Kai Sedgwick: Bad Code Has Lost $500 Million of Cryptocurrency in Under a Year

xrb security scamcoin raiblocks powh ponzi parity nano n-featured hack bug bitgrail bad-code

Bad Code Has Lost $500 Million of Cryptocurrency in Under a Year

Cryptocurrency can be lost in a variety of ways, from hacking to forgotten passwords and failed flash drives. But in dollar terms, one of the biggest causes of crypto losses is bad code, and it’s not usually the fault of the coin’s developers. Instead, third parties, including shoddy smart contract developers and shady exchanges, are to blame for losses that have reached half a billion dollars in the last seven months.

Also read: Cryptocurrency Exchange Bitgrail Suspends Operations After ‘Losing’ $170 Million of Nano

Bitgrail Gets Railed for Dodgy Code

Last week, news.Bitcoin.com reported on the demise of Bitgrail, which contrived to lose $170 million of nano cryptocurrency. While the precise sequence of events that caused the catastrophic collapse of the exchange with the assets of thousands of customers is still being confirmed, poor code is being blamed. As reported at the time:

There are rumors that Bitgrail became insolvent following a withdrawal bug that was discovered by some users and then shared in Discord and other chat groups, causing the wallet balance to gradually diminish. One user explained: “There was a bug on Bitgrail where if you placed two orders you got double balance added to your account. You could then withdraw while the orders were up and steal the coins. You had negative balance in the end but you could just make a new account.”

Bad Code Has Lost $500 Million of Cryptocurrency in Under a Year

In the aftermath of the incident, this theory has been bolstered by allegations that a bug was indeed responsible, and not in nano’s code, but in Bitgrail’s. One source asserted: “There was a bug, on the withdraw page. But this check was only on java-script client side, you find the js which is sending the request, then you inspect element – console, and run the java-script manually, to send a request for withdrawal of a higher amount than in your balance. Bitgrail delivered this withdrawal. How many people did this? Who knows.”

There was another bug, you could request a withdrawal to your address – from another user-id, from another user-account. That would cause the other users balance to have “missing funds” or “negative balance”. Bitgrail bomber solved this bug by manually entering the “correct” numbers in his database. This is what you get for using a PHP website coded by same skill-level as CfB of IDIOTA.

Even the Best Cryptocurrencies Aren’t Immune to Poor Code

The cryptocurrency most commonly associated with catastrophic bugs is ethereum. That’s not due to its underlying code, but on account of the smart contracts that can be built on top of the ethereum framework. First there was the DAO, which led to ethereum being forked right out the gate, and then there was the Parity bug that caused 150,000 ETH to be stolen, followed by the other Parity bug that caused $168 million of ETH to be locked up.

In the past couple of weeks, ethereum bugs have surfaced once more, albeit on a smaller scale. Proof of Weak Hands (PoWH) was a joke scamcoin which turned into an actual scamcoin after a bug led to the loss of 900 ether worth $1 million that had been sent to the contract address. The developer then disappeared after receiving death threats from investors aggrieved to discover that the joke Ponzi they were buying into was even less legitimate than it had seemed.

Bad Code Has Lost $500 Million of Cryptocurrency in Under a Year
After a smart contract bug led to the loss of 900 ETH, the PoWH website looked like this in the days afterwards

PoWH has since spawned a new scamcoin called ethpyramid which is for “strong hands only”. To the question “Is Ethpyramid secure?” the site responds “Yes. Our dev team put a lot of time into refining and testing this contract to make sure your tokens are safe. Internal functions of the contract are not accessible to the end user.” There’s also PoWH420, “the world’s dank autonomous and self-sustaining 420 pyramid scheme”.

Bad Code Has Lost $500 Million of Cryptocurrency in Under a Year
PoWH 420

Even if joke coins and their joke developers are taken out of the equation, it’s evident that cryptocurrencies are only as strong as their weakest link. While altcoins such as ethereum and nano have undoubted potential, like every other crypto they’re hostage to bugs lurking in wallets, smart contracts, and exchanges. One bad line of code is all it takes.

Do you think Bitgrail was brought down by a withdrawal bug or is there more to this story? Let us know in the comments section below.

Images courtesy of Shutterstock, and PoWH420. Katie Webster assisted with this article. 

Need to calculate your bitcoin holdings? Check our tools section.

The post Bad Code Has Lost $500 Million of Cryptocurrency in Under a Year appeared first on Bitcoin News.

Original article was created by: Kai Sedgwick at news.bitcoin.com

Disclaimer: This article should not be taken as, and is not intended to provide, investment advice. Please conduct your own thorough research before investing in any cryptocurrency or ICO.

Interested in Cryptocurrencies and ICO's?

Follow our telegram channel for daily cryptomarket reports!

