Hacks, Scams and Shut Downs:
A Sad, Incomplete History
of Bitcoin Exchanges

April 3, 2014 | Peter Yeh

Everyone has heard about the epic MtGox collapse and its subsequent bankruptcy. The alleged hackers made off with hundreds of thousands of bitcoins, worth hundreds of millions of dollars, because MtGox failed to verify transactions against the public ledger, allowing multiple withdrawals. This isn’t an isolated incident. The entire history of Bitcoin Exchanges has been an onion of incompetence.

An exchange implodes every few months. These exchanges are often created by children (mental or literal, grasping PHP for Dummies in one hand and a raging bitcoin-boner in the other), subjected to a hilariously high number of hacks and scams.

The first exchange that blew up was Stone Man which lost ~9000 bitcoin, because they didn’t have a backup. Without the “private key,” bitcoin wallets are irrecoverable. Bitcoins cannot be arbitrarily created, so any lost wallets and the bitcoins in them, are destroyed, removed from circulation forever. Bitomat.pl, then the third largest exchange, didn’t keep a backup, losing thousands of bitcoin. Bitfloor used a backup. Too bad they didn’t secure it, and hackers stole that.

Ubitex, which turned out to be run by said literal child, vanished with all bitcoins. Bitconica, another exchange written by a child, was hacked, had no backups, and shut down. Kronos hired a known serial scammer to code the site. Shockingly, he coded in a backdoor and stole all the coins.

Bitcoin Savings and Trust was run by the trustworthily-named “pirateat40,” who managed to run off with 5% of all Bitcoins in circulation. BS&T was a Ponzi scheme, and that caught the SEC’s ire. Pirate’s hilarious failure to try and talk his way out of it is worth a read. BitInstant, run by the vice chairman of the Bitcoin Foundation Charlie Shreem, was shut down by the Feds as well for knowingly laundering Silk Road bitcoins used to buy drugs.

In June 2011, MtGox got hacked. The hackers manipulated the market by creating huge amounts of illusory bitcoin that only existed in Gox. They used these “goxcoins” to crash the price, bought subsequently cheap real bitcoins, withdrew, and made a tidy profit. Even better, the database was also leaked, leading to thousands of smaller thefts of personal wallets from MyBitcoin. A month later, MyBitcoin vanished anyway.

Poloniex managed to fuck up making a transaction queue. The hacker spammed withdrawal requests, overwhelming the system. Poloniex’s software didn’t bother checking to see if you had a negative balance and kept allowing withdrawals. To stay alive, Poloniex deducted money from everyone’s balance, spreading out the pain.

Vircurex and CoinEx were both twice hacked, both sound like STD medications, and both are still trying to sell shares. Vircurex additionally has a more novel way to make the money back; They froze all user funds and will release them once they’re solvent again. This treats deposits as interest-free loans, and acts as implicit blackmail to keep using Vircurex, lest they never see their coins again.

Inputs.io, BTC-E, Crypto-Trade, Bitcoin7, and Flexicoin had some or most of their funds stolen at some point. These are only the ones I’ve seen written about. There are possibly more exchanges outside the anglosphere that belong here.

The entire time, there have been smug bitlords on the sidelines, saying how this was just the free market in action. These fedora-topped wankers believe everyone acts rationally in their own self-interest and any issues are clearly the fault of the victim. They unironically believe that all the depositors deserved it, because it should have been so obvious that the exchange was bad. Stop being so negative. It’s just the market correcting. Enjoy the ride.

(Image: Buttcoin)