Redacted Statement
Apologies are needed in my haste to report i had mistaken some key details,
The active side in this is Coinbase
The passive sides are Huobi Bittrex Polo
Im told by @collapzcursed Twitter that Coinbase is where the transactions came from and are going to Bittrex Huobi Poloniex.
Here is what Coinbase said on the matter via : collapzcursed
Sorry again if my incorrect information inconvenience anyone.
I have struck out the incorrect information and removed some screens/images from this post.
There has been a recent replay attack occurring with Poloniex and Coinbase,
It is advised to move coins from Poloniex and Coinbase as soon as possible.
A replay attack (also known as playback attack) is a form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and re-transmits it, possibly as part of a masquerade attack by IP packet substitution.
Another way of describing such an attack is: "an attack on a security protocol using replay of messages from a different context into the intended (or original and expected) context, thereby fooling the honest participant(s) into thinking they have successfully completed the protocol run.
What is a Bitcoin Replay Attack: The Merkle
Tx ids Showing some transactions relating to.
A TXID (Transaction ID) is basically an identification number for a bitcoin transaction.
4.44110abfd91e9276bbb43ca7fe5edc4c1ab494caeeee17e3585737a915359a27
5.c8c7eef7ad324a5938d3b2d2f1f16dfc8ecfdbed2379808bc2e6f779cbdf92aa
6.d7f879377e71e6fb7e0565ab8f303ac6417d005d3142ed279fa5649efa901132
7.77a9d5b61bc4e5b965b4ce99ee43e11f5a1c428ac6786a6117d4de0f725d984b
What this means for funds on poloniex
Someone managed to use an exploit on Poloniex's ability with broadcasting of Bitcoin transactions to new wallets from Coinbase generating multiples of the same stealing funds.
The transactions originated from Coinbase wallets.
At this time is unknown how much was taken or how many users were effected.
It is advised to move funds to another wallet or exchange.
its always safest to use your own personal wallet and to keep your private keys safe and backed up.
If you are using an exchange to trade i would suggest:
I would also like to warn against depositing to Kraken at this time due to withdrawals being delayed and support is under heavy backlog.
Update
It seems both Coinbase and Poloniex could be comprised,
with funds coming out of multiple wallets Poloniex to a wallet owned by Hacker group The Shadow Brokers,
This is a hot wallet used by Poloniex for unspent transactions
12cgpFdJViXbwHbhrA3TuW1EGnL25Zqc3P
Also it seems Coinbase stopped responding to support emails.
Mention of coinbase stopping accepting emails on support
Discovery of Hacker wallet.
The offending users wallet 12cgpFdJViXbwHbhrA3TuW1EGnL25Zqc3P
This wallet belongs to the Shadow Broker Hacker Group
Is a Hot Wallet owned by Poloniex for unspent transactions.
There isn't any confirmation from either Coinbase or Poloniex on the matter at this time will update post as soon as more information is available.
Any idea how much poloniex lost?
no idea,
There hasn't been any statement from Poloniex or Coinbase yet and withdrawals are continuing so far.
is around 214 BTC lost from the TX id's shown.
................. wtffff that's not a small amount almost a million, sooo can't people just use other crypto's that's so stupid, just withdraw ltc, eth, any of the eth derivatives. .....
i didnt say it was small or big just the amount i can see from tx ids,
yes you can withdraw others i was suggesting to move from the exchange altogether,
because i think once this is fully realized withdrawal of many coins will be "temporarily" disabled
what does coinbase have to do with poloniex? i dont quite understand yet
They have no connection,
its specifically concerning the configurations of the fresh Coinbase wallets and an exploit on the Poloniex side that one user managed to use to withdraw the same transaction multiple times
yeah re-read it after coffee, i get it now ;)
good post!
thanks but was my bad hadn't formatted properly with line breaks or explained in full,
it has been amended :)
oh so it's fine just polo getting trashed :( at least it's not getting users to loose everything.
what do you mean getting trashed?
This was first based on tweet from crypotcobain on twitter, you can review txids for the suspicious enmass transactions ending in a wallet belonging to the Shadow Brokers hacker group.
Argh: Very bad news. Hurts the whole cryptocurrency scene. Because mainstream will state: "See - it's no good/secure/etc. Let's stay with FIAT."
I dont think will be of too much effect on the perception of the network or the faith in Bitcoin as the problem has been identified and future development would factor the possibility of this happening again,
bolstering security in the network/wallets/exchanges with protocols etc. that would reduce or prevent future recurrence.
In terms of mainstream, most see dollars signs and without knowing about blockchain wouldn't be here or there on whatever risk a possible flaw could have big or small.
Maybe you are right… Mainstream does not read those news or: Remember them long enough to make them think about blockchain in detail.
Wow. I heard via SteemPh Discord. Thanks for the explanation. Sounds scary!
This post received a 20% vote by @minnowsupport courtesy of @kingscrown from the Minnow Support Project ( @minnowsupport ). Join us in Discord.
Upvoting this comment will help support @minnowsupport.
thank you @kingscrown and @minnowsupport
Thanks @isacoin . I'm a little worried having much on polo !
Disclaimer: I am just a bot trying to be helpful.
less liquidity on poloniex leads to locally falling prices which makes arbitrage trading interesting...
I only claim
why would you suggest moving coins to Poloniex with this ongoing for any reason?
I'm sure they're will be many discounts and premiums on coins to attract users,
But at the cost of security is it worth the small gains.
Ah, sorry. I didn't want to. I was just saying that this also could be fake news since i haven't found official statements from poloniex. Same as happening with China at the moment...
I just made a post about Poloniex before read this post. Now I know that I've lost my money
Thanks for the info!!
Really lucky that I use Bittrex :)
The address is generated on coinbase which means this shady group of cyberhackers known as the shadow brokers is stealing millions of dollars into a coinbase account, which means they are comitting numerous federal felonies and money laundering to the most AML/KYC compliant business in all of the cryptocurrency ecosysstem. And their IDs have not been verified by coinbase, and their accounts not locked.
I mean I regularly read stories about people who send BTC to their friends who then use it to buy soft porn and then whose coinbase accounts get locked immediatly, but coinbase lets this go on right under their noses.
I call bullshit on the whole story, and if it is happening, coinbase is going to get the money back to polo in short order, and also, $4M is nothing to polo.
Not that any of that is relevant, because they whole fud attempt sounds like complete bullshit and there isn't even a sensible explanation about how it works.
yes is questionable practices no doubt with Coinbase supposed to be the most compliant with regulations and having insured funds.
what most gives credence to this story is the moving of funds between so many accounts on Poloniex and new accounts from Coinbase with portion returning to Poloniex again.
also the users who tweeted this are experienced long term crypto people,
i know cryptocobain really goes off sometimes but has been correct on multiple occasions mt gox mintpal cryptsy to name a few.
If it was known precisely how is happening Im sure many would be doing the same,
only ones who would know for sure are would be dev teams at Coinbase and Poloniex
I dont know what kind of explanation you would like,
The txids and wallet address are there for review also the tweets i found relating to the story.
Thanks for tips, I'm worried about the matter.
As far i can see, i don't see any reasonable proof.. You can still deposit and cashout from polo.
i dont see that as proof there is no problem,
am currently speaking with CFO on twitter and activity seems even more questionable
Thanks for the update. It's a good thing I don't use either of those services :P
Thanks for the heads up... Keep those tokens OFF of exchanges!!