National News

Hacker stole $83K in bitcoins: cyber experts

By Ethan Lou, The Canadian Press

A hacker with access to a Canadian Internet provider hijacked net traffic from large foreign networks to steal more than US$83,000 in virtual currency over a four-month period, a cyber security company said Monday.

Researchers with the U.S.-based Dell SecureWorks said the hacker's attack started last February and stopped in May, after the Canadian Internet service provider (ISP) was notified.

Joe Stewart, director of malware research at SecureWorks, said the hacker targeted firms that hosted servers generating virtual currencies such as Bitcoin — including Amazon in the U.S. and OVH in France — and redirected some activity.

"We were able to track the origins to a Canadian ISP," he told The Canadian Press from Las Vegas, where he was attending a computer security conference.

"Someone had access to a router at that ISP. It had to be someone who managed to hack into that router and gained administrative rights, or someone who already had access."

Stewart said the hacker likely works alone, and could be a former or then-current employee of the ISP.

Pat Litke, another security researcher at SecureWorks, said the firm is "fairly confident" the attacks came from Canada, but the hacker may be based elsewhere.

"To execute the cyberattack, you literally can be anywhere in the world, as long as you have privileged access," he said.

According to SecureWorks, a total of 51 networks from 19 other ISPs were "compromised" in the attack, which also netted the hacker a few dollars in another virtual currency, Dogecoin.

Bitcoins are produced through using programs to solve complex algorithms — dubbed "mining" — a process which also validates the currency's transactions.

Stewart said he noticed the hacking in March when he realized his personal mining — done through one of the affected servers — had been hijacked, and notified the Canadian ISP in May, after which the "malicious activity" stopped.

SecureWorks did not go to the authorities, and it is not immediately known what further steps the ISP has taken.

A spokeswoman for SecurityWorks said the Canadian ISP will not be publicly identified, as is company policy.

Anthony Di Iorio, executive director of the Bitcoin Alliance of Canada, said those affected will likely never recover their bitcoins from the hacker.

"He's pretty good at covering his tracks," Di Iorio said. "The chance of prosecution is very low."

He added that the incident indicates an issue with cyber crime in general, though not necessarily Bitcoin itself.

"This was a security flaw with third-party services," he said.

"People use cash every day and lose cash. There's nothing you're going to be able to do to get it back."

South of the border, federal regulators warned consumers Monday about the risks of using virtual currencies.

The Consumer Financial Protection Bureau issued an advisory warning, saying the currencies are not backed by the government, have volatile exchanges rates and are targeted by hackers and scammers. And unlike bank accounts, Bitcoin-based deposits are not federally insured.

We encourage an open exchange of ideas on this story's topic, but we ask you to follow our guidelines for respecting community standards. Personal attacks, inappropriate language, and off-topic comments may be removed, and comment privileges revoked, per our Terms of Use. Please see our FAQ if you have questions or concerns about using Facebook to comment.

You might like ...

Hydro power switched on in the Iskut area
 
B.C.-only wines to come to some grocery stores
 
Charges laid in fatal hit-and-run
Woman rushed to hospital after train and car collision
 
Surrey boy, 3, struck and abandoned
 
Lack of addiction treatment flagged by crime panel
Lava slows but still on track to hit Hawaii market
 
Surrey RCMP officer to stand trial on multiple gun charges
 
Terrace to consider fulltime bylaw officer

Community Events, December 2014

Add an Event

Read the latest eEdition

Browse the print edition page by page, including stories and ads.

Dec 19 edition online now. Browse the archives.