Hashcows Hacked 12/24/13

Hashcows, a Bitcoin mining site, has recently been hacked. Unlike most, this one has affected the majority of users. Based on preliminary information, it appears as if the database was breached, where the hacker was able to change everyone's payout address to his. Along with this, he was able to do manual withdrawals on everyone's accounts, effectively wiping out (as of this writing) over 40 BTC worth of mined coins. A pretty big situation to happen on Christmas Eve!

As of this point there is no information on how the situation is going to be handled. As you can probably guess, 40 BTC is a pretty hefty sum. I am hoping that the site does end up repaying it to the users, though, as not doing so could lead to the site's demise (think about all of that electricity people were burning that was wasted if that is the case). I have confidence that the site could easily earn back that money over time off the fees it charges (or, rather “donations”) for the conversion of coins. While the short term gain would be low (or maybe even a loss, depending on how much the site has been earning) it would have long term benefits for the site's operators. At least assuming they get this problem resolved and can keep it from happening again in the future.

Hacks in the crypto world have been becoming more and more popular, due to the anonymous nature of the coins. This makes it extremely difficult to see who is taking the coins or who did the hacks, while still allowing the users to take the money and cash it out for real world uses. This is one of the big things holding people back from trusting the system, and for good reason. When we are trusing other sites with our finances, we have to trust that they will do everything in their power to keep our finances safe. And if they are not able to do this, they should be willing to compensate the users for the losses. After all, it is us who are earning them money.

At this point all we can do is hope for the best. Based on information read via the IRC channel (#hashcows), it looks as if the situation will not be fully evaluated until after Christmas. Until then, withdrawals are frozen and the site will hopefully be going through some server hardening to try and keep things like this from happening again in the future. It is an awesome service with great benefits. But if we can not trust it with our finances, it has no real use! So for now, let us think about this from an optimistic point of view and hope that the owners handle the situation properly, rather than trying to save their own finances.

Update January 2014: The owners of the Hashcows site have offered up a partial solution to the problem, which is to return all stolen funds over the past week prior to the hack taking place. While this leaves out a lot of people that had been saving up their balances for a while, it does help out those that are cashing out on a regular basis. I do not completely agree with their method of handling this situation, but I will say that it is a lot better than just letting things go, ignoring the losses people incurred and hoping to keep members. And, while the situation is still pretty grim by its very nature, I also think that it goes to help show that people should not be keeping their coins on pools. Instead, cashing out on a regular basis, regardless as to how small the payments are, is important. To do this, I would set up a period of time that you feel safe with and use that to determine how much you should cash out at once. For example, if you are mining a coin that gives a coin per day and you feel safe with losing just five days' worth of your earnings, you should set the automatic payments out to five coins. This will ensure that as soon as you hit the five day mark it will go to your wallet, which minimizes losses while also cutting down on the transaction fees you incur, as well as the number of incoming transactions you have to deal with when you decide to send your funds to someone else. While it is still not a foolproof method and it can lead to some headache, it is better than a complete loss of all coins! And at this point in the game, self preservation should be seen as an important thing to take part in.


QR Code
QR Code hashcows_hacked_december_2013 (generated for current page)