According to the reports, there had been another hacking incident where hackers made away with about $5 million in bitcoins. The incident has supposedly happened early this year. Unconfirmed reports from various sources indicate that according to an internal incident report filed by the investigating team, 6 employees of the company were targeted by hackers to gain access to the information required to access the company’s bitcoin hot wallet.
In an elaborate phishing attempt spanning over weeks, the hackers targeted top-level employees of the company including the chief operating officer Miha Grcar, chief technology officer Damian Merlak, systems administrator Luka Kordic and Bitstamp support manager Anzej Simicak by communicating through emails and Skype.
The investigation report shared by an unknown user going by the screen-name Coinleak on Reddit points at the Stroz Friedberg as the digital forensics company that investigated the reported hack. It is speculated that other investigators include people who work with elite government agencies like the Federal Bureau of Investigations and United States Secret Service.
The hackers initiated conversation with Bitstamp employees with the intention of coaxing them to download files containing malware. Contents of the messages received by these people included personal information, appealing to their interests which made them wrongly trust the message and download files.
The Bitstamp network was compromised when Luka Kordic downloaded a file that appeared to be sent by an organization’s representative. After gaining access to Bitstamp’s network after multiple phishing attempts, the hackers on 23 December, 2014 accessed wallet.dat file through Kordic’s account. On 29 December, the hackers copied both wallet and passphrase files. Finally on 4 January, 2015 Bitstamp’s wallet was drained of 18,866 bitcoins amounting to $5,263,614 in fiat.
Luckily Bitstamp discovered the intrusion on the same evening and started damage assessment and mitigation procedures. The company went on to rebuild its entire trading platform and ancillary services instead of patching and rebooting the existing system.
Apart from losing bitcoins, the company also ended up losing major clients, its reputation and spent close to $700,000 for damage assessment and platform development. The report shared on Reddit has been removed since it was shared on the request of Bitstamp.
READ MORE: Primedice Hacked Last Year, Gamer Gets Away with a Million Dollars