The security hole was only open for a couple of hours, but that small window was apparently enough for hackers to take bitcoins from many Blockchain.info users. On Reddit, a user complained of losing 100 bitcoins after creating a new wallet via Blockchain.info and depositing money into it.
“”Within 17 seconds of me depositing 100BTC into my account they were stolen and transferred to another address without me even being logged into the blockchain wallet service.”
On the popular Bitcointalk forum, a user called johoe claimed that they had taken coins from hundreds of accounts to protect them from potentially malicious hackers, and would return them if the owner could prove ownership of the wallets from which they were taken.
“I took the liberty of saving some funds before they got swiped by others. If you can convince me that they belong to you (signing a message with the address is obviously not enough; the private key is already known), I will send the funds back. Look into the file https://johoe.mooo.com/bitcoin/broken.txt, to see whether your address was broken.”
Later, johoe announced that the money had been returned.
“The money has been returned to blockchain.info. Please write to blockchain support to claim refund.”
The gentleman hackers have been praised all over the Bitcoin sphere, with suggestions that Blockchain should compensate or hire them.
What do you think of the gentleman hackers who returned the lost bitcoins to Blockchain? Comment below!
Images from Shutterstock.