Bitcoins Norway AlphaPoint Attack: Difference between revisions
(Created page with "{{Imported Case Study|source=https://www.quadrigainitiative.com/casestudy/bitcoinsnorwayalphapointattack.php}} thumb|Bitcoins NorwayBitcoins Norway (and other services) gave their funds to AlphaPoint in a white label arrangement. Luckily, they did not give their entire cold storage. AlphaPoint was breached multiple times, losing both customer data and platform funds. For some reason, this prompted the liquidation of all bitcoin on the Bitcoi...") |
No edit summary |
||
| Line 1: | Line 1: | ||
{{Imported Case Study|source=https://www.quadrigainitiative.com/casestudy/bitcoinsnorwayalphapointattack.php}} | {{Imported Case Study|source=https://www.quadrigainitiative.com/casestudy/bitcoinsnorwayalphapointattack.php}} | ||
{{Unattributed Citations}} | |||
[[File:Bitcoinsnorway.jpg|thumb|Bitcoins Norway]]Bitcoins Norway (and other services) gave their funds to AlphaPoint in a white label arrangement. Luckily, they did not give their entire cold storage. | [[File:Bitcoinsnorway.jpg|thumb|Bitcoins Norway]]Bitcoins Norway (and other services) gave their funds to AlphaPoint in a white label arrangement. Luckily, they did not give their entire cold storage. | ||
| Line 10: | Line 11: | ||
This exchange or platform is based in Norway, or the incident targeted people primarily in Norway. | This exchange or platform is based in Norway, or the incident targeted people primarily in Norway. | ||
<ref name="cryptoxdirectory-2276" /><ref name="crowdfundinsider-3022" /><ref name="bitcoinsnorway-3023" /><ref name="joffer77twitter-3024" /><ref name="bitcoinsnorgenotwitter-3025" /><ref name="slideshare-3026" /><ref name="accesswire-3027" /><ref name="newsbeezer-3028" /><ref name="kryptografen-3029" /><ref name="newsbeezer-3030" /><ref name="reddit-3031" /><ref name="criptomonedaseico-3032" /><ref name="okokrim-3033" /><ref name="keychainxmedium-7479" /> | |||
== About Bitcoins Norway == | == About Bitcoins Norway == | ||
| Line 63: | Line 65: | ||
Don't Include: | Don't Include: | ||
* Any wording which directly states or implies that the business is/was illegitimate, or that a vulnerability existed. | * Any wording which directly states or implies that the business is/was illegitimate, or that a vulnerability existed. | ||
* Anything that wasn't reasonably knowable at the time of the event. | * Anything that wasn't reasonably knowable at the time of the event. | ||
| Line 85: | Line 86: | ||
|- | |- | ||
|May 7th, 2019 12:00:00 AM | |May 7th, 2019 12:00:00 AM | ||
| | |Main Event | ||
| | |Expand this into a brief description of what happened and the impact. If multiple lines are necessary, add them here. | ||
|- | |- | ||
| | | | ||
| Line 98: | Line 95: | ||
== Total Amount Lost == | == Total Amount Lost == | ||
The total amount lost | The total amount lost has been estimated at $500,000+ USD. | ||
How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie? | How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie? | ||
| Line 109: | Line 106: | ||
== Total Amount Recovered == | == Total Amount Recovered == | ||
There do not appear to have been any funds recovered in this case. | |||
What funds were recovered? What funds were reimbursed for those affected users? | What funds were recovered? What funds were reimbursed for those affected users? | ||
| Line 122: | Line 119: | ||
== References == | == References == | ||
[https://cryptoxdirectory.com/hacked_2019 The 23 exchange hacks of 2019] (Aug 7) | <references><ref name="cryptoxdirectory-2276">[https://cryptoxdirectory.com/hacked_2019 The 23 exchange hacks of 2019] (Aug 7, 2021)</ref> | ||
