It was well known that SilkRoad used to be the place to go when you wanted to buy illegal drugs online completely anonymous. After they were closed down, SilkRoad 2.0 emerged and has been the place to go for the same crowd to buy their illegal substances. Last night however, the users that wanted to go into the market place and see if they could buy or sell, got a bad surprise.
“I am sweating as I write this…I must utter words all too familiar to this scarred community: We have been hacked,” an administrator known as “Defcon” wrote and continued:
“Our initial investigations indicate that a vendor exploited a recently discovered vulnerability in the bitcoin protocol known as ‘transaction malleability’ to repeatedly withdraw coins from our system until it was completely empty.”
While Defcon did not disclose the exact amount of Bitcoins stolen in the attacks, Nicholas Weaver who is a researcher at the International Computer Science Institute told Forbes that he expects the numbers to be around 4,400 coins, worth around $2.2-$2.6 million.
“Stop at nothing to bring this person to your own definition of justice,” Defcon ended in his original statement.
The loss of the Bitcoin has been blamed on a Bitcoin protocol bug that MtGox also blamed last week for halting their withdrawals, but this is not something that the users of SilkRoad 2.0 believes. The users referred to long term claims from security experts who asserts that transaction malleability is not a large enough problem to be able to steal such a massive amount.
The users began to turn towards Defcon and claim that he was involved in the major theft. Defcon denied being involved in the theft:
“I didn’t run with the gold,” Defcon said. “I have failed you as a leader, and am completely devastated by today’s discoveries…It is a crushing blow. I cannot find the words to express how deeply I want this movement to be safe from the very threats I just watched materialize during my watch.”
SilkRoad 2.0 is far from the first place to have Bitcoins stolen from the users, the same happened on Sheep Marketplace, where an admin exploited a security issue and stole upwards of $6 million worth of Bitcoins. The users on the original SilkRoad also got their Bitcoins confiscated when the FBI closed it down in October.