BTER Bitcoin Heist

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Revision as of 18:51, 15 February 2023 by Azoundria (talk | contribs)
Jump to navigation Jump to search

Notice: This page is a freshly imported case study from the original repository. The original content was in a different format, and may not have relevant information for all sections. Please help restructure the content by moving information from the 'About' section to other sections, and add any missing information or sources you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

BTER

BTER stored their funds in a single wallet, which, while called a "cold wallet", was not entirely offline and disconnected, being as it was on a managed server.

The wallet was breached. The platform ultimately gave affected users balances that were owed to them, which were repaid over time from profits, and discounts on trading. A partnership gave them improved security and a 1,000 BTC loan to speed up the repayment.

Surprisingly, repayments were processed in the respective currencies, and not converted to USD. This contrasts with other recoveries like NiceHash or Bitfinex, which did a USD conversion, and has obviously extended the repayment period considerably.

BTER eventually closed in 2017, and moved to gate.io. It is believed that repayments continue within the gate.io platform.

This exchange or platform is based in China, or the incident targeted people primarily in China. [1][2][3][4][5][6][7][8][9][10][11][12][13][14][15][16][17][18][19][20][21]

About BTER

"Bter is a Chinese Blockchain Assets Trading Platform established in 2012 by Jinan Manwei Information Technology co., Ltd." "BTER is another of the hybrid fiat to crypto and crypto to crypto exchanges." "The objective of the exchange is to provide safe, efficient and honest services of cryptocurrency trading. BTER is another of the hybrid fiat to crypto and crypto to crypto exchanges. Although they had a rocky start to 2015 with a severe security breach, they have gradually reopened markets and have dealt with the situation in a professional manner."

"Bter is one of the few exchanges working also with fiat money, in this case it is us dollars and Chinese yuan. Trading on the exchange is carried out in 100 cryptocurrencies. This platform is protected by SSL certificate, Web application Firewall, manual confirmation of withdrawal, as well as two-stage authentication with one-time passwords Google. Most of the funds in the system are stored in cold wallets."

"Digital currency exchange BTER announced that it has lost 7,170 bitcoins, or roughly $1.75 million at press time, in an apparent hack on its cold wallet system."

"Bter suffered a major hack, losing 7170 BTC (US $1 600 000) that had [supposedly] been in cold storage." Their "[m]anaged server was attacked." "A small Bter cryptocurrency exchange was hacked multiple times. Employees of the exchange organized the biggest robbery. In February 2015, 7000 BTC was stolen from a cold wallet. After that, all activities of the company were suspended, and only a few years later, the management of Bter began to withdraw funds from their elements again."

"Initially, BTER had posted on its website that a “security check” was underway and that the exchange would be temporarily suspended prior to another update. It remains unclear exactly how the BTER cold wallet was compromised."

"The exchange was forced to shut down over the weekend following the theft and investigations by police in China are currently underway."

"To ensure the safety of other funds, we have taken technical measures to stop and turn off all the virtual currency trading in online wallets in order to do further checks," the firm said in a Chinese-language statement posted to their Weibo page.

"Since then, they have reopened, claiming a temporary solution with a permanent fix on the way."

"China-based Bitcoin exchange Bter has announced that it will continue to operate its service and pay back all its users in time, following a cyberattack that saw the company lose $1.75 million in cryptocurrency to hackers." "To compensate its customers for losses that arose due to the recent breach, Bter will make payments in batches and additionally offer them half a year’s trading fee in proportion to their Bitcoin loss. In addition, all users will be allowed to trade Bitcoin for free for a month on Bter as a show of thanks."

"The company officially announced on March 10 that users will be 100% compensated for their losses and that trading will soon resume." “The trading will be enabled soon. Please double check your balances and the price in your existing orders. Please note that the previous BTC balance has been moved to BTC-B which will be used as the reference for compensating our user’s BTC loss. The 100% compensating plan will be revealed soon.”

"Bter says that it managed to trace the stolen 7,170 BTC to a Bitcoin mixer (a cryptocurrency laundering service) called Bitcoin Fog, but hasn’t heard from the company despite repeated attempts to make contact." "The China-based bitcoin exchange Bter has offered a bounty of 720 bitcoins ($170,000) for help chasing 7,170 bitcoins stolen in a suspected cyber-attack."

"Bter [also] partnered with Jua.com, a Bitcoin wallet service that claims to offer enterprise-class storage, to review the security code on its platform and to rebuild the back-end." "In a post on its reopened website yesterday, Bter said users will be repaid in batches using future profits and a 1,000 BTC interest-free loan from Jua.com." "Alongside the 1,000 BTC loan, which will be provided in exchange for equity in Bter, Jua.com will now handle all the platform’s cold wallet security." "Control of Bter’s hot wallets, used for deposits and withdrawals, will be moved over to Jua.com gradually, the exchange added. The company, which claims to provide enterprise security and storage services for bitcoin companies, runs BW.com, currently bitcoin’s 3rd largest mining pool."

"Although they had a rocky start to 2015 with a severe security breach, they have gradually reopened markets and have dealt with the situation in a professional manner."

"They are slowly paying back the missing funds to their users through their fees. Bter has been the victim of two separate hacks in recent times, and have shown a willingness to accept the punishment for their failure and ensure their users are made whole–but will they be able to keep it up? They have a difficult road ahead: they must regrow volume to generate fees to pay their users back with. If they are unable to, they will be in real trouble." Bter said that “all Bter’s future profit shall be used to pay [back] the BTC loss [to] users first until all the lost BTC is paid up.” At the same time, it is offering users one month of free trading on the site “as our thanks for your trust and support.”

