Security Experts:

Hack Robs Bitfloor of $250,000

A cyber-attack on Bitfloor, a Bitcoin exchange, yielded access to an unencrypted backup of wallet keys that were used to steal roughly $250,000, according to the company.

According to Roman Shtylman, founder of Bitfloor, trading has been suspended in light of the breach. The attack occurred Monday night, and compromised servers belonging to the firm, Shtylman explained Tuesday in a post on a user forum. 

"As a result, the attacker gained accesses to an unencrypted backup of the wallet keys (the actual keys live in an encrypted area)," he wrote. "Using these keys they were able to transfer the coins. This attack took the vast majority of the coins BitFloor was holding on hand. As a result, I have paused all exchange operations. Even tho [sic] only a small majority of the coins are ever in use at any time, I felt it inappropriate to continue operating not having the capability to cover all account balances for BTC at the time."

All totaled, the attack stole some 24,000 bitcoins. Currently valued at roughly $10.40 a coin, the heist was worth approximately $250,000.

According to Shtylman, the backup keys were made when he manually did an upgrade and put the keys in "the unencrypted area on disk."

Creating backup keys avoids accidentally making data inaccessible if encryption keys are lost, said Todd Thiemann, senior director of product marketing for data security firm Vormetric.

"Key management is a major enterprise challenge," he said.

"When you start to encrypt in multiple locations and have multiple encryption keys floating around, you need some way to store, organize and manage them," he added.  

Bitfloor is hardly the first Bitcoin exchange market to come under attack. Last June, Mt.Gox was hit by hackers, and U.K.-based exchange Bitcoinica was hacked twice this year.

Though operations are currently suspended, Shtylman wrote that he is evaluating options for Bitfloor and that he does not want to shut it down. When contacted by SecurityWeek, he said he had no updates on the future of the company or how the attack took place.