One of the âdark marketplacesâ offering illegal and semi-legal services via the anonymized web browser Tor has shut down, according to reports â with a user fleeing with millions of dollars worth of Bitcoin.
A senior user of Sheep Marketplace âstoleâ a large number of bitcoins totalling $4.9 million, according to the BBCâs report.The actual figure may have been much higher. Business Insider claims up to $44 million was taken.
âWe are sorry to say, but we were robbed on Saturday 11/21/2013 by vendor EBOOK101. This vendor found bug in system and stole 5400 BTC â your money, our provisions, all was stolen,â the site admins said in a statement.
âWe were trying to resolve this problem, but we were not successful. We are sorry for your problems and inconvenience, all of current BTC will be ditributed to users, who have filled correct BTC emergency adress. I would like to thank to all SheepMarketplace moderators by this, who were helping with this problem. I am very sorry for this situation. Thank you all.â
Sheep Marketplace gained many customers and sellers during the brief period Silk Road was inactive. At present, the site is unreachable via Tor. Some reports, such as this via TapScape, suggest that the entire site was a scam designed to earn Bitcoin, created during the period while Silk Road was offline.
Business Insider reports that the theft may have been much bigger than initial reports, âSheep users and other Bitcoin followers on reddit say that the administrators began blocking withdrawals of bitcoins from the site more than a week ago, and may have absconded with as much as $44 million from the siteâs users, pointing to a movement of 39,900 bitcoins visible in the public record of Bitcoin transactions known as the blockchain.â
Site users have begun their own detective work, chronicled on a Reddit thread devoted to the thefts, âHe was desperately creating new wallet addresses and moving his 49 retirement wallets through them, but having to wait for 3 or 4 confirmations each time before moving them again. Each time I caught up, I â666âłed him â sent 0.00666 bitcoins to mess up his lovely round numbers like 4,000. Then,all of a sudden, decimal places started appearing, and fractions of bitcoins were jumping from wallet to wallet like grasshoppers on a hotplate without stopping for confirmations.â
âI think heâs asleep now in the czech republic. When he awakes, he will see my â666âł next to his 96,000 stolen, freshly-laundered bitcoins. Along with lots of insults attached to fragments of bitcoins that I hope you are about to send hereâŚâ
Itâs the latest in a series of âheistsâ involving the cryptocurrency, as reported. Despite FBI action against âdark marketâ sites such as Silk Road, illegal commerce still thrives on Tor â and Silk Road relaunched as Silk Road 2.0.
Within the last few days, two sites hosting online wallets for the cryptocurrency Bitcoin were targeted by hackers â the âheistsâ netted more than $1 million each.
Â
Oddly, though, this has not adversely affected the value of the cryptocurrency, which seems to thrive on publicity, whether positive or negative.
Â
Despite the heists, plus high-profile law-enforcement actions against âdark marketâ sites such as SILK ROAD, which conducted transactions in Bitcoin, the currency is now valued at $919 per coin, itâs highest-ever valuation.
Â
Earlier this year, Some famous threat blogs detected new variants malware that attempted to steal Bitcoins, mine Bitcoins illegally, or break into wallets. Malware targeting other similar currencies such as Litecoin.
Â
We Live Security spoke to  James Andrews, Finance Editor at Yahoo UK, for a perspective on the currency from outside the world of technology.
Â
âNothing in finance is truly safe.â âReal currencies collapse, but the Bitcoin is less safe than most. Itâs been called the worldâs most perfect speculative material, which is fair. It has absolutely no value or use bar itâs rarity. If people stop valuing that itâs entirely worthless more or less instantly. Equally, though, prices might just keep rising and rising and rising â as more people buy into the idea and demand rises.â
Â
On Twitter, an image showing the enormous rise and sudden collapse in prices of Dutch Tulips during the brief craze when the bulbs were first introduced in 1637 has circulated.
Â
Could the same happen to Bitcoin? Perhaps â but there are steps you can take to keep your Bitcoins safer than most.
Â
If your walletâs stolen, act fast
Â
If your Bitcoin wallet HAS been stolen, itâs not quite as easy for the attacker as stealing a real wallet â he or she has to move the currency out of it. If youâre lucky, and fast, this can sometimes save your coins. Â When the Bitcoin wallet is stolen from the victim, the attacker will have to âspendâ the Bitcoins in it â by either adding them to his own wallet, purchasing something, etc.
