Unfortunately, those of a criminal nature (usually theft) often do not care who their targets (victims) are, whether they be little old grannies, or your local Bitcoin self made millionaire.
Roger Ver (“Bitcoin Jesus”) recently became the target of a hacker, and not of the nice variety of hackers out there. He quickly posted a reward for the apprehension of the hacker who was trying to access his emails, accounts and personal information.
As a very successful bitcoin entrepreneur from pretty much what is currently referred to as ‘the early days’, it can be seen that Roger Ver is a likely target for such behaviour.
However, through his quick independent actions of offering an award, he has since stated via Coindesk that the situation has been resolved.
An email address and Facebook account I don’t use anymore were hacked, but it started to spread until I told him I’m offering a $20k bounty for his arrest, then he gave up and gave me the password to all the hacked accounts. I’ll post all the details once I finish locking everything down.
Security In Bitcoin As Security In All
At this point it behoves us to remind our readers that best security practices should not just be implemented in Bitcoin and your wallet software (or incoming hardware) – that security practices should be used where attackers can gain access to such things as your important email addresses, social media accounts, wallet providers and especially your Bitcoin wallet.
2-Factor Authentication (2FA) is generally cried out as a must in the Bitcoin sector. It never used to be available for email accounts, yet email providers are catching up and most now provide 2FA in the form of Google Authenticator or via sending a text message to your mobile phone.
What Is 2FA
2FA can be in a variety of forms.
Google Authenticator is an app that you can download for your mobile and synchronizes random numbers to act as a ‘key’ for the service you have linked it to.
- Commonly used.
- Easy to setup.
- Be aware of time zone changes may result in unsynchronized ‘key numbers’.
Mobile texting is another form of 2FA, whereby the site you are trying to access will send you a text to your linked mobile phone, usually of a 5-6 digit number that you will have to enter within a certain period of time.
- Easy to setup.
- Not as commonly used.
- Sometimes texts can be delayed.
Emails are another form of 2FA and can be layered with other forms of 2FA. For example, having your account require a password that is sent to your email address, and then also requiring your Google Authenticator code.
- Can be layered with Google 2FA or mobile text 2FA to provide extra security.
- Email address used may also have 2FA activated (possibly from an alternative phone).
- A lot of email accounts are created (by default) to not have 2FA activated.
- If you are using only an email 2FA for your more security conscious sites (wallet holders/exchanges), you may have to activate your email 2FA.
Though email 2FA provide an extra layer of protection, an account protected only by email 2FA (with no 2FA activated for the email account itself) is in fact only protected by your email password, if an attacker brute forces your email password then they will be able to access your ‘email 2fa protected’ account.
Weakest To Strongest
Email > Mobile Text > Google Authenticator > Email + Google Authenticator/Mobile Text.
It is important to remember, that depending on how you have setup your security, someone gaining access to one of your email or social media accounts may then use these to access one of your financial accounts – or at the very least, use your name to steal from others.
In Roger Ver’s case it could quite easily be argued that setting up ‘Honey Pots’ is an excellent way to give yourself warning that an attacker has you in their crosshairs.
Your password is your first line of defence. A small (few characters) simple password can be brute forced by an attacker; it is generally recommended that your password be at least 15 characters, contain numbers and symbols and a mix of lower and upper cases, and do not use whole words.
Defined as easier to hack/access than your more important accounts. When these are broached you have clear warning that someone is targeting you.
Bitcoin.org offers some very sound advice with regards to your bitcoin security, which can be found here: https://bitcoin.org/en/secure-your-wallet.
And of course, cold storage via USB sticks, CDs, paper wallets, floppy disks and whatever else you can imagine is always highly recommended. Best practices for security does not stop at the financial/final destination, it only starts from there.
More details of Mr Ver’s case can be found via the following reddit post – http://en.reddit.com/r/Bitcoin/comments/26d79c/roger_ver_hacking_incident_full_details_376_btc/.
The BlueCoin Phenomenon
BlueCoin is very serious about their chosen theme. Taking cue from the cultural antics of the Dogecoin community, the founders of BlueCoin have been trying to give it something of a personality. They announced an official BlueCoin afterparty to ...read more
Ripple Labs CTO Designs Smart Contracts
Stefan Thomas is one of the more talented and respected developers in the space. An old hat at this young technology, he has been making waves as the CTO of Ripple labs. In a recent effort he has set ...read more
American court stops Mt. Gox from auctioning Bitcoin domain
A United States court issued a temporary order to forbid the sale of the domain Bitcoins.com, which is still owned by the CEO of the defunct cryptocurrency exchange Mt. Gox. Mark Karpeles announced the auctioning of the domain two weeks ago. The injuction ...read more
New York-based Coinsetter evolves to “full US Bitcoin exchange”
Following the recent presentation of the first BitLicense draft, the Bitcoin-related set of rules that will regulate the crypto-economy in New York, the local exchange Coinsetter announced its evolution from beta stage to “full US Bitcoin exchange”. “Today, we’re pleased ...read more
Building a Bitcoin Economy: How to Close the Loop
This guide is a continuation of a previous article at http://bitcoinmagazine.com/13104/building-bitcoin-economy-stimulate-adoption/ If you or someone in the area has been preaching crypto for a while, you probably have a few nearby businesses accepting Bitcoin by now. This is an important first ...read more
#OffTheCouch: Award-winning Film Could Bring Bitcoin to 1,000 High Schools
The Corporation Film’s Crypto Challenge from Hello Cool World on Vimeo. For its 10th year anniversary, “The Corporation” is raising money for a re-release shown to 1,000 schools across North America. Their original fiat campaign closed at $30,000, and they’re ...read more