Network Hijacker Steals $83,000 In Bitcoin 101
An anonymous reader writes with news that bogus BGP announcements can be used to hijack work done by cryptocurrency mining pools. Quoting El Reg: Researchers at Dell's SecureWorks Counter Threat Unit (CTU) have identified an exploit that can be used to steal cryptocurrency from mining pools — and they claim that at least one unknown miscreant has already used the technique to pilfer tens of thousands of dollars in digital cash. The heist was achieved by using bogus Border Gateway Protocol (BGP) broadcasts to hijack networks belonging to multiple large hosting companies, including Amazon, Digital Ocean, and OVH, among others.
After sending the fake BGP updates miners unknowingly contributed work to the attackers' pools.
So? (Score:4, Interesting)
Oh right - that would undermine the illusion of "freedom".
At least this weeks compulsory Bitcoin story is sort of amusing.
Re:Bah ... (Score:2, Interesting)
Frankly, I see little difference between stealing BitCoins from a mining pool and High Frequency Trading. And that's perfectly legal.
The official stock market justification for HFT is that it provides "liquidity" (that's the actual word they use) to the market. Translated into human-speak, that means that the trading companies get transaction fees for every transaction under HFT and that money is very important to them. Of course the traders don't pay the kind of fees that us normal people pay. They get volume discounts. But the justification is that somehow the HFT fees that get paid benefit all of us by allowing them to lower the fees that we normal people pay for our rare transactions.
After reading the book Fortune's Formula by William Poundstone, I've come to the conclusion that the stock market will always be gamed by those with money and if HFT were banned, they'd just find something to exploit, maybe even worse. I do admit to being amused by this thread because I thought that the advocates were swearing that BitCoin stealing was impossible - too many safeguards you know.
Re:Where is the validation? (Score:2, Interesting)
Really, this sounds like the miner's fault for not realizing it earlier. .
Erm, no.
When somebody impersonates an authority figure so they can steal things, it's the fault of the robber, for stealing shit, not the fault of the person for not checking their ID.