Bit LC Theft: Difference between revisions
No edit summary |
(Another 30 minutes. About stub moved to technical analysis. All sources integrated. About to prevention, and wrote a new basic description of the case. Introduction, reality, and other sections populated with basic information. Reviewed the website homepage for further information that was available there.) |
||
| Line 1: | Line 1: | ||
{{ | {{Case Study Under Construction}} | ||
Bit LC was a service provider website which offered a mining pool, online wallet, and a bitcoin exchange. On February 13th, 2013, the website went offline claiming that the service was hacked and that all user funds from the cold storage wallet were lost. | |||
== About Bit LC == | == About Bit LC == | ||
The exchange was reportedly based in Panama. Description from the homepage<ref name=":0">[https://web.archive.org/web/20130115223253/https://www.bitlc.net/ BitLC Homepage Archive January 15th, 2013 3:32:53 PM MST] (Jan 26, 2024)</ref>:<blockquote>We are a ''Bitcoin Service Provider'' offering '''free''' and low cost Bitcoin Services, such as a high-end mining pool, online wallet service, bitcoin exchange and a lot more. We're using cutting edge technology to provide you with the best and most secure services available. Our system have full IPv6 support, is built with highest possible security measurements and we're adding new features and services continuously.</blockquote>Website: bitlc.net<ref name=":0">[https://web.archive.org/web/20130115223253/https://www.bitlc.net/ BitLC Homepage Archive January 15th, 2013 3:32:53 PM MST] (Jan 26, 2024)</ref> | |||
Director: Javier Lopez<ref>[https://www.dnb.com/business-directory/company-profiles.bit_lc_inc.1a9f584203d2024cc35f3bb33cf15a7f.html Bit LC - DNB Business Directory] (Jan 26, 2024)</ref> | |||
Founder: Jim Nelin<ref name="archivearchive-21" /> | |||
== The Reality == | == The Reality == | ||
Funds on the Bit LC platform cold storage were directly accessible to the platform operator. There were no access restrictions preventing the entirety of the customer funds from being transferred away from the platform. | |||
== What Happened == | == What Happened == | ||
| Line 44: | Line 22: | ||
!Description | !Description | ||
|- | |- | ||
| | |January 15th, 2013 3:32:53 PM MST | ||
| | |Website Operating Normally | ||
| | |The BitLC website is captured and appears to be online and operating normally<ref name=":0" />. | ||
|- | |||
|January 19th, 2013 | |||
|Jim Nelin Notices | |||
|According to the report on the site, this is when founder Jim Nelin first became aware that the total of all funds was deficient to pay back customers<ref name="archivearchive-21" />. | |||
|- | |||
|February 13th, 2013 | |||
|Website Notice Published | |||
|A notification is published on the bitlc.net website homepage on this date<ref name="archivearchive-21" />, although in one area the date is incorrectly stated as 2012. Erick reportedly "''ha[s]n't been in contact with [Jim], anyone [he] know[s,] or tried to sign in to any of our servers for the past 3 months or so."'' | |||
|- | |- | ||
| | |March 2nd, 2013 4:10:15 PM MST | ||
| | |Capture Of Website Notice | ||
| | |The BitLC website is captured with details of the bankruptcy/closure of the BitLC platform<ref name="archivearchive-21" />. | ||
|} | |} | ||
== Technical Analysis == | |||
"This alleged theft was unique in that coins held in the hot wallet were safe, but coins held in a cold wallet compromised. The thief is not expected to have access to the coins regardless, so there was little financial gain from this theft. Erick, allegedly the only one with physical access to Bit LC Inc.'s cold wallet, has failed to communicate and withdraw coins. Bit LC Inc. therefore was required to declare bankruptcy. There is no proof that Erick intentionally stole the coins; indeed, some evidence asserts that he or she may simply have disappeared in some manner." | |||
== Total Amount Lost == | == Total Amount Lost == | ||
The total amount lost has been estimated at $51,000 USD. | The total amount lost has been estimated at $51,000 USD. | ||
== Immediate Reactions == | == Immediate Reactions == | ||
The Bit LC website displayed a notice shortly after the cold wallet was emptied<ref name="archivearchive-21" />. | |||
== Ultimate Outcome == | == Ultimate Outcome == | ||
The incident was ultimately included in the BitcoinTalk forum<ref name="bitcointalklistold-20" /><ref name="bitcointalklist-87" />. | |||
== Total Amount Recovered == | == Total Amount Recovered == | ||
There do not appear to have been any funds recovered in this case. | There do not appear to have been any funds recovered in this case. | ||
== Ongoing Developments == | == Ongoing Developments == | ||
What parts of this case are still remaining to be concluded? | What parts of this case are still remaining to be concluded? | ||
== Individual Prevention Policies == | == Individual Prevention Policies == | ||
{{Prevention:Individuals:Placeholder}} | {{Prevention:Individuals:Placeholder}} | ||
| Line 79: | Line 62: | ||
== Platform Prevention Policies == | == Platform Prevention Policies == | ||
Cold storage needs to be a proper multi-signature wallet with all keys stored completely offline. One person should not hold all the keys, especially an unknown person. There needs to be training in place to ensure that all operators are fully aware of best practices. | |||
{{Prevention:Platforms:Placeholder}} | {{Prevention:Platforms:Placeholder}} | ||
| Line 89: | Line 74: | ||
== References == | == References == | ||
<references><ref name="bitcointalklistold-20">[https://bitcointalk.org/index.php?topic=83794.msg923918#post_toc_27 <nowiki>List of Major Bitcoin Heists, Thefts, Hacks, Scams, and Losses [Old]</nowiki>] (Jan 28, 2020)</ref> | <references> | ||
