03-20-2016 , 10:48 AM
BitQuick announces huge downtime after attempted cyber-heist
Bitcoin trading platform BitQuick, announced Thursday, March 17, that it will be shutting down its service for the next two to four weeks to investigate a cyber-attack that took place Monday, March 14.
BitQuick staff said that during the incident, the attacker managed to break through their defenses and gain access to the service's backend with administrative privileges.
Staff were on hand to detect the intrusion, and minutes later servers were shut down to prevent any further damage.
BitQuick: No funds were taken
The company is not yet sure what information the attacker stole, but it's certain that due to its security system, no Bitcoins were stolen, and that the attacker didn't get access to personal user details (driver licenses, IDs, passports data, etc.) or their email addresses.
One day after the attack, the company says it emailed withdrawal instructions to all sellers, that all transactions have been processed, and that only 3% of the money it stored prior to the attack have remained unclaimed.
BitQuick is to undergo a complete security audit in the next weeks
BitQuick also started an investigation as soon as the attack was repelled, and two days later, still having no clue of how the intruder accessed their system, the platform is not taking any chances and has announced it will keep its service closed until they've found the point of entry and neutralized future threats.
BitQuick's Jad Mubaslat & Chad Davis say that the service will only come back online "once the investigation has been completed, the attack vector has been patched, and the rest of the source code has been audited for security."
The two estimate that this could take between two to four weeks, but the company is more than willing to wait. No doubt, the recent Cryptsy and LoanBase hacks have shown that cyber-criminals have a taste for Bitcoin traders, mainly because of the large sums of money they have stored on their servers.
For an attacker, Bitcoin traders are literally like online banks, but with far less security measures you'd generally find in online banking services.
As a side note, an earlier version of the BitQuick announcement, as reported by EconoTimes, featured a paragraph in which the site's management team was looking for someone to take over from them. It appears that this paragraph was removed.
Source
Bitcoin trading platform BitQuick, announced Thursday, March 17, that it will be shutting down its service for the next two to four weeks to investigate a cyber-attack that took place Monday, March 14.
BitQuick staff said that during the incident, the attacker managed to break through their defenses and gain access to the service's backend with administrative privileges.
Staff were on hand to detect the intrusion, and minutes later servers were shut down to prevent any further damage.
BitQuick: No funds were taken
The company is not yet sure what information the attacker stole, but it's certain that due to its security system, no Bitcoins were stolen, and that the attacker didn't get access to personal user details (driver licenses, IDs, passports data, etc.) or their email addresses.
One day after the attack, the company says it emailed withdrawal instructions to all sellers, that all transactions have been processed, and that only 3% of the money it stored prior to the attack have remained unclaimed.
BitQuick is to undergo a complete security audit in the next weeks
BitQuick also started an investigation as soon as the attack was repelled, and two days later, still having no clue of how the intruder accessed their system, the platform is not taking any chances and has announced it will keep its service closed until they've found the point of entry and neutralized future threats.
BitQuick's Jad Mubaslat & Chad Davis say that the service will only come back online "once the investigation has been completed, the attack vector has been patched, and the rest of the source code has been audited for security."
The two estimate that this could take between two to four weeks, but the company is more than willing to wait. No doubt, the recent Cryptsy and LoanBase hacks have shown that cyber-criminals have a taste for Bitcoin traders, mainly because of the large sums of money they have stored on their servers.
For an attacker, Bitcoin traders are literally like online banks, but with far less security measures you'd generally find in online banking services.
As a side note, an earlier version of the BitQuick announcement, as reported by EconoTimes, featured a paragraph in which the site's management team was looking for someone to take over from them. It appears that this paragraph was removed.
Source