Bitcoin Dodges Wallet Breach but Attack Claims VeriCoin Victims

Rate this post

NEW YORK (InsideBitcoins) — The latest attempt to steal Bitcoins from a wallet was foiled but VeriCoin (VRC), a self-described “fourth generation” digital currency, saw millions stolen in a breach reported Sunday by MintPal.

VeriCoin developers are mitigating the damage with a rollback of the blockchain – a so-called “hard fork” — effectively a “system restore” to a period in time prior to the attack.

“We have been working with the VRC developers and all major exchanges to hard fork the coin at a position before the attack,” a MintPal statement said. “This will allow us to retrieve the stolen coins and facilitate all withdrawals. We are also working with various exchanges to accommodate any losses they may encounter as a result of the required fork.”

MintPal says the blockchain reversal is “something never before done by a cryptocurrency” but was “not done out of a desire to save MintPal, but rather a desire to save [consumers’] coins.”

The London-based exchange says that Bitcoin and LiteCoin currencies were also targeted in the attack but those withdrawal attempts were unsuccessful because of “far more stringent cold storage methods on those wallets.”

“Cold storage” refers to currencies kept offline — not accessible to the Internet through web servers or computers — in order to minimize the threat of theft. Cold storage can include data placed on a USB drive or encrypted data placed in another offline physical location.

“We did have cold storage set up for VRC, however in this instance, due to an error for which only we can be accountable, we had transferred far fewer coins than was required, resulting in a large proportion of coins being left in the hot wallet,” MintPal admitted.

“The malicious user was able to inject a withdrawal request directly into our database bypassing the risk control measures that we have in place. We have found no evidence that our server infrastructure was directly accessed in the attack,” the company added. “We have absolutely no reason to believe that any of your personal information was taken.”