Another hack has hit Bitcoin. Over a million dollars have been stolen from a service that offered a digital wallet service for owners of Bitcoin, according to the owner of the site. The site was called Inputs io, and it offered a convenient way for users to store and use Bitcoins. But it's all gone horribly wrong for those who trusted the site with their Bitcoins. An anonymous young Australian man — who goes by the name TradeFortress — revealed on the site that two separate attacks in late October resulted in a loss of roughly 4,100 BTC. He tells Wired that the attacker used social engineering to compromise "a chain of email accounts which eventually allowed the attacker to reset the password for the the Linode server" that hosted the site.
Unfortunately for those who uses Inputs.io, the nature of Bitcoin itself means that its very unlikely they'll ever see their money again. The semi-anonymous currency works off a record of all transactions, but linking identifiers with users can be close to impossible. And there's no such thing as chargebacks in the world of Bitcoin: once a transaction is made it is a done deal. Experts warn users from storing large quantities of Bitcoin online, as hacks are not infrequent. It's far safer to keep Bitcoins in "cold storage" by keeping your wallet key offline, possibly even in a safe deposit box. The key used for withdrawals is different than the public one needed for deposits, making cold storage appealing for keeping a reserve of Bitcoin safe from hackers.
"Users very unlikely to ever see their money again"