[https://www.crowdfundinsider.com/2019/07/149439-bitcoin-norway-shuts-down-due-to-theft-via-sim-swap-hack-and-sophisticated-spear-phishing-techniques/ Bitcoin Norway Shuts Down Due to Theft via SIM Swap Hack and "Sophisticated Spear-phishing Techniques"] (Aug 7) | <ref name="crowdfundinsider-3022">[https://www.crowdfundinsider.com/2019/07/149439-bitcoin-norway-shuts-down-due-to-theft-via-sim-swap-hack-and-sophisticated-spear-phishing-techniques/ Bitcoin Norway Shuts Down Due to Theft via SIM Swap Hack and "Sophisticated Spear-phishing Techniques"] (Aug 7, 2021)</ref> | ||
[https://bitcoinsnorway.com/ Bitcoins Norway | Trade] (Sep 11) | <ref name="bitcoinsnorway-3023">[https://bitcoinsnorway.com/ Bitcoins Norway | Trade] (Sep 11, 2021)</ref> | ||
[https://twitter.com/Joffer77/status/1145821087562944514 @Joffer77 Twitter] (Sep 11) | <ref name="joffer77twitter-3024">[https://twitter.com/Joffer77/status/1145821087562944514 @Joffer77 Twitter] (Sep 11, 2021)</ref> | ||
[https://twitter.com/Bitcoinsnorgeno/status/1146393817022529536 @Bitcoinsnorgeno Twitter] (Sep 11) | <ref name="bitcoinsnorgenotwitter-3025">[https://twitter.com/Bitcoinsnorgeno/status/1146393817022529536 @Bitcoinsnorgeno Twitter] (Sep 11, 2021)</ref> | ||
[https://www.slideshare.net/bitcoinnorway/ppt-bitcoin-norway Bitcoins Norway] (Sep 11) | <ref name="slideshare-3026">[https://www.slideshare.net/bitcoinnorway/ppt-bitcoin-norway Bitcoins Norway] (Sep 11, 2021)</ref> | ||
[https://www.accesswire.com/417953/New-Exchange-Bitcoins-Norway-Offers-Industry-Grade-Trading-Donaties-5-To-Charity | <ref name="accesswire-3027">[https://www.accesswire.com/417953/New-Exchange-Bitcoins-Norway-Offers-Industry-Grade-Trading-Donaties-5-To-Charity New Exchange Bitcoins Norway Offers Industry Grade Trading – Donaties 5% To Charity] (Sep 11, 2021)</ref> | ||
[https://newsbeezer.com/norwayeng/e-mail-to-customers-of-bitcoins-norway-sell-the-available-cryptocurrency-as-soon-as-possible/ | <ref name="newsbeezer-3028">[https://newsbeezer.com/norwayeng/e-mail-to-customers-of-bitcoins-norway-sell-the-available-cryptocurrency-as-soon-as-possible/ E-Mail to Customers of Bitcoins Norway: Sell the available cryptocurrency as soon as possible] (Sep 11, 2021)</ref> | ||
[https://kryptografen.no/2019/07/04/intervju-med-bitcoins-norway-sjefen-alle-pengene-vil-ga-tilbake-til-kundene/ Intervju med Bitcoins Norway-sjefen: “Alle pengene vil gå tilbake til kundene” - Kryptografen.no] (Sep 11) | <ref name="kryptografen-3029">[https://kryptografen.no/2019/07/04/intervju-med-bitcoins-norway-sjefen-alle-pengene-vil-ga-tilbake-til-kundene/ Intervju med Bitcoins Norway-sjefen: “Alle pengene vil gå tilbake til kundene” - Kryptografen.no] (Sep 11, 2021)</ref> | ||
[https://newsbeezer.com/norwayeng/bitcoins-norway-has-no-insurance-with-if-this-covers-customers-bitcoin-digital/ | <ref name="newsbeezer-3030">[https://newsbeezer.com/norwayeng/bitcoins-norway-has-no-insurance-with-if-this-covers-customers-bitcoin-digital/ Bitcoins Norway has no insurance with If this covers customers – Bitcoin – Digital] (Sep 11, 2021)</ref> | ||
[https://www.reddit.com/r/Bitcoin/comments/c8g7kr/bitcoin_norway_claims_just_now_they_were_hacked/ Bitcoin Norway claims just now they were hacked on may 7th : Bitcoin] (Sep 11) | <ref name="reddit-3031">[https://www.reddit.com/r/Bitcoin/comments/c8g7kr/bitcoin_norway_claims_just_now_they_were_hacked/ Bitcoin Norway claims just now they were hacked on may 7th : Bitcoin] (Sep 11, 2021)</ref> | ||
