BTER Bitcoin Heist

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Jump to navigation Jump to search

Notice: This page is a new case study and some aspects have not been fully researched. Some sections may be incomplete or reflect inaccuracies present in initial sources. Please check the References at the bottom for further information and perform your own additional assessment. Please feel free to contribute by adding any missing information or sources you come across. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

BTER Logo/Homepage

BTER was a large Chinese exchange platform. In February 2015, the platform suffered a breach of a wallet and lost 7,170 bitcoins. BTER established a partnership with Jua, another company with security expertise, and promised to repay all investors on the platform. BTER eventually closed in 2017, and moved to gate.io. It is believed that repayments continue within the gate.io platform.

This exchange or platform is based in China, or the incident targeted people primarily in China.[1][2][3][4][5][6][7][8][9][10][11][12][13][14]

About BTER

Bter, established in 2012 by Jinan Manwei Information Technology Co., Ltd., is a Chinese Blockchain Assets Trading Platform with a mission to provide safe, efficient, and honest cryptocurrency trading services. Despite facing challenges in 2015 due to a significant security breach, BTER has gradually reopened markets and managed the situation professionally. Operating as a hybrid fiat to crypto and crypto to crypto exchange, Bter supports trading in 100 cryptocurrencies and facilitates transactions with both US dollars and Chinese yuan. The platform prioritizes security measures such as SSL protection, Web Application Firewall, manual withdrawal confirmation, and two-factor authentication with Google Authenticator, with most funds stored in cold wallets[1].

Bter offers a unique trading tool called BterTrader, allowing users to monitor their trading performance, moving averages, and market depth directly from their computer screens. Additionally, Bter provides mobile apps for Android and iOS platforms to enhance user accessibility. The platform supports multiple languages, including Chinese and English, catering to a diverse user base[1].

In terms of fees, Bter boasts some of the lowest commissions in the exchange trading industry, with a 0.2% charge for purchases and sales. It offers an investment program enabling users to earn annual returns of 10-12% without withdrawal fees. Dividends are collected daily, with interest rates ranging from 0.1% to 2% per annum. Bter's fee structure and investment opportunities aim to provide users with cost-effective and lucrative trading experiences[1].

"Bter [was] a Chinese Blockchain Assets Trading Platform established in 2012 by Jinan Manwei Information Technology co., Ltd." "BTER is another of the hybrid fiat to crypto and crypto to crypto exchanges."

"Come with us, change the world!"[15]

Bter.com, a Bitcoin trading platform operated by Jinan Manwei Information Technology Co., Ltd. (a wholly-owned foreign enterprise registered in 2012), ranks first in domestic trading platforms according to Alexa traffic rankings. It adopts:

  • Bank-grade SSL secure connection
  • Offline Bitcoin wallet technology
  • RMB deposits credited within one minute
  • Instant deposit and withdrawal of virtual currency
  • Google Authenticator (two-factor authentication) To ensure the security of users' transaction information and funds, providing a secure, fast, fair, and transparent Bitcoin trading platform for users.
  • Fees: No fees for deposits, low transaction fees, withdrawal fees determined by the withdrawal method, with fast processing.

Homepage: [15]

The Reality

Exchanges have a responsibility to properly secure funds which are held on behalf of users.

Most exchanges store the majority of funds in an offline wallet, which is a wallet that isn't connected to the internet. However, the BTER platform was storing the majority of funds within a managed server infrastructure, which was vulnerable to breaching.

What Happened

The BTER exchange platform suffered a breach to their wallet and lost 7,170 bitcoins.

Key Event Timeline - BTER Bitcoin Heist
Date Event Description
August 15th, 2014 BTER NXT Hack The BTER platform suffers a separate hack, in which NXT tokens are taken.
February 15th, 2015 Hacking Event The cold storage wallet is reportedly breached.
March 10th, 2015 Compensation Announced The company announced that all users will be made 100% whole from what they lost.
October 26th, 2017 3:21:59 AM MDT BTER Shutting Down According to users on BitcoinTalk, the platform is shutting down. The notice indicates that trading will be stopped after October 30th[2].

Technical Details

BTER stored their funds in a single wallet, which, while called a "cold wallet", was not entirely offline and disconnected, being as it was on a managed server.

