$63 000 USD

JULY 2014

AUSTRALIA

BITCOINS RESERVE

DESCRIPTION OF EVENTS

"Bitcoins Reserve has serviced hundreds of customers since starting operations in June 2013, first to market in Cryptocurrency Arbitrage and large volume Procurement, we work to offer our investors a diversified approach to generate returns in both Fiat and Cryptocurrency." "Offering the worlds first cryptocurrency arbitrage fund, Bitcoins Reserve has since June 2013 consistently generated double digit monthly returns for investors. Since the fund started 9 months ago, our automated trading engine has generated a return of over 205.8%." "Our team constantly seeks and executes opportunities and manage their associated risks. With a strong understanding on what is becoming the greatest financial revolution in the 21st century, we have helped both skeptics and believers realise incredible returns in the Cryptocurrency space."

 

"Based out of Level 11, 470 Collins Street, Melbourne, Australia, Bitcoins Reserve runs a number of initiatives educational initiatives such as Bitcoins 101 and the Arbitrage Acadamy. We take pride to provide the general public with the information necessary for them to make an informed decision when investing into cryptocurrency, one such investment vehicle is our Arbitrage fund, which performs automated simultaneous trades across multiple exchanges with price differentials, to correct market inefficiencies and bring liquidity, all in the while netting profitable trades."

 

"In addition, we work with a number of retail exchanges and OTC traders to provide procurement services, providing emergency liquidity when a larger than expected buy or sell order is beyond their capacity to service." "Looking to stake a portion of your assets in Cryptocurrencies? Having fostered close relationships with major global and regional exchanges, we’re able to offer wiring services as well facilitate localised on demand Over The Counter buying and selling." "Bitcoins Reserve can help secure your cryptocurrency assets through our cold storage solution."

 

"The US government's recent auction of bitcoin seized from Silk Road was a landmark in bitcoin's story – as many have pointed out, it gives some small sense of legitimacy to the currency in the sense that the government wouldn't auction off seized cocaine, for example. The US government is willing to deal in bitcoin to some extent, a small but important signal."

 

"But it was also accompanied by its fair share of farce. Before the auction the government accidentally emailed the potential participants but forgot to bcc them, so everyone who received the email could see who else had been emailed, meaning their names were eventually leaked."

 

"The message was not intended for any particular group of people, but for anyone who had emailed a question to the general mailbox to ask about the auction. Only recipient email addresses were disclosed."

 

"The upshot of the US government leak is that the people whose emails were leaked were targeted by scammers, one of whom succeeded in dramatic style." "Individuals on the recipients list of the leaked US Marshals Service email to Silk Road auction enquirers are being targeted in a phishing attack, and at least one individual has fallen for the scam."

 

"Sam Lee of of bitcoin fund Bitcoins Reserve received an email claiming to be from a media company. The attached document was supposedly a list of interview questions but actually linked to a website prompting Lee to enter his password. When he did, the attacker took over his email and sent a message to the CTO, requesting a transfer of 100 bitcoin."

 

"The funds were sent by the firm's chief technology officer, Jim Chen, after he received what seemed like an email request to do so from Lee. In fact, the funds ended up being sent outside the company to the attacker's wallet. The transaction can be seen here, according to Lee."

 

"Lee received an email on 21st June from a certain 'Linda Jackson' claiming to represent BitFilm Production, a genuine company based in Germany. Jackson falsely claimed that the firm was assembling a series of interviews about the impending auction for a client."

 

"Jackson then sent Lee a second email containing a link that directed to a file containing the questions for the interviews. This appeared to be a Google Drive document, but was actually a website controlled by the attacker."

 

"The faked page then requested Lee's email password to gain access to the document, and consequently, when the password was entered, the attacker gained access to Lee's email accounts."

 

"The scammers finally sent an email, purporting to be from Lee, to various employees requesting funds be sent to an external bitcoin wallet address, and the CTO unsuspectingly complied."

 

"As this attack vector was only successful due to an oversight in operations, the founders of Bitcoins Reserve will compensate the company by injecting an additional 100 Bitcoins to ensure we're still effectively performing arbitrage for our investors."

The Bitcoins Reserve email address of Sam Lee was leaked by the US Marshall Service as part of their auction of bitcoin seized from Silk Road. Sam Lee then received and fell for a targeted spear phishing attack, where he entered his password in a fake Google Drive website. The attackers used his email account to request the CTO Jim Chen to transfer them 100 bitcoins and he happily obliged. The money was reimbursed by the platform, so no customers faced losses. It appears that Bitcoins Reserve website has remained online until June 2019.

HOW COULD THIS HAVE BEEN PREVENTED?

Better training for platform operators would avoid falling for schemes like this. Storing funds in a multi-sig wallet where they must be approved by multiple team members increases the scrutiny on transactions.

 

Check Our Framework For Safe Secure Exchange Platforms

Sources And Further Reading

 For questions or enquiries, email info@quadrigainitiative.com.

Get Social

  • email
  • reddit
  • telegram
  • Twitter

© 2021 Quadriga Initiative. Your use of this site/service accepts the Terms of Use and Privacy Policy. This site is not associated with Ernst & Young, Miller Thompson, or the Official Committee of Affected Users. Hosted in Canada by HosterBox.