[https://criptomonedaseico.com/en/news-en/norwegian-exchange-tries-to-recover-users-after-suffering-a-hack/ | <ref name="criptomonedaseico-3032">[https://criptomonedaseico.com/en/news-en/norwegian-exchange-tries-to-recover-users-after-suffering-a-hack/ Norwegian exchange tries to recover users after suffering a hack] (Sep 11, 2021)</ref> | ||
[https://www.okokrim.no/oekokrim-har-avsluttet-etterforskingen-mot-daglig-leder-i-bitcoins-norge-as.6383298-411472.html Økokrim har avsluttet etterforskingen mot daglig leder i Bitcoins Norge AS - Økokrim] (Sep 11) | <ref name="okokrim-3033">[https://www.okokrim.no/oekokrim-har-avsluttet-etterforskingen-mot-daglig-leder-i-bitcoins-norge-as.6383298-411472.html Økokrim har avsluttet etterforskingen mot daglig leder i Bitcoins Norge AS - Økokrim] (Sep 11, 2021)</ref> | ||
[https://keychainx.medium.com/recover-bitcoin-wallet-from-2013-36b0b5b11ef https://keychainx.medium.com/recover-bitcoin-wallet-from-2013-36b0b5b11ef] (Mar 26) | <ref name="keychainxmedium-7479">[https://keychainx.medium.com/recover-bitcoin-wallet-from-2013-36b0b5b11ef https://keychainx.medium.com/recover-bitcoin-wallet-from-2013-36b0b5b11ef] (Mar 26, 2022)</ref></references> | ||
Revision as of 02:05, 17 February 2023
Notice: This page is a freshly imported case study from the original repository. The original content was in a different format, and may not have relevant information for all sections. Please help restructure the content by moving information from the 'About' section to other sections, and add any missing information or sources you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.
Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!
Bitcoins Norway (and other services) gave their funds to AlphaPoint in a white label arrangement. Luckily, they did not give their entire cold storage.
AlphaPoint was breached multiple times, losing both customer data and platform funds. For some reason, this prompted the liquidation of all bitcoin on the Bitcoins Norway platform, with the proceeds of the liquidation paid to affected users.
AlphaPoint had insurance, however due to the way the insurance contract was written, it appears there was no payout which occured. Customers were reimbursed based on the cold storage funds.
Investigation has concluded that no fraud or embezzlement occurred.
This exchange or platform is based in Norway, or the incident targeted people primarily in Norway. [1][2][3][4][5][6][7][8][9][10][11][12][13][14]
About Bitcoins Norway
"Bitcoin Norway is a cryptocurrency exchange that claims to have served over 25,000 Norwegians since 2013." "Bitcoins Norway is based in Stavanger." "[I]n 2012, before anyone had heard of bitcoin and cryptocurrency, the Stavanger man Ole-Andre Torjussen founded the company Bitcoins Norway." "The services offered by Bitcoins Norway allow users to trade digital currencies with each other and by that, exchange the value of digital Currencies in currency. Bitcoins Norge AS is owned by it's customers and employees. Our goal is to be the desired trading platform for cryptocurrencies in Norway." "In 2017, [Stavenger] achieved a pre-tax profit of NOK 3.6 million."
"Newly launched Norwegian Bitcoin and Litecoin exchange platform bitcoinsnorway.com offers fast transaction times with low fees worldwide. The user friendly site allows members to securely buy, sell and hold Bitcoin and Litecoin. Bitcoins Norway also pledge to give 5% of their profits to reputable charity organisations fighting poverty. Bitcoins Norway values customer service and offers the competence and security necessary to ensure an optimal trading experience with the company slogan “Be a part of the Bitcoin adventure!”"
