After a string of heists affecting dozens of different online exchanges, including MtGox in Japan and Poloniex in Great Britain who both suffered devastating losses at the coding fingers of a handful of skilled hackers over the past several months, the latest attack has taken place in Canada.
The most recent exchange to take a hit is a smaller trading floor based out of Ottawa, Canada, dubbed (somewhat uncreatively so); Canadian Bitcoins. The heist itself actually took place back on October 1st, 2013, when an unknown hacker had an online chat with a representative from former server provider Granite Networks and claimed to be the owner of the service, James Grant.
Now, normally it’s at this point in the story where you’d expect the chat support employee to request that the person on the other side of the screen verify they were in fact the real James Grant, but this time around, that didn’t happen. Instead of asking for a social security or account number, the representative simply took the hacker at their word, and authorized the server reset that gave him a chance to break in without any hesitation.
Instead of relying on the raw firepower of a botnet to overload the server, the intruder was able to utilize basic social engineering techniques to quietly and calmly walk out the front door with a small fortune in cryptocurrency without anyone becoming the wiser until it was already too late.
After fooling the support rep, the hacker drained Grant’s wallet of nearly $100,000 in Bitcoin (149.94 to be exact) in a single, massive transaction that bankrupted the previous owner in a matter of mere seconds. Conversely, when Grant personally called in to prove that it was his wallet that had been compromised, he was forced to go to the physical location of the server itself and pass through a number of high-level security checks before he could actually get to the cage where the rack was being held under lock and key.
No one is ready to take the entire brunt of the blame for this problem just yet, with Rogers (the telco who purchased Granite back in September) pinning the largest share of culpability on the shoulders of Granite Networks, and Granite claiming it was the fault of the representative who didn’t follow standard authentication conduct during the original chat which started the whole mess.
What makes this case interesting in particular is not once during the entire two-hour long conversation was the person on the other side asked to verify his identity, and after the server reset the unknown hacker was able to gain full access to the Bitcoin wallet of Grant without raising any alarms of suspicion along the way.
A relatively canned, official statement from Rogers attempts to clear up any confusion on the matter.
“Rogers Data Centres provides the highest level of security in the Canadian data centre industry. Its security protocol is operationally certified and in accordance with industry best practices. We have reviewed our security processes and continue to work with our customers to make sure they take advantage of all of our security features.”
Maybe once more cases like these start to pop up, the companies responsible for keeping these wallets safe will invest in a support staff that is capable of understanding the threat these types of attacks present, and know how to respond when the moment arises.
Rogers told the press they have compensated Grant for his losses, however he claims the sum was nowhere close to the actual amount lost, and has considered pursuing the underfinanced funds through legal action if the company refuses to reimburse him soon.