"Bter says that it managed to trace the stolen 7,170 BTC to a Bitcoin mixer (a cryptocurrency laundering service) called Bitcoin Fog, but hasn’t heard from the company despite repeated attempts to make contact." "The China-based bitcoin exchange Bter has offered a bounty of 720 bitcoins ($170,000) for help chasing 7,170 bitcoins stolen in a suspected cyber-attack."

"Bter suffered a major hack, losing 7170 BTC (US $1 600 000) that had [supposedly] been in cold storage." Their "[m]anaged server was attacked." "A small Bter cryptocurrency exchange was hacked multiple times. Employees of the exchange organized the biggest robbery. In February 2015, 7000 BTC was stolen from a cold wallet. After that, all activities of the company were suspended, and only a few years later, the management of Bter began to withdraw funds from their elements again."

Total Amount Lost

Sources consistently indicate the amount lost as 7,170 BTC[16][17][1], worth either $1.6m USD[1] or $1.75m USD[16][17][18].

The total amount lost has been estimated at $1,750,000 USD.

Immediate Reactions

BTER initially announced a "security check" on their website before ultimately admitting to the significant loss.

Initial Website Announcement

BTER posted an initial announcement on their website, notifying users and the general public that a "security check" was underway and the exchange was temporarily suspended pending another update[16].

"To ensure the safety of other funds, we have taken technical measures to stop and turn off all the virtual currency trading in online wallets in order to do further checks," the firm said in a Chinese-language statement posted to their Weibo page.

Subsequent Announcements

"Digital currency exchange BTER announced that it has lost 7,170 bitcoins, or roughly $1.75 million at press time, in an apparent hack on its cold wallet system."

"The exchange was forced to shut down over the weekend following the theft and investigations by police in China are currently underway."

"Since then, they have reopened, claiming a temporary solution with a permanent fix on the way."

"China-based Bitcoin exchange Bter has announced that it will continue to operate its service and pay back all its users in time, following a cyberattack that saw the company lose $1.75 million in cryptocurrency to hackers."

"To compensate its customers for losses that arose due to the recent breach, Bter will make payments in batches and additionally offer them half a year’s trading fee in proportion to their Bitcoin loss. In addition, all users will be allowed to trade Bitcoin for free for a month on Bter as a show of thanks."

Ultimate Outcome

The BTER platform announced that users would be 100% compensated for their losses. The platform announced a partnership with Jua, which included a 1,000 BTC loan and better security resources to protect the wallets. BTER ultimately closed in 2017 with the crackdown of Chinese authorities on domestic platforms.

Compensation Announcement

"The company officially announced on March 10 that users will be 100% compensated for their losses and that trading will soon resume." “The trading will be enabled soon. Please double check your balances and the price in your existing orders. Please note that the previous BTC balance has been moved to BTC-B which will be used as the reference for compensating our user’s BTC loss. The 100% compensating plan will be revealed soon.”

"BTC-B is the record of BTC we still owe you. It is not a real asset so that you cannot sell it. The fund for repayment is from our trading fee income, which depends on the volume on bter. The BTC trading volume is not large and not much fund has been generated. We will repay the next batch of BTC repayment as soon as we have more fund. Thank you for your patience."

Partnership With Jua.com

"Bter [also] partnered with Jua.com, a Bitcoin wallet service that claims to offer enterprise-class storage, to review the security code on its platform and to rebuild the back-end." "In a post on its reopened website yesterday, Bter said users will be repaid in batches using future profits and a 1,000 BTC interest-free loan from Jua.com." "Alongside the 1,000 BTC loan, which will be provided in exchange for equity in Bter, Jua.com will now handle all the platform’s cold wallet security." "Control of Bter’s hot wallets, used for deposits and withdrawals, will be moved over to Jua.com gradually, the exchange added. The company, which claims to provide enterprise security and storage services for bitcoin companies, runs BW.com, currently bitcoin’s 3rd largest mining pool."

"Although they had a rocky start to 2015 with a severe security breach, they have gradually reopened markets and have dealt with the situation in a professional manner."

Platform Merger Into Gate.io

BTER eventually closed in 2017, and moved to gate.io[18]. It is believed that repayments continue within the gate.io platform.

