Two Bitcoin related websites were hacked, namely Btc-E.com and Bitcointalk.org
Summary Two Bitcoin related websites were hacked, namely Btc-E.com (a Bitcoin exchange acting similar to a foreign currency exchange) and Bitcointalk.org (the largest Bitcoin discussion forum in the world). Bitcoin […]

HEROIC Cybersecurity

July 30, 2024

Summary

Two Bitcoin related websites were hacked, namely Btc-E.com (a Bitcoin exchange acting similar to a foreign currency exchange) and Bitcointalk.org (the largest Bitcoin discussion forum in the world). Bitcoin is a cryptocurrency with irreversible payments and can transact anonymously meaning if these users get their online wallets hacked via password re-use they can potentially lose hundreds of thousands of dollars worth of fiat money in Bitcoin with zero chance of recovering it.

Recently $65 million USD worth of Bitcoin was hacked from another exchange though we haven’t seen any news about Btc-E.com losing all customer’s coins (yet).

BTC-E.com

Btc-E.com had 568,355 users hacked in October of 2014

Btc-E.com data contains usernames, emails, passwords, ip addresses, register dates, languages and some internal data such as how many coins the user had.

They used some unknown password hashing method which currently makes their passwords completely uncrackable although that may change. This is good because if the passwords were easy to crack, hackers could log into the exchange and start stealing members Bitcoins.

Bitcointalk.org

Bitcointalk.org had 499,593 users hacked in May of 2015, and they do know about the breach

Bitcointalk.org data contains usernames, emails, passwords, birthdays, secret questions, hashed secret answers and some other internal data.

We are pleased to announce that only 44,869 (9%) of users on Bitcointalk.org used MD5 hashing with a unique salt for passwords. Of those, we have cracked 30,389 or 68%. The remaining 91% of user passwords were hashed with “sha256crypt” and it would take us about a year to crack an estimated 60-70% of them. This method of password storage is far superior to nearly every website we’ve seen thus far.

There isn’t too much more to write about these two breaches other than to publicize their existence so users can change their passwords and protect their cryptocurrency. A simple Google search of “Btc-e hacked” reveals many users are complaining that their coins are being stolen so perhaps someone out there knows how the passwords were encrypted. Even if nobody knows, having a list of every registered user at the time is valuable to check for password re-use with other mega breaches.

Anyone may use any information on this page for free provided LeakedSource is given credit and a direct link back.

You may search for yourself any of the leaked databases by visiting our homepage. If your personal information appears in our copy of this database, or in any other leaked database that we possess, you may remove yourself for free.

Get Early Access to the Guardian Platform

HEROIC is close to launching our next-generation platform where you can search, secure, and monitor all of your identities. To be the first in line, simply insert your email and you'll be added to the list

Please correct the marked field(s) below.

Be the first to know when we launch

HEROIC is still under development, but we are well underway. We estimate launching in early 2024. Subscribing lets you know when we launch, and how you can be the first to reserve your HERO's (special currency specific to the platform).

Sign Up for Our Newsletter

Email marketing by Interspire