Bit LC Theft

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Revision as of 17:58, 26 January 2024 by Azoundria (talk | contribs) (Another 30 minutes. About stub moved to technical analysis. All sources integrated. About to prevention, and wrote a new basic description of the case. Introduction, reality, and other sections populated with basic information. Reviewed the website homepage for further information that was available there.)
Jump to navigation Jump to search

Notice: This page is a new case study and some aspects have not been fully researched. Some sections may be incomplete or reflect inaccuracies present in initial sources. Please check the References at the bottom for further information and perform your own additional assessment. Please feel free to contribute by adding any missing information or sources you come across. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Bit LC was a service provider website which offered a mining pool, online wallet, and a bitcoin exchange. On February 13th, 2013, the website went offline claiming that the service was hacked and that all user funds from the cold storage wallet were lost.

About Bit LC

The exchange was reportedly based in Panama. Description from the homepage[1]:

We are a Bitcoin Service Provider offering free and low cost Bitcoin Services, such as a high-end mining pool, online wallet service, bitcoin exchange and a lot more. We're using cutting edge technology to provide you with the best and most secure services available. Our system have full IPv6 support, is built with highest possible security measurements and we're adding new features and services continuously.

Website: bitlc.net[1]


Director: Javier Lopez[2]

Founder: Jim Nelin[3]

The Reality

Funds on the Bit LC platform cold storage were directly accessible to the platform operator. There were no access restrictions preventing the entirety of the customer funds from being transferred away from the platform.

What Happened

The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.

Key Event Timeline - Bit LC Theft
Date Event Description
January 15th, 2013 3:32:53 PM MST Website Operating Normally The BitLC website is captured and appears to be online and operating normally[1].
January 19th, 2013 Jim Nelin Notices According to the report on the site, this is when founder Jim Nelin first became aware that the total of all funds was deficient to pay back customers[3].
February 13th, 2013 Website Notice Published A notification is published on the bitlc.net website homepage on this date[3], although in one area the date is incorrectly stated as 2012. Erick reportedly "ha[s]n't been in contact with [Jim], anyone [he] know[s,] or tried to sign in to any of our servers for the past 3 months or so."
March 2nd, 2013 4:10:15 PM MST Capture Of Website Notice The BitLC website is captured with details of the bankruptcy/closure of the BitLC platform[3].

Technical Analysis

"This alleged theft was unique in that coins held in the hot wallet were safe, but coins held in a cold wallet compromised. The thief is not expected to have access to the coins regardless, so there was little financial gain from this theft. Erick, allegedly the only one with physical access to Bit LC Inc.'s cold wallet, has failed to communicate and withdraw coins. Bit LC Inc. therefore was required to declare bankruptcy. There is no proof that Erick intentionally stole the coins; indeed, some evidence asserts that he or she may simply have disappeared in some manner."

Total Amount Lost

The total amount lost has been estimated at $51,000 USD.

Immediate Reactions

The Bit LC website displayed a notice shortly after the cold wallet was emptied[3].

Ultimate Outcome

The incident was ultimately included in the BitcoinTalk forum[4][5].

Total Amount Recovered

There do not appear to have been any funds recovered in this case.

Ongoing Developments

What parts of this case are still remaining to be concluded?

Individual Prevention Policies

No specific policies for individual prevention have yet been identified in this case.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Cold storage needs to be a proper multi-signature wallet with all keys stored completely offline. One person should not hold all the keys, especially an unknown person. There needs to be training in place to ensure that all operators are fully aware of best practices.

Policies for platforms to take to prevent this situation have not yet been selected in this case.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

No specific regulatory policies have yet been identified in this case.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. 1.0 1.1 1.2 BitLC Homepage Archive January 15th, 2013 3:32:53 PM MST (Jan 26, 2024)
  2. Bit LC - DNB Business Directory (Jan 26, 2024)
  3. 3.0 3.1 3.2 3.3 3.4 Bit LC Inc. closing all services, effective immediately - BitLC Homepage Archive March 2nd, 2013 2:40:08 PM MST (Feb 4, 2020)
  4. List of Major Bitcoin Heists, Thefts, Hacks, Scams, and Losses [Old] - BitcoinTalk (Jan 28, 2020)
  5. List of Major Bitcoin Heists, Thefts, Hacks, Scams, and Losses - BitcoinTalk (Feb 15, 2020)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=Bit_LC_Theft&oldid=5427"