"BTER closed in 2017." "Following the Chinese central bank’s ban on initial coin offerings (ICOs) and fiat-to-crypto spot trading in 2017, Bter.com closed its domain, rebranded to Gate.io and dropped fiat trading. The exchange shifted its focus to crypto-to-crypto and Chinese yuan over-the-counter (OTC) trading."

"According to the local policy in China, we have to stop the trading markets before Oct.30. Your funds are safe. We will provide your more time for withdrawal. To obtain a better services (very fast deposit and withdrawal), we recommend you login to gate.io with your current account and transfer funds there by following the instructures."

Inclusion In List

The incident was included in the list prepared by Kyle Gibson[16] the Bitcoin Exchange Guide[19], CryptoSec[17], Slowmist[20], and CoinIQ[18].

Total Amount Recovered

The platform ultimately gave affected users balances that were owed to them, which were repaid over time from profits, and discounts on trading. A partnership gave them improved security and a 1,000 BTC loan to speed up the repayment.

Surprisingly, repayments were processed in the respective currencies, and not converted to USD. This contrasts with other recoveries like NiceHash or Bitfinex, which did a USD conversion, and has obviously extended the repayment period considerably.

Ongoing Developments

BTER is continuing to pay back users and investigate the theft of the funds through blockchain forensics.

"They are slowly paying back the missing funds to their users through their fees. Bter has been the victim of two separate hacks in recent times, and have shown a willingness to accept the punishment for their failure and ensure their users are made whole–but will they be able to keep it up? They have a difficult road ahead: they must regrow volume to generate fees to pay their users back with. If they are unable to, they will be in real trouble." Bter said that “all Bter’s future profit shall be used to pay [back] the BTC loss [to] users first until all the lost BTC is paid up.” At the same time, it is offering users one month of free trading on the site “as our thanks for your trust and support.”


"It remains unclear exactly how the BTER cold wallet was compromised."[16]

"Bter says that it managed to trace the stolen 7,170 BTC to a Bitcoin mixer (a cryptocurrency laundering service) called Bitcoin Fog, but hasn’t heard from the company despite repeated attempts to make contact." "The China-based bitcoin exchange Bter has offered a bounty of 720 bitcoins ($170,000) for help chasing 7,170 bitcoins stolen in a suspected cyber-attack."

Individual Prevention Policies

No specific policies for individual prevention have yet been identified in this case.

When using any third party custodial platform (such as for trading), it is important to verify that the platform has a full backing of all assets, and that assets have been secured in a proper multi-signature wallet held by several trusted and trained individuals. If this can't be validated, then users should avoid using that platform. Unfortunately, most centralized platforms today still do not provide the level of transparency and third party validation which would be necessary to ensure that assets have been kept secure and properly backed. Therefore, the most effective strategy at present remains to learn proper self custody practices and avoid using any third party custodial platforms whenever possible.

Store the majority of funds offline. By offline, it means that the private key and/or seed phrase is exclusively held by you and not connected to any networked device. Examples of offline storage include paper wallets (seed phrase or key written down and deleted from all electronic media), hardware wallets, steel wallet devices, etc...

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

A key requirement of cold wallets is that they be stored offline. Any wallet which is accessible from an online or wired system is not, by definition, cold. It appears that BTER did not set up a multi-signature wallet for the funds. This meant that there was only a single key to get breached.

All aspects of any platform should undergo a regular validation/inspection by experts. This validation should include a security audit of any smart contracts, reporting any risks to the backing (of any customer assets, ensuring treasuries or minting functions are properly secured under the control of a multi-signature wallet, and finding any inadequacies in the level of training or integrity of the team. The recommended interval is twice prior to launch or significant system upgrade, once after 3 months, and every 6 months thereafter. It is recommended that the third party performing the inspection not be repeated within a 14 month period.

All wallets, minting functions, and critical infrastructure should be implemented with a multi-signature requirement, with a recommended minimum of 3 signatures required. This means that making important changes or approving spending will require the keys held by at least 3 separate individuals within the organization to approve. The multi-signature should be implemented at the lowest layer possible, all key holders should have security training, and all key holders should be empowered and encouraged to exercise diligence.