Join @cointrends

Related Articles

pubDate Newsline
1 month ago Win $100 of Bitcoin Cash in Bitcoin.com’s Paper Wallet Design Contest
1 month ago The Daily: Kanye Teaches Opsec, Crypto Foes Join Forces
1 month ago Hundreds of ICOs Being Secretly Investigated by SEC, Claims Report
1 month ago BANKEX Wants You to Hack its Custody Service for $15K in Reward (If You Can)
1 month ago Weekly Spotlight: Kitepay
1 month ago Weekly Nano Update: 10/1/18
1 month ago Japan Roundup: Bitflyer Restructures, Zaif Suspends New Member Registrations
1 month ago 54% of Cryptocurrency Exchanges Have Security Holes
1 month ago Developers Unveil Two New Bitcoin Cash Full Node Clients Written in Go
4 months ago The Billion-Dollar Quest to Eliminate Smart Contract Bugs
1 month ago Bad Cryptocurrency Projects Have Squandered Millions of Dollars
1 month ago Josh Garza Sentenced to Prison and Fined $9M over GAW & Paycoin Scam
1 month ago Weekly Nano Update: 9/24/18
1 month ago Weekly Nano Update: 9/17/18
1 month ago Critical Bug Found in Bitcoin Core Invokes the Multiple Client Argument
2 months ago The Daily: Coinbase Explores Crypto ETF, Changelly Verifies Monero Traders
3 months ago $46 Million of Ether is Locked in a Pair of Ponzi Dapps
4 months ago Bitgrail Bitcoin Assets Taken by Italian Government, Victims Still Fuming
5 months ago Bitgrail Exchange Ordered Down Indefinitely as Italian Court Upholds Halt
4 months ago Bitgrail Bitcoin Assets Taken by Italian Government, Victims Still Fuming
7 months ago Bitgrail’s $170M Hack Continues to Provide Drama
5 months ago Most Masternode Coins Are a Scam
7 months ago Verge Is Forced to Fork After Suffering a 51% Attack

Stay on top of Altcoins and ICO trends.

Subscribe to our free Weekly Cryptomarket report

Delivered once a week, strongly to your inbox.

Subscribe to our mailing list
October 12, 2018

Win $100 of Bitcoin Cash in Bitcoin.com’s Paper Wallet Design Contest

Over the next few weeks, Bitcoin.com is hosting a paper wallet design contest to create a beautiful cold storage visual graphic for bitcoin enthusiasts around the world. The competition is open to everyone and the winning entry will receive $100 worth of bitcoin cash. Also Read: Bitcoin.com...

From: Bitcoin.com

The Daily: Kanye Teaches Opsec, Crypto Foes Join Forces

The last 24 hours has been one of those all-too-rare periods in which the cryptosphere unites against a shared enemy. We’ll detail who in The Daily, right after we’ve discussed blockchain spam, Blockfolio’s new funding round, and how we learned an opsec lesson from Kanye West. Also...

From: Kai Sedgwick

US Court Issues Emergency Order Halting a Planned Initial Coin Offering

An American court has put a stop to an initial coin offering (ICO) by a company claiming to offer “the first licensed and regulated tokenized crypto currency exchange & index fund based in the US.” The ICO promoters even invented their own regulatory authority, which seems to...

From: Avi Mizrahi

Largest South Korean Exchange Launches Crypto Market Indices

The largest crypto exchange in South Korea by trading volume, Bithumb, has launched two cryptocurrency market indices. One tracks all coins listed on the exchange while the other tracks only altcoins. Meanwhile, Upbit, the country’s largest crypto exchange by the number of coins listed, has...

From: Kevin Helms

Funny New Advert Shows Bitcoin Is on Google’s Mind

Google, which currently sits on the fence with regard to cryptocurrency, took an opportunity to throw shade at digital coins like bitcoin core and bitcoin cash during an advert for its new call-screening feature. In the minute-long segment, popular comedians dressed as Google employees mock...

From: Jeffrey Gogo

Facebook Purge Continues: 559 Pages, 251 Accounts Removed Ahead of US Elections

Facebook’s Nathaniel Gleicher, Head of Cybersecurity Policy, and Oscar Rodriguez, Product Manager, announced that “Today, we’re removing 559 pages and 251 accounts that have consistently broken our rules against spam and coordinated inauthentic behavior.” It is another decision to purge...

From: C. Edward Kelso
Upcoming ICO's
This week overview
Token Name Starts
Utile Network (UTL) logo Utile Network (UTL) 1 days
Virtual Rehab (VRH) logo Virtual Rehab (VRH) 2 days
CDRX (CDRX) logo CDRX (CDRX) 6 days
Cryptocurrency rates
*Last hour average price&change
Coin Name Price Hour
Bitcoin logo BTC $6387.57555939 0.22%
Ethereum logo ETH $210.0554363 0.11%
Ripple logo XRP $0.517001921 -0.37%
Bitcoin Cash logo BCH $519.351578309 0.89%
Stellar logo XLM $0.2685322538 0.13%
EOS logo EOS $5.4002592224 0.07%
Litecoin logo LTC $50.6529163991 0.03%
Cardano logo ADA $0.0761094116 0.06%
Monero logo XMR $105.449789649 -0.19%
Tether logo USDT $0.9891299749 -0.21%
Tronix logo TRX $0.0224872153 -0.43%
DigitalCash logo DASH $162.674580133 -0.27%