Bitcoin Incentive for Fraud; Two More Exchanges Hacked: "Flexcoin" Robbed of All Online Coins; "Poloniex" Missing 12.3% of Assets Posted: 04 Mar 2014 11:03 AM PST Two more bitcoin exchanges were robbed in the past few days. "Flexcoin" lost all online coins and shut its doors. Flexcoin admitted it did not have resources to cover 896 stolen bitcoins, worth £365,000 (about $608,200). Bitcoins in Flexcoin's "cold storage" (offline), for which depositors have to pay a fee, were not affected. "Poloniex", the other hacked bitcoin site, admitted that it is missing 12.3% of its assets because of a flaw in its transaction system. Its owner apologized and will keep its exchange running. The Guardian reports Bitcoin Bank Flexcoin Closes After Hack Attack. Flexcoin has been forced to close after hackers stole 896 bitcoins, worth £365,000, in an attack on Sunday. The company shut its website and posted a statement on Tuesday morning detailing the loss.
"On March 2nd 2014 Flexcoin was attacked and robbed of all coins in the hot wallet," the statement read. "As Flexcoin does not have the resources, assets, or otherwise to come back from this loss, we are closing our doors immediately."
Not all of the company's assets were stolen. In line with best practices for running a bitcoin financial service, Flexcoin held some bitcoins in "cold storage", keeping them on devices not connected to the internet. Those bitcoins are safe, but only users who explicitly requested their bitcoins be held in cold storage (and paid a 0.5% fee) benefit.
"Users who put their coins into cold storage will be contacted by Flexcoin and asked to verify their identity," the statement continues. "Once identified, cold storage coins will be transferred out free of charge. Cold storage coins were held offline and not within reach of the attacker. Flexcoin will attempt to work with law enforcement to trace the source of the hack."
Just six days ago, the company was boasting that it was unscathed by the closure of MtGox, once the world's largest bitcoin exchange:
The same day the company came clean about its losses, a second bitcoin firm, Poloniex, also admitted that 12.3% of its reserves had been stolen by hackers. Poloniex is a bitcoin exchange, and the company has committed to operating at a fractional reserve until it can replenish the losses itself. "Poloniex" Robbed of 12.3% of Assets, Owner ApologizesThe problem at Poloniex stems from a flaw in Poloniex's system that processed bitcoin transactions simultaneously rather than sequentially, ultimately allowing negative balances. On the Bitcoin Forum, Poloniex owner Busoni explained how it happened and apologized to the bitcoin holders. What Did Poloniex Do Wrong?
The major problem here is that the auditing and security features were not explicitly looking for negative balances. Another design flaw is that withdrawals should be queued at every step of the way. This could not have happened if withdrawals requests were processed sequentially instead of simultaneously.
What Did Poloniex Do Right?
The existing security features noticed unusual withdrawal activity and froze BTC. That is how the activity was discovered.
What Happens Now?
I take full responsibility for this and am committed to repaying the debt of BTC. The exchange funds are 12.3% short. Because there is not enough BTC to cover everyone's balances, all balances will temporarily be deducted by 12.3%. Please understand that this is an absolute necessity--if I did not make this adjustment, people would most likely withdraw all their BTC as soon as possible in order to make sure they weren't left in that remaining 12.3%. Aside from the obvious drawback of most of the BTC being taken out of the exchange, this would not be fair--some people would get all of their money right away, and a few would get none right away.
The amount deducted from everyone's balances will be recorded, and funds raised from exchange fees, as well as donations from my own pocket (which is not very deep, I'm afraid), will be distributed regularly to all users who have had BTC deducted. Exchange fees will be raised to expedite the recovery of the debt. 1.5% has been suggested by many people, but I will take input on this.
If I had the money to cover the entire debt right now, I would cover it in a heartbeat. I simply don't, and I can't just pull it out of thin air.
Right now, all markets and withdrawals are still frozen, and they will remain that way until the negative balance watcher is written and in place and balance deductions are calculated. Please do not bother placing withdrawals right now, as they will not be processed and will probably all be cancelled before functionality resumes. ETA on availability of withdrawals is approximately 12 hours. I am afraid it is 3 AM where I am right now, and I think it is wise for me to get some rest before proceeding.
In conclusion...
I sincerely apologize for this, and I am very grateful to the many people who have already expressed their support and belief in my character. I take full responsibility; I will be donating some of my own money, and I will not be taking profit before the debt is paid.
