cutpurses have made off with an impressive amount of loot and it looks like that’s exactly what they were after.

In a advisory statement, Linode confirmed that the hackers were after the Bitcoin wallets of their customers.

“All activity by the intruder was limited to a total of eight customers, all of which had references to ‘bitcoin,'” Linode’s advisory stated. “The intruder proceeded to compromise those Linode Manager accounts, with the apparent goal of finding and transferring any bitcoins. Those customers affected have been notified.”

The attackers struck early morning March 1, 2012and the aftershocks have been massive for the community. Among others hit was a wallet belonging to the Bitcoin trading platform Bitcoinica—CEO Zhou Tong confirmed they lost 43,554 BTC. Even the Bitcoin faucet’s wallet suffered a loss at the hands of the infiltrators.

As they’re an exchange platform, Bitcoinica has made it clear to their customers that the loss will not affect their holdings with the company. “Bitcoinica is committed to absorbing any loss. The thief stole from us, not you,” the notice adds.

All eight of the Linode customers affected by the attack have yet to be identified—aside from Bitcoinica, The Bitcoin Faucet (Gavin Andresen who lost 5 BTC), and Marek Palatinus.

According to Palatinus, Namecoins were not stolen, although the attackers did have access to them.

When the attacks went down, it was Palatinus and Andersen who brought them to light by posting about them on their respective blogs. Shortly after that, Thursday morning, Linode released their security advisory confirming that an attack had taken place.

The attackers apparently breached a customer support portal and used that as a beachhead to identify their intended victims. From there they broke into the target accounts, transferred the Bitcoins out of the wallets, and vanished merrily into the night.

The theft of 46,000 BTC puts this heist on a similar scale to the hack that affected trading on MtGox in June 2011—however, unlike MtGox, the exchange that suffered the most, Bitcoinica, is vowing to proceed for customers as if it didn’t happen. The next largest loss of Bitcoins we’ve seen also happened with a cloud-hosting snafu when Bitomat’s wallet.dat file evaporated and expunged 17,000 BTC in July 2011. And we can also cite’s vanishing that same month, precipitating the loss of more than 25,000 BTC.

While it is obvious that the Bitcoin community is not pleased with this security failure, and Bitcoinica’s involvement, BTC is only down slightly at $4.72—although it’s been a somewhat downward trend for a month now. If there’s any fallout to be had due to Bitcoinca’s loss, we probably won’t see it until after the weekend.