Poloniex – online trade for the most popular cryptocurrencies has suffered a hacker attack, making it lose 12.3% of all Bitcoin it held.
A month haven’t passed since exchanges were under a severe pressure from hacker attacks on all the major exchanges and services, the event that even lead the used-to-be mighty Mt.Gox to its infamous demise.
The Attack
Poloniex owner Tristan D’Agosta explained the situation to the service’s users. He told that the attack was making use of the glitch when many withdrawals are made in the short period of time. When it happens, the balance becomes negative but the program that collects withdrawals still sends them to a glitched wallet.
The Poloniexs’s team reaction was fast nevertheless. On the 4th of March, when it happened, the attack was stopped and the service halt its work for a day. On the 5th the market was unfrozen and D’Agosta made an important decision – all balances were evened out to lose these 12.3%.
One for all and all for one
D’Agosta believes it was the only way for both for service to stay afloat and for all of its users to eventually return money. He thought that in case this action was not taken - people would quickly withdraw their digital coins so not to be left in these 12.3%.
However, the service fully accepted its responsibility and plans on paying out everything that was lost. Partly from their own pocket and partly by raising fees from 0.2% to 1.5%, which doesn’t exactly seem fair. Like baron Münchausen pulled himself out of a swamp by his own hair D’Agosta suggests users, who already lost money to pay some more to cover it. How one get to pull that off?
Learning from mistakes
To make sure no to be fooled twice, Poloniex updated their withdrawal daemon and added a feature to check if the balance is negative before the act of withdrawal actually takes place, halting any activity on the given account.
Although the money loss was rather great, the service’s owner says that if it wasn’t for their security system, which discovered the fast leakage of digital currency from customer’s balance, the amount of stolen money could much greater. Yeah, that should calm its users down.
Most of the cryptocommunity made a positive and sympathetic response, praising D’Agosta’s ability to act calmly and quickly under such pressure. D’Agosta himself humbly apologized and proceeded to raise money to pay the debt as well as improve his service from being brought down by the way too active hackers.