Work with other industry platforms to set up a multi-signature wallet with private keys held separately by delegate signatories from seven prominent platforms and services within the industry. Establish requirements for contributions by all platforms and services, designed to be affordable for small platforms yet large enough to cover anticipated breach events. Any breach event can be brought forth by a member platform or a petition of 100 signatures for consideration by the delegate signatories. A vote of 4 or more delegate signatures is required to release any funds, which could partially or fully restore lost funds based on their assessment.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

All platforms should undergo published security and risk assessments by independent third parties. Two assessments are required at founding or major upgrade, one after 3 months, and one every 6 months thereafter. The third parties must not repeat within the past 14 months. A risk assessment needs to include what assets back customer deposits and the risk of default from any third parties being lent to. The security assessment must include ensuring a proper multi-signature wallet, and that all signatories are properly trained. Assessments must be performed on social media, databases, and DNS security.

Set up a multi-signature wallet with private keys held separately by delegate signatories from seven prominent platforms and services within the industry. Establish requirements for contributions by all platforms and services within the country, designed to be affordable for small platforms yet large enough to cover anticipated breach events. Any breach event can be brought forth by a member platform or a petition of 100 signatures for consideration by the delegate signatories. A vote of 4 or more delegate signatures is required to release any funds, which could partially or fully restore lost funds based on their assessment.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. 1.0 1.1 1.2 1.3 1.4 1.5 BTER Exchange: Fees, Review, Coins - BitcoinWiki (Aug 9, 2021)
  2. 2.0 2.1 BTER.com is shutting down - BitcoinTalk (Aug 9, 2021)
  3. BTER - Bitcoin Wiki (Aug 9, 2021)
  4. Bitcoin Exchange Bter Will Pay Back Users After Losing $1.75m (Aug 9, 2021)
  5. Bter Teams with JUA.com to Upgrade Security, Repay Victims of Recent Hack - Bitcoin Magazine: Bitcoin News, Articles, Charts, and Guides (Aug 9, 2021)
  6. BTER back online, to compensate users’ for Bitcoin loss (Aug 9, 2021)
  7. Cryptocurrency round-up: Bitcoin cellphone remittance and 720BTC bounty for Bter exchange (Aug 9, 2021)
  8. Bter to Return 'Hacked' Funds Following Security Partnership (Aug 10, 2021)
  9. Gate.io Raises $64 Million for Launch of New Exchange Cryptocurrency - CoinDesk (Aug 10, 2021)
  10. [SCAM] bter.com now gate.io (Aug 10, 2021)
  11. Bter closing, forced to stop tradng, Advice needed (Aug 10, 2021)
  12. BTER is closing, and it's not letting me withdraw $10 worth of BTC : CryptoCurrency (Aug 10, 2021)
  13. Bter.com: "The stolen BTC payback plan" : Bitcoin (Aug 10, 2021)
  14. BTER Claims $1.75 Million in Bitcoin Stolen in Cold Wallet Hack (Dec 14, 2021)
  15. 15.0 15.1 BTER Homepage Archive February 1st, 2015 11:01:26 PM MST (Feb 21, 2024)
  16. 16.0 16.1 16.2 16.3 16.4 100 Crypto Thefts: A Timeline of Hacks, Glitches, Exit Scams, and other Lost Cryptocurrency Incidents - Kyle Gibson (Jan 25, 2020)
  17. 17.0 17.1 17.2 The Complete List of Crypto Exchange Hacks - CryptoSec (May 11, 2021)
  18. 18.0 18.1 18.2 30+ Cryptocurrency Exchange Hacks - A Comprehensive List - CoinIQ Archive October 15th, 2022 10:38:39 PM MDT (Aug 9, 2021)
  19. Bitcoin Scams and Cryptocurrency Hacks List - BitcoinExchangeGuide.com (Mar 5, 2020)
  20. SlowMist Hacked - SlowMist Zone (Jun 26, 2021)

Cite error: <ref> tag with name "hebergementwebs-2324" defined in <references> is not used in prior text.
Cite error: <ref> tag with name "coindesk-2325" defined in <references> is not used in prior text.

Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=BTER_Bitcoin_Heist&oldid=5472"