I welcome your opinions on how to proceed, but please be constructive. I do not have the money to wave away the debt, so we'll need to work together. Bitcoin LogGiven that a log makes a record of every transaction, and given this hack recently occurred, it should be possible to track the missing bitcoins. Bitcoins.Com explains " All newly mined Bitcoins, along with every transaction, are publicly recorded and verified through the network. This record is known as the Blockchain and is one of the features that helps keep the system secure from fraud and abuse. Bitcoins cannot be duplicated or forged." Tracking the stolen bitcoins is easy enough, recovering the stolen money is another matter. The thieves likely traded the bitcoins for cash and now a third party is holding the coins. Sense some lawsuits regarding ownership of the stolen bitcoins? Incentive for FraudNote the huge incentive for insider fraud at these sites. The owner or owners of these bitcoin exchanges can easily arrange for bitcoins to be stolen. I do not propose that happened in either case above, I just mention the possibility. Inside Japan's Bitcoin HeistSome do accuse Mt.Gox of fraud but the Daily Beast dismisses that idea. Please consider Inside Japan's Bitcoin HeistThe Daily Beast was able to speak with a former employee of Mt. Gox, on the condition of anonymity, due to a nondisclosure agreement with the company. According to the former employee's testimony and other expert analysis, it seems very likely that the collapse of Mt. Gox was not a criminal fraud but the result of poor management, faulty accounting, and system bugs that went unfixed many months after being recognized by the CEO himself. The final nail in the coffin was the unauthorized release of an internal document that was supposed to serve as the groundwork for saving the company. It is unclear who leaked the document—which was an unfinished draft of a plan of action.
"Essentially," said the former employee, "Mt. Gox was a dysfunctional organization. Nobody was doing accounting reconciliation and there was an exploitable fault in the transaction system that allowed people to get paid twice—or in other words, withdraw more or less the same amount of Bitcoins two times."
And it does seem true that Bitcoins are very hard to forge or duplicate. Unfortunately, if you know what you're doing, they may be easy to steal. Or if you're not careful, they may be very easy to lose.
Karpeles informed the former employee that an estimated 820,000 Bitcoins were unaccounted for—at the time, the equivalent of close to $500 million. The former employee was told the Bitcoins had possibly been siphoned off over several months by users exploiting flaws in the system. In particular, there seemed to be a system glitch that made it possible to get a payment reissued even after it had been already received. He says that because the firm hadn't hired an accounting firm to keep the books or an auditor, the theft was undetected.
Teikoku Data Bank, Japan's largest and most respected credit-rating agency, in July of last year reviewed the company and gave it a D4, the worst possible rating a company can receive on their scale. One of the reasons for the low rating was the lack of qualified accounting staff at the company. QuestionsAre you holding bitcoins? If so, what kind of auditing is in place at the exchange you hold them? Are they in cold storage? Should they be? Accounting procedures at Mt.Gox were so bad it did not matter whether or not you had the transactions in cold storage. Bitcoin Price and Fraud Go Hand in HandOne final question: Is the runup in price directly related to fraud and theft? Yes, two ways. 1. Increasing value of bitcoins made them an ideal target 2. Fraudsters who stole bitcoins had an incentive to artificially drive price higher knowing they could take out more than they put in, at more than one bitcoin exchange, and in more than one way. How high would the price of bitcoin had gotten in the absence of those incentives? Mike "Mish" Shedlock http://globaleconomicanalysis.blogspot.com |
Back from the Brink: Ruble Rebounds, Stocks Soar as Putin Sees ‘No Need’ for Military Force in Ukraine Posted: 04 Mar 2014 09:28 AM PST Global equities are up led by emerging markets, treasuries and gold a bit lower, and the Ruble higher as Putin Sees 'No Need' for Military Force in Ukraine. Vladimir Putin on Tuesday appeared to step back from the brink of confrontation with the west when he told a televised news conference that tensions that could have led to military intervention in Ukraine had "dissipated".
Speaking about the possible use of Russia's armed forces, Mr Putin said: "The tense situation in the Crimea, associated with the possible use of the armed forces, just dissipated, the need for that did not arise. The only thing which was necessary, and which we did, was to strengthen the protection of our military installations . . .
"Therefore I believe that it will not be necessary for us to do anything like that in eastern Ukraine."
Earlier on Tuesday, Moscow said it had ordered troops "involved in military exercises" to return to their bases following a day of international pressure over its creeping invasion of Crimea. However, there was no immediate confirmation that Russian forces had indeed retreated.