"The trading platform Bitcoins Norway takes only a 0.5% trading fee while executing transfers in less than 24 hours, anyone around the globe can have their money delivered directly to their bank in 24-48 hours. Decentralised digital currencies Bitcoin and Litecoin are regarded as income in Norway and Bitcoins Norway takes all legal actions to prevent money laundering according to Norwegian law."
"AlphaPoint is the white label platform for exchanges, brokerages and tokenization of assets." "AlphaPoint is based in New York and provides a White Label trading and technology platform that enables prospective crypto exchange owners to buy an off the shelf solution including matching engines, an order management system, hot and cold wallets, security and account administration – while skinning it with their own ‘front end’ interface."
"We have developed financial technology solutions for institutional operators providing access to digital assets and cryptocurrencies globally. Our comprehensive set of tools includes: Exchange Technology (Matching Engine, Order Management System), Liquidity Solutions (Remarketer, Market Making), Custody (Wallets, Risk Management), and Yield (Lending, Staking, Interest-Bearing Accounts). These tools have been used to deliver innovative financial products and services by over 150 clients including: Exchange Operators, Brokerages, OTC Desks, Liquidity Providers & Market Makers, and Security Token (STO) Exchanges."
"Detailing the Bitcoins Norway saga, website Kryptografen reported that AlphaPoint had told the exchange on May 1 that all ‘hot wallets’ had been robbed, but the funds were covered by insurance."
"Norwegian exchange Bitcoins Norway blew the whistle on the attacks on July 1, initially reporting the loss of half a million USD worth of crypto from attacks beginning in early May." "It now says that figure represents just “a small proportion of the total” and that all of its hot wallet funds were taken."
“AlphaPoint was hit by so-called phishing and SIM swap scams,” the company confirmed in an email to Norwegian website E24 on July 9.
"Bitcoins Norway, however, did not inform users until two months later after the board learnt that AlphaPoint “had been subjected to several serious computer attacks”, according to owner Ole-André Torjussen."
"Hello and thank you for your inquiry, We are currently in great demand and apologize for the long response time. Bitcoins Norway is exposed to an extraordinary situation that is completely beyond our control. We examine all possibilities to take care of our customers' interests in the best possible way."
"About six years I have with bitcoinsnorway. We have teamed up to establish a secure cryptocurrency trading platform for us Norwegians, and we have chosen to enter into an agreement with AlphaPoint for the delivery of the trading platform as they are considered one of the most recognized providers in the market, I dare to understand that It is a situation that eludes both my control and that of the company, and I guarantee you that I will do anything to solve the situation in a way that protects you."
"Several users write that they are not sure who's really behind it, and that this is a very sophisticated phishing attempt, especially as customers are asked to enter bank account numbers and birth numbers in a Google Docs form attached to the message receive four hours to resist the sale of their cryptocurrency."
"It is also stated that Bitcoins Norway was already informed about attacks on AlphaPoint on May 7, but was reassured that the FBI and other police officers were in the case and that Alphapoint had insurance." “AlphaPoint assured Bitcoins Norway that we will compensate them … we stand by our customers.”
"However, there has been recent information about ongoing vulnerabilities in the AlphaPoints technology and uncertainties as to whether AlphaPoint and its insurance company will be able to fully meet customer requirements Bitcoins Norway no longer advisable to wait for developments in AlphaPoint."
"The insurance does not cover financial losses due to speculation in a market or losses due to errors in a Bitcoin transaction, says Information Director Jon Berge in the insurance company." "He further states that the insurance mainly covers the company in terms of assistance in attacking and restoring systems." "However, it does not cover any damage that the customer had to accept in a speculation market, says Berge."
"I really hope that this is not the end for Bitcoins Norway. I have been working with this company for several years and I have always had the vision that the Norwegians will use the cryptocurrencies to a greater extent."
"Bitcoins Norway has been under investigation by Økokrim after the hacker attacks the platform was postponed in the spring and summer of 2019. [On April 23rd, 2021], the press release came from Økokrim that the reviews against the company are being dropped."
