Paying Crimes

MyBitcoin.com Is Back: A Week After Vanishing With at Least $250 K. Worth of BTC, Site Claims It Was Hacked

mybitcoin MyBitcoin.com Is Back: A Week After Vanishing With at Least $250 K. Worth of BTC, Site Claims It Was HackedWho is Tom Williams? MyBitcoin.com, which disappeared without explanation from the internet about a week ago, is back up with a messages “From the desk of Tom Williams, operator of MyBitcoin.com.” The statement, labeled an “incident report,” is the only live page on the site. MyBitcoin noticed a large amount of BTC missing, the statement says, realized its security had been breached, and pulled the site immediately. After investigating the hack, the statement says, the “we” behind MyBitcoin realized it was bankrupt and “would have to go into receivership.” There will be a claims process for reimbursing users, the statement says.

We’re not exactly sure what constitutes receivership in a system with no central authority, or why the site’s anonymous operators would feel obligated to refund its anonymous users given the utter lack of accountability. Before the statement hit, word on the street was that MyBitcoin.com, the user-friendly Bitcoin wallet that was the go-to for most Bitcoin newbies, was an elaborate ploy set up by a group of (Canadian?) hackers who swindled naive Bitcoin users for the money and the lulz. At the time it went down, MyBitcoin.com had more deposits than the third largest Bitcoin exchange, Bitomat.pl. Bitomat.pl had 17,000 BTC on hand when it went down this weekend due to human technical error. But just one Bitcoin user, the vocal Bruce Wagner, had 25,000 BTC stored at MyBitcoin when it disappeared. Betabeat had 6 BTC there, and we’re surely not the only ones. At today’s prices, MyBitcoin had more than $250,000 in its coffers.

Mr. Wagner, one of Bitcoin’s most vocal advocates on Twitter and via the Bitcoin People Google group and The Bitcoin Show, had been encouraging others to use the service because it was the simplest Bitcoin wallet available. But he had started voicing suspicions about the service after reports from some users that their Bitcoins stored at MyBitcoin were going missing. Not long after, MyBitcoin vanished, provoking speculation that some dodgy characters were running the show and decided to cut and run before Mr. Wagner told his devotees to pull their BTC out of MyBitcoin.

The question of whether MyBitcoin’s disappearance was evidence of foul play became a test of the Bitcoin hivemind. Volunteers started crowdsourcing information in the freenode #bitcoin-police IRC channel and compiling a dossier. Mr. Wagner was encouraging people to report the case to the FBI via the agency’s online complaint form (not holding our breath).

MyBitcoin is based out of the popular off-shore banking hub of St. Kitts and Nevis, but vigilantes have fingered a group of Canadian hackers and the handles ‘dalin,’ ‘nanaimogold,’ and “themadhatter” have been identified as entities of interest by members of the Bitcoin community who are collaborating via IRC and other methods to get to the bottom of the story. The group has not responded to an interview request as of yet.

While operators of other Bitcoin services frequently appear on camera and do interviews with journalists, Mr. Williams offers no contact information or evidence of his existence:

On Friday of last week we noticed that one of our pooled holding servers was missing a large amount of Bitcoins. After a prompt investigation we realized that the security of our SCI (Shopping Cart Interface) system had been breached by an unknown attacker.

Our response was rash, but necessary. We simply switched the system off until we could have system-wide forensics performed. The forensics took some time, as the system is quite complex by nature.

After weighing all of our options, we have realized that we have no option but to go into receivership. We will settle all accounts with a online claim process that we are currently in the process of working out.

We will release more detailed information about the security breach, the claim process, and our balance sheet in the next few days.

There are also more than 1,600 people named “Tom Williams” on LinkedIn.

Meanwhile, the Bitcoin Police also harbor suspicions about Bitomat.pl–but there isn’t as much information available about the Polish exchange.

Clarifications: This post has been updated to reflect the concerns of some members in the Bitcoin community, who make the good point that hard facts are hard to come by in Bitcoin world and it’s best to hedge one’s words.

Follow Adrianne Jeffries on Twitter or via RSS. ajeffries@observer.com

Comments

  1. Adam Brady says:

    We have a massive ongoing investigation into this on freenode in #bitcoin-police .

  2. Roadie says:

    Geez, when you can open a shop and easily swindle folks out of money, why bother with this currency. BTW, FBI (or DHS) is not going to lift a finger to help because they don’t want bitcoin to succeed as a viable currency. Until a remote wallet can produce the ability to replace every stolen BTC, there is no way I’d use them. .

  3. Pedro says:

    i love this :) annonimity ftw

  4. BitStarter says:

    Bitcoin has the best community on the web! come join us!

  5. Anony Mouse says:

    So, Ms. Jeffries, looks like you’ve invested your coworker’s funds into bitcoin and held onto those funds in your account (whose funds are now vanished)?  Aren’t their laws against doing this?

    1. Anonymous says:

      Fortunately, they seem to have forgiven me.

  6. BitVapes says:

    They’ve now released a second statement, claiming someone had been exploiting their shopping cart interface to spend/withdraw bitcoins that never were actually deposited.   They claim most of their coins were offline but they were being drained slowly by this unknown party.

    Also, they claim to be releasing the source code of their web service for the bitcoin community to improve. 

    (notsureiftrolling.jpg)

  7. “you’ve learned a lesson the hard way”

    Fuck you guys.

    Bitcoin has failed me, I just found out my money has been stolen.

    You guys are all a bunch of fucking losers.