科技回声

9 条评论

devit超过 9 年前

1. CFO is using Gmail without 2-factor authentication2. CFO enters his Google credentials on a random website3. CEO takes CFO e-mail as valid without checking for the existence and verifying a PGP signature4. CEO sends Bitcoin for an existing customer to a new address he got by e-mail rather than to the established oneOn the positive side, the CEO eventually sought confirmation from the customer.

iLoch超过 9 年前

So many screw ups here because of bad or no company policy. It's hard to feel bad for these guys. No live/voice confirmation between the CEO and CFO during the transfer of $700,000 worth of Bitcoins? No confirmation with the purchaser? No two factor authentication on their Google accounts?Sorry for your loss BitPay, but that's on you.

评论 #10233972 未加载

dbot超过 9 年前

The legal case about whether the insurer must pay the claim is pretty interesting. The insurer's position is that hack was pure social engineering and that no systems were compromised - everything operated as it should.That's correct, but the effect was the same as a system hack.

评论 #10233926 未加载

评论 #10234771 未加载

评论 #10233886 未加载

weavie超过 9 年前

You would have thought they would have had systems in place to ensure that it would take more than just a simple email from the boss to transfer thousands of bitcoins.

评论 #10233992 未加载

em3rgent0rdr超过 9 年前

I've used bitpay and liked their service. Seems like these social engineering hacks can happen to most anyone. Although Im suprised such emails wouldnt require a two-factor authenitication or at least a PGP-signature.

评论 #10234268 未加载

评论 #10234122 未加载

Axsuul超过 9 年前

Been going through their compliance process recently and all of a sudden no response. Looks like they have their hands full. Can anyone recommend any alternatives to BitPay?

评论 #10234348 未加载

jostmey超过 9 年前

Theft has been a recurring problem with bitcoin and everyone ends up blaming the users or the institutions.

评论 #10234031 未加载

评论 #10234102 未加载

评论 #10234384 未加载

mindcreek超过 9 年前

I don't believe the story.

snitko超过 9 年前

I know it's kind of sad and I honestly wish all the luck to the BitPay guys - it's not an easy situation. However, this is why we've built Mycelium Gear: we don't hold merchant's money at all and anyone who wants to accept Bitcoin and cares about privacy and security should consider using it: <a href="https://gear.mycelium.com" rel="nofollow">https://gear.mycelium.com</a>

评论 #10234070 未加载

9 条评论

devit超过 9 年前

iLoch超过 9 年前

评论 #10233972 未加载

dbot超过 9 年前

评论 #10233926 未加载

评论 #10234771 未加载

评论 #10233886 未加载

weavie超过 9 年前

You would have thought they would have had systems in place to ensure that it would take more than just a simple email from the boss to transfer thousands of bitcoins.

评论 #10233992 未加载

em3rgent0rdr超过 9 年前

评论 #10234268 未加载

评论 #10234122 未加载

Axsuul超过 9 年前

Been going through their compliance process recently and all of a sudden no response. Looks like they have their hands full. Can anyone recommend any alternatives to BitPay?

评论 #10234348 未加载

jostmey超过 9 年前

Theft has been a recurring problem with bitcoin and everyone ends up blaming the users or the institutions.

Bitcoin Payment Processor BitPay Loses $1.8M in Phishing Hack

9 条评论

Bitcoin Payment Processor BitPay Loses $1.8M in Phishing Hack

9 条评论