"Ecocrime has come to the conclusion that there is no basis for reprimanding any of the circumstances. With regard to the suspicion of embezzlement, the conclusion is that nothing criminal has happened. For the suspicion that concerned fraud, the evidence situation is such that the case is left to the position of the evidence."
This exchange or platform is based in Norway, or the incident targeted people primarily in Norway.
The background of the exchange platform, service, or individuals involved, as it would have been seen or understood at the time of the events.
Include:
- Known history of when and how the service was started.
- What problems does the company or service claim to solve?
- What marketing materials were used by the firm or business?
- Audits performed, and excerpts that may have been included.
- Business registration documents shown (fake or legitimate).
- How were people recruited to participate?
- Public warnings and announcements prior to the event.
Don't Include:
- Any wording which directly states or implies that the business is/was illegitimate, or that a vulnerability existed.
- Anything that wasn't reasonably knowable at the time of the event.
There could be more than one section here. If the same platform is involved with multiple incidents, then it can be linked to a main article page.
The Reality
This sections is included if a case involved deception or information that was unknown at the time. Examples include:
- When the service was actually started (if different than the "official story").
- Who actually ran a service and their own personal history.
- How the service was structured behind the scenes. (For example, there was no "trading bot".)
- Details of what audits reported and how vulnerabilities were missed during auditing.
What Happened
The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.
| Date | Event | Description |
|---|---|---|
| May 7th, 2019 12:00:00 AM | Main Event | Expand this into a brief description of what happened and the impact. If multiple lines are necessary, add them here. |
Total Amount Lost
The total amount lost has been estimated at $500,000+ USD.
How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?
Immediate Reactions
How did the various parties involved (firm, platform, management, and/or affected individual(s)) deal with the events? Were services shut down? Were announcements made? Were groups formed?
Ultimate Outcome
What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?
Total Amount Recovered
There do not appear to have been any funds recovered in this case.
What funds were recovered? What funds were reimbursed for those affected users?
Ongoing Developments
What parts of this case are still remaining to be concluded?
Prevention Policies
This joins a number of examples showing that, in general, third party insurance is ineffective at covering most real cases of loss. Our framework proposes an industry insurance fund, which allows for enhanced coverage and removes the misalignment of interests.
A key part of this case involved the breach of a third party. An increased incentive to exploit exists when multiple platforms pool funds their hot wallet funds with the same entity, and hot wallets have historically shown themselves very likely to be breached.
References
- ↑ The 23 exchange hacks of 2019 (Aug 7, 2021)
- ↑ Bitcoin Norway Shuts Down Due to Theft via SIM Swap Hack and "Sophisticated Spear-phishing Techniques" (Aug 7, 2021)
- ↑ Bitcoins Norway | Trade (Sep 11, 2021)
- ↑ @Joffer77 Twitter (Sep 11, 2021)
- ↑ @Bitcoinsnorgeno Twitter (Sep 11, 2021)
- ↑ New Exchange Bitcoins Norway Offers Industry Grade Trading – Donaties 5% To Charity (Sep 11, 2021)
- ↑ E-Mail to Customers of Bitcoins Norway: Sell the available cryptocurrency as soon as possible (Sep 11, 2021)
- ↑ Intervju med Bitcoins Norway-sjefen: “Alle pengene vil gå tilbake til kundene” - Kryptografen.no (Sep 11, 2021)
- ↑ Bitcoins Norway has no insurance with If this covers customers – Bitcoin – Digital (Sep 11, 2021)
- ↑ Bitcoin Norway claims just now they were hacked on may 7th : Bitcoin (Sep 11, 2021)
- ↑ Norwegian exchange tries to recover users after suffering a hack (Sep 11, 2021)
- ↑ Økokrim har avsluttet etterforskingen mot daglig leder i Bitcoins Norge AS - Økokrim (Sep 11, 2021)
- ↑ https://keychainx.medium.com/recover-bitcoin-wallet-from-2013-36b0b5b11ef (Mar 26, 2022)