A moderator of the chat at BTC-e known as “Dev” indicates that a malicious entity was able to deposit fake Liberty Reserve funds, and use them to purchase Bitcoins. The moderator went on to state that “they [were] able to withdraw [a] small amount of BTC on our bitcoin server”. The exact amount is still unknown. The European Bitcoin exchange intends to perform a rollback on the fraudlent deposits and resulting trade transactions at around 7:10 AM GMT 7/31/12.
Quick tabulations based on volume reported by Bitcoin Charts indicate around 63,500 Bitcoins have been fraudulently purchased at prices of up to $99/coin. With MtGox prices still hovering around $9.30/coin, such a differentiation in price has already caused panic on the exchange, with many users hovering on the website’s chat, trying to ensure that their funds are safe.
As of 7:34 AM GMT, a rollback of the fraudulent transactions has not yet been performed. More updates to come.
[UPDATE 7/31/12 4:12 PM GMT]
BTC-e officially confirms that their Liberty Reserve API key was compromised, leading to the falsification of funds on the exchange. Approximately 4,500 bitcoins were actually withdrawn and stolen by the attacker. The exchange will cover the stolen funds, remain open, and, according to BTC-e, all transactions performed after 12:00 AM GMT were reverted.
While BTC-e is still working on finalizing legitimate user account balances, they expect new trading and depositing should be available within 1-2 days.
[UPDATE 8/2/12 6:05 AM GMT]
BTC-e has opened back up for trading as of 15:10 GMT on 7/31/12.
Were you affected by the attack? Post your comments below, or send your story to ed@bitcoinmagazine.net.