<ref name="bitcointalklistold-20">[https://bitcointalk.org/index.php?topic=83794.msg923918#post_toc_27 <nowiki>List of Major Bitcoin Heists, Thefts, Hacks, Scams, and Losses [Old] - BitcoinTalk</nowiki>] (Jan 28, 2020)</ref> | |||
<ref name="archivearchive-21">[http://web.archive.org/web/20130302231015/https://www.bitlc.net/ Bit LC Inc. closing all services, effective immediately - | <ref name="archivearchive-21">[http://web.archive.org/web/20130302231015/https://www.bitlc.net/ Bit LC Inc. closing all services, effective immediately - BitLC Homepage Archive March 2nd, 2013 2:40:08 PM MST] (Feb 4, 2020)</ref> | ||
<ref name="bitcointalklist-87">[https://bitcointalk.org/index.php?topic=576337 List of Major Bitcoin Heists, Thefts, Hacks, Scams, and Losses - BitcoinTalk] (Feb 15, 2020)</ref> | |||
<ref name="bitcointalklist-87">[https://bitcointalk.org/index.php?topic=576337 List of Major Bitcoin Heists, Thefts, Hacks, Scams, and Losses] (Feb 15, 2020)</ref></references> | </references> | ||
Revision as of 17:58, 26 January 2024
Notice: This page is a new case study and some aspects have not been fully researched. Some sections may be incomplete or reflect inaccuracies present in initial sources. Please check the References at the bottom for further information and perform your own additional assessment. Please feel free to contribute by adding any missing information or sources you come across. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.
Bit LC was a service provider website which offered a mining pool, online wallet, and a bitcoin exchange. On February 13th, 2013, the website went offline claiming that the service was hacked and that all user funds from the cold storage wallet were lost.
About Bit LC
The exchange was reportedly based in Panama. Description from the homepage[1]:
We are a Bitcoin Service Provider offering free and low cost Bitcoin Services, such as a high-end mining pool, online wallet service, bitcoin exchange and a lot more. We're using cutting edge technology to provide you with the best and most secure services available. Our system have full IPv6 support, is built with highest possible security measurements and we're adding new features and services continuously.
Website: bitlc.net[1]
Director: Javier Lopez[2]
Founder: Jim Nelin[3]
The Reality
Funds on the Bit LC platform cold storage were directly accessible to the platform operator. There were no access restrictions preventing the entirety of the customer funds from being transferred away from the platform.
What Happened
The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.
| Date | Event | Description |
|---|---|---|
| January 15th, 2013 3:32:53 PM MST | Website Operating Normally | The BitLC website is captured and appears to be online and operating normally[1]. |
| January 19th, 2013 | Jim Nelin Notices | According to the report on the site, this is when founder Jim Nelin first became aware that the total of all funds was deficient to pay back customers[3]. |
| February 13th, 2013 | Website Notice Published | A notification is published on the bitlc.net website homepage on this date[3], although in one area the date is incorrectly stated as 2012. Erick reportedly "ha[s]n't been in contact with [Jim], anyone [he] know[s,] or tried to sign in to any of our servers for the past 3 months or so." |
| March 2nd, 2013 4:10:15 PM MST | Capture Of Website Notice | The BitLC website is captured with details of the bankruptcy/closure of the BitLC platform[3]. |
Technical Analysis
"This alleged theft was unique in that coins held in the hot wallet were safe, but coins held in a cold wallet compromised. The thief is not expected to have access to the coins regardless, so there was little financial gain from this theft. Erick, allegedly the only one with physical access to Bit LC Inc.'s cold wallet, has failed to communicate and withdraw coins. Bit LC Inc. therefore was required to declare bankruptcy. There is no proof that Erick intentionally stole the coins; indeed, some evidence asserts that he or she may simply have disappeared in some manner."
Total Amount Lost
The total amount lost has been estimated at $51,000 USD.
Immediate Reactions
The Bit LC website displayed a notice shortly after the cold wallet was emptied[3].
Ultimate Outcome
The incident was ultimately included in the BitcoinTalk forum[4][5].
Total Amount Recovered
There do not appear to have been any funds recovered in this case.
Ongoing Developments
What parts of this case are still remaining to be concluded?
Individual Prevention Policies
No specific policies for individual prevention have yet been identified in this case.
For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.
Platform Prevention Policies
Cold storage needs to be a proper multi-signature wallet with all keys stored completely offline. One person should not hold all the keys, especially an unknown person. There needs to be training in place to ensure that all operators are fully aware of best practices.
Policies for platforms to take to prevent this situation have not yet been selected in this case.
For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.
Regulatory Prevention Policies
No specific regulatory policies have yet been identified in this case.
For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.
References
- ↑ 1.0 1.1 1.2 BitLC Homepage Archive January 15th, 2013 3:32:53 PM MST (Jan 26, 2024)
- ↑ Bit LC - DNB Business Directory (Jan 26, 2024)
- ↑ 3.0 3.1 3.2 3.3 3.4 Bit LC Inc. closing all services, effective immediately - BitLC Homepage Archive March 2nd, 2013 2:40:08 PM MST (Feb 4, 2020)
- ↑ List of Major Bitcoin Heists, Thefts, Hacks, Scams, and Losses [Old] - BitcoinTalk (Jan 28, 2020)
- ↑ List of Major Bitcoin Heists, Thefts, Hacks, Scams, and Losses - BitcoinTalk (Feb 15, 2020)