The details of cyberattacks resulting in breaches of user data from two prominent bitcoin websites – bitcoin exchange BTC-e and Bitcointalk.or, the largest bitcoin forum around – have been revealed.
Data breach indexing and monitoring resource LeakedSource has revealed details surrounding data breaches suffered by bitcoin exchange Btc-e in 2014 and bitcoin discussion forum Bitcointalk.org in 2015.
LeakedSource reviewed the stolen user data from both websites. Fortunately, the security framework and password encryption techniques used by the websites are revealed to be remarkably good, LeakedSource revealed. This means that a significant majority of passwords from both websites were either completely un-crackable or hard to crack.
A stolen data set containing user information from BTC-E from October 2014 revealed a total of 568,355 users registered with the exchange.
The breached data contained all manners of user details including usernames, email addresses, passwords, IP addresses, dates of registration and the user’s preferred language. Somewhat alarmingly, some profile details even revealed the number of bitcoins owned by the user.
However, BTC-E used a discreet and a unique password hashing method to secure user passwords, a method unknown even to LeakedSource. Currently, every single password of over half a million BTC-E users remains “completely uncrackable, although that may change”, according to LeakedSource.
Furthermore, the data breach combing resource added:
This [password security] is good because if the passwords were easy to crack, hackers could log into the exchange and start stealing members’ Bitcoins.
Suffice to say, BTC-E dodged a bullet in this instance by using a lesser-known and robust password hashing method to secure its user accounts.
The largest bitcoin discussion board in the world has predictably been the target of cyberattacks, including DDoS-led outages.
In May 2015, BitcoinTalk was the victim of a social engineering attack after an unknown hacker targeted an employee of NFOrce, BitcoinTalk’s ISP. In a revelation on Reddit at the time, forum operator and admin Theymos hinted that password hashes, private messages, emails and other user details could be compromised.
As it turns out, the data dump containing stolen Bitcointalk users’ information including usernames, email addresses, passwords, users’ birthdays, secret questions and their corresponding hashed secret answers and other internal data.
Altogether, the data contained information belonging to 499,593 users.
Of that number, a minority of 9%, or 44,869 users’ accounts used MD5 hashing with a unique salt for an added layer of security. LeakedSource was able to crack 68% of those users or 30,389 passwords in total.
Notably, the remaining 91% of user passwords were hashed with “sha256crypt”, a method of password storage that LeakedSource deemed as “far superior to nearly every website we’ve seen thus far.” That’s high praise, coming from a resource that reveals details of data breaches frequently, in a time where mega-breaches of hundreds of millions of users are commonplace.
Representatives for BTC-E and BitcoinTalk weren’t immediately available for comment at the time of publication.
Featured image from Shutterstock.
Last modified: May 21, 2020 10:17 AM UTC