"BTC-B is the record of BTC we still owe you. It is not a real asset so that you cannot sell it. The fund for repayment is from our trading fee income, which depends on the volume on bter. The BTC trading volume is not large and not much fund has been generated. We will repay the next batch of BTC repayment as soon as we have more fund. Thank you for your patience."

"BTER closed in 2017." "Following the Chinese central bank’s ban on initial coin offerings (ICOs) and fiat-to-crypto spot trading in 2017, Bter.com closed its domain, rebranded to Gate.io and dropped fiat trading. The exchange shifted its focus to crypto-to-crypto and Chinese yuan over-the-counter (OTC) trading."

"According to the local policy in China, we have to stop the trading markets before Oct.30. Your funds are safe. We will provide your more time for withdrawal. To obtain a better services (very fast deposit and withdrawal), we recommend you login to gate.io with your current account and transfer funds there by following the instructures."

This exchange or platform is based in China, or the incident targeted people primarily in China.

The background of the exchange platform, service, or individuals involved, as it would have been seen or understood at the time of the events.

Include:

  • Known history of when and how the service was started.
  • What problems does the company or service claim to solve?
  • What marketing materials were used by the firm or business?
  • Audits performed, and excerpts that may have been included.
  • Business registration documents shown (fake or legitimate).
  • How were people recruited to participate?
  • Public warnings and announcements prior to the event.

Don't Include:

  • Any wording which directly states or implies that the business is/was illegitimate, or that a vulnerability existed.
  • Anything that wasn't reasonably knowable at the time of the event.

There could be more than one section here. If the same platform is involved with multiple incidents, then it can be linked to a main article page.

The Reality

This sections is included if a case involved deception or information that was unknown at the time. Examples include:

  • When the service was actually started (if different than the "official story").
  • Who actually ran a service and their own personal history.
  • How the service was structured behind the scenes. (For example, there was no "trading bot".)
  • Details of what audits reported and how vulnerabilities were missed during auditing.

What Happened

The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.

Key Event Timeline - BTER Bitcoin Heist
Date Event Description
February 15th, 2015 12:00:00 AM Main Event Expand this into a brief description of what happened and the impact. If multiple lines are necessary, add them here.

Total Amount Lost

The total amount lost has been estimated at $1,750,000 USD.

How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?

Immediate Reactions

How did the various parties involved (firm, platform, management, and/or affected individual(s)) deal with the events? Were services shut down? Were announcements made? Were groups formed?

Ultimate Outcome

What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?

Total Amount Recovered

There do not appear to have been any funds recovered in this case.

What funds were recovered? What funds were reimbursed for those affected users?

Ongoing Developments

What parts of this case are still remaining to be concluded?

Prevention Policies

A key requirement of cold wallets is that they be stored offline. Any wallet which is accessible from an online or wired system is not, by definition, cold.

In addition, it does not appear that BTER set up a multi-signature wallet for the funds. This meant that there was only a single key to get breached.

References

  1. 100 Crypto Thefts: A Timeline of Hacks, Glitches, Exit Scams, and other Lost Cryptocurrency Incidents (Jan 25, 2020)
  2. Bitcoin Scams and Cryptocurrency Hacks List - BitcoinExchangeGuide.com (Mar 5, 2020)
  3. SlowMist Hacked - SlowMist Zone (Jun 25, 2021)
  4. The Complete List of Crypto Exchange Hacks - CryptoSec (May 10, 2021)
  5. A huge list of cryptocurrency thefts (Aug 8, 2021)
  6. Hackers Steal $1.65 Million in NXT from BTER Exchange (Aug 8, 2021)
  7. 30+ Cryptocurrency Exchange Hacks - A Comprehensive List (Aug 8, 2021)
  8. BTER Exchange: Fees, Review, Coins - BitcoinWiki (Aug 8, 2021)
  9. BTER.com is shutting down (Aug 8, 2021)
  10. BTER - Bitcoin Wiki (Aug 8, 2021)
  11. Bitcoin Exchange Bter Will Pay Back Users After Losing $1.75m (Aug 8, 2021)
  12. Bter Teams with JUA.com to Upgrade Security, Repay Victims of Recent Hack - Bitcoin Magazine: Bitcoin News, Articles, Charts, and Guides (Aug 8, 2021)
  13. BTER back online, to compensate users’ for Bitcoin loss (Aug 8, 2021)
  14. Cryptocurrency round-up: Bitcoin cellphone remittance and 720BTC bounty for Bter exchange (Aug 8, 2021)
  15. Bter to Return 'Hacked' Funds Following Security Partnership (Aug 9, 2021)
  16. Gate.io Raises $64 Million for Launch of New Exchange Cryptocurrency - CoinDesk (Aug 9, 2021)
  17. [SCAM] bter.com now gate.io (Aug 9, 2021)
  18. Bter closing, forced to stop tradng, Advice needed (Aug 9, 2021)
  19. BTER is closing, and it's not letting me withdraw $10 worth of BTC : CryptoCurrency (Aug 9, 2021)
  20. Bter.com: "The stolen BTC payback plan" : Bitcoin (Aug 9, 2021)
  21. BTER Claims $1.75 Million in Bitcoin Stolen in Cold Wallet Hack (Dec 14, 2021)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=BTER_Bitcoin_Heist&oldid=1931"