Â
âThe only way to get away without losing the money is if the victim is lucky enough to âspendâ the Bitcoins (purchase something or import them to a new wallet) before the attacker does. Obviously, the chances of that are pretty slim.â
Â
Keep your PC clean if youâre dabbling in Bitcoin
Â
Cybercriminals love Bitcoin. Thatswhy Bitcoin and other crypto-currencies are being targeted by cybercriminals. There are numerous malware families today that either perform Bitcoin mining or directly steal the contents of victimsâ Bitcoin wallets, or both . So Keep your computer clean and uncompromised by âthinking before you clickâ and keeping your system, applications and anti-virus up-to-date.
Â
Encrypt your wallet
Â
Despite Bitcoinâs own beautiful illustrations of glittery coins, what youâre dealing with are numbers â long encryption keys. To stay safe, you just have to ensure no one else ever has access to these.  There are several important rules to keep Bitcoins safe.
    The key words here are: BACK UP and ENCRYPT.
Bitcoin provides a way to encrypt wallets, and this would make it much more difficult for the attacker to get his hands on the Bitcoins.â Clever Bitcoin users will encrypt all their wallets â although this slows performance â and have several for different uses. Very small amounts of money
Â
Donât keep all your eggs in one basket â or your Bitcoin in one wallet
Â
Bitcoin is a special case â if youâre worried a site breach or Trojan attack may have put your hoard within reach, donât just change passwords, even if your wallet is encrypted. Make a new one, and move your coins to it (with a new, strong password). Lipovsky says that the Bitcoin foundationâs own advice is excellent, âIf a wallet or an encrypted walletâs password has been compromised, it is wise to create a new wallet and transfer the full balance of bitcoins to addresses contained only in the newly created wallet.â
Â
Most finance experts advise â donât put your life savings in Bitcoin
Â
Yahooâs Andrews says that the soaring price of Bitcoin isnât a signal to invest: âIf youâve made a profit on Bitcoins you already own, well done. Â Thereâs simply no way to know whether their prices will keep rising, stabilise or collapse. And there are a lot of risks â everything from them being hacked, your e-wallet being hacked, someone successfully forging them or Bitcoins being made illegal.â
Â
If you must store Bitcoins online, donât store large amounts
Â
Online Bitcoin wallets are not designed to work like bank accounts â theyâre convenient, as you can access them from anywhere â but theyâre a prime target for cybercriminals. An attack on Bitcoin site BIPS targeted web wallets. CEO Kris Henrikson said, ââWeb Wallets are like a regular wallet that you carry cash in and not meant to keep large amounts in,â after his site was robbed of $1.2 million in Bitcoin. Bitcoin says, tactfully, âOnline wallets have a number of pros and cons.â After Bitcoin siteInputs.io was hacked, and $1.2 million stolen, its founder said, âI donât recommend storing any bitcoins accessible on computers connected to the internet.â
Â
Mobiles and Bitcoins donât mix
Â
Various Android apps offer ways to carry Bitcoins with you â but again, these come with their own risks. Earlier this year, a flaw in Android rendered ALL Bitcoin wallets unsafe â although it was rapidly patched â and apps which allow transfer via NFC add additional risks, particularly if a device is lost. âMobile wallet applications are available for Android devices that allow you to send bitcoins by QR code or NFC, but this opens up the possibility of loss if mobile device is compromised. It is not advisable to store a large amount of bitcoins there.â
Â
Keep your fortune in âcold storageâ
Â
If youâre serious about Bitcoin, the security procedures are long and complex â even Bitcoin admits that setting up an offline wallet, stored on CDs and USB sticks is âtediousâ and ânot user friendlyâ. A good guide to how to do this is here â and it may also provide an illustration of why mainstream PC users might want to consider sticking to good old US dollars. Bitcoin says, âBecause bitcoins are stored directly on your computer and because they are real money, the motivation for sophisticated and targeted attacks against your system is higher than in the pre-bitcoin era.â Bitcoinâs own procedure for creating an âofflineâ wallet, which never contacts the internet in plaintext form, is here. This procedure is also known as creating an âair gapâ or âcold storageâ. Followed correctly, it provides protection from malware and cyberattacks â although not, of course, from traditional crimes such as extortion.
Â
Still worried? Store them on paper
Â
One safe â if extreme â way of ensuring Bitcoins donât fall into the hands of hackers is to store them on paper. Bitcoin says, âWhen generated securely and stored on paper, or other offline storage media, a paper wallet decreases the chances of your bitcoins being stolen by hackers, or computer viruses.With each entry on a paper wallet, you are securing a sequence of secret numbers that is used to prove your right to spend the bitcoinsThis secret number, called a private key, most commonly written as a sequence of fifty-one alphanumeric characters, beginning with a â5â˛.â Be sure, though, your PC is clean before you print â the free software used to generate codes has been targeted by cybercriminals. Run a complete scan of your machine first, then keep AV software running as you print out.