The pullout of troops ordered on Tuesday did not cover forces deployed in Ukraine. A Kremlin press release said: "Supreme commander Vladimir Putin gave the order to the troops taking part in military exercises in the west and central military districts to return to their permanent bases. Ruble ReboundsBloomberg reports Ruble Rebounds With Russia Bonds as Putin Calms Ukraine Concerns The ruble rebounded, Russian stocks surged and government bond yields tumbled after President Vladimir Putin said he's not planning on sending troops to Ukraine, easing investors' concern the standoff will escalate.
There is no immediate need to send troops to Ukraine and Russia is not considering adding the Crimea to its territory, Putin told a press-conference in the Moscow region today. The ruble was the worst-performing currency worldwide yesterday and bond yields soared after troops took control of the Crimean peninsula, where Russia keeps its Black Sea fleet. The central bank unexpectedly raised interest rates 150 basis points yesterday in a bid to quell market volatility.
"Putin's stand has become clearer to the markets," Vladimir Miklashevsky, a strategist at Danske Bank A/S in Helsinki, said in e-mailed comments. "There is some optimism that the geopolitical crisis may be soon over and fear of war eases."
The Micex Index gained 5.3 percent to 1,356.54 at the close of trading in Moscow, snapping five days of declines, including yesterday's 11 percent slump. U.S.-based exchange-traded funds investing in Russian equities have lost 20 percent of their total assets this year, the biggest drop among 46 country-specific ETFs tracked by Bloomberg. Mike "Mish" Shedlock http://globaleconomicanalysis.blogspot.com |
Mortgage Loan Originations Lowest Since November 2008, Down 60% Year-Over-Year, Cash Sales Strong Posted: 03 Mar 2014 11:46 PM PST Here are some bullet points from the latest Black Knight Financial Services (formerly LPS Mortgage Monitor) release on 3/4/2014. - Loan originations declined to the lowest point since Nov. 2008 (down 60% Y/Y)
- Property sales remained relatively strong (total year 2013 was up 8.4% from 2012), supported by increased cash purchases (which accounted for more than 40% of Q4 sales)
- HARP origination volume has declined significantly (down 70% Y/Y), with fewer existing loans now eligible for the program: approx. 709K vs. 2.3M in Jan. 2013
- Home equity lending in 2013 was up 26% vs. 2012, but it's still down over 90% from 2006
- HELOC performance in recent vintages is pristine (delinquency rates on HELOCs originated over the past 4 years have averaged just 0.1%), but new problem loan rates continue to rise for older lines that have begun to amortize (up 27% Y/Y)
"In January, we saw origination volume continue to decline to its lowest point since 2008, with prepayment speeds pointing to further drops in refinance-related originations," said Herb Blecher, senior vice president of Black Knight Financial Services' Data & Analytics division. "Overall originations were down almost 60 percent year-over-year, with HARP volumes (according to the most recent FHFA report) down 70 percent over the same period.
These declines are largely tied to the increased mortgage interest rate environment, which is having a significant impact on the number of borrowers with incentive to refinance. A high-level view of this refinancible population shows a decline of about 13 percent just over the last two months.
"Of course, in addition to higher interest rates, a good deal of this decline can be attributed to the fact that a majority of those who could refinance at historically low rates in recent years already have, and we see a similar dynamic in terms of HARP-eligible loans. The volume of HARP refinances over the past year has driven this population down to about 700,000 loans in January 2014, as compared to over 2.3 million at the same time last year. From a geographic perspective, outside of Florida and Nevada, we see the Midwestern states of Illinois, Michigan, Missouri and Ohio have among the highest percentage of HARP eligibility."
However, while loan origination volume has declined year-over-year, property sales activity remained relatively strong through year-end 2013, with December's monthly sales up 3.7 percent year-over-year and full year 2013 up 8.4 percent vs. 2012. Fourth-quarter sales were bolstered by a jump in the percentage of cash sales, to over 40 percent of the total, up from about 25 percent in the prior year. Origination Volume Lowest Since 2008 with Further Declines ExpectedCash Purchases Have Been Supporting Overall Property Sales"Refinancible" Portion of the Market Continues to DeclineNumber of Loans Eligible for HARP Under Current Standards has Dropped SignificantlyAddendumLink to the Report: Black Knight Mortgage Monitor Mike "Mish" Shedlock http://globaleconomicanalysis.blogspot.com |
Niciun comentariu:
Trimiteți un comentariu