The New And Improved Silk Road Was Hacked And Someone Made Off With All Its Bitcoins

There's not much to see on Silk Road right now:

Screen Shot 2014 02 13 at 4.32.43 PM


The anonymous marketplace for illegal drugs has been hacked. Defcon, a pseudonymous administrator for the site, shares the following details:
Nobody is in danger, no information has been leaked, and server access was never obtained by the attacker.

Our initial investigations indicate that a vendor exploited a recently discovered vulnerability in the Bitcoin protocol known as "transaction malleability" to repeatedly withdraw coins from our system until it was completely empty.

Despite our hardening and pen-testing procedures, this attack vector was outside of penetration testing scope due to being rooted in the Bitcoin protocol itself.

You probably recall a major attack that went out against several major Bitcoin exchanges earlier this week, which was also made possible by transaction malleability. No money was lost then, but all bitcoins associated with Silk Road have been stolen, according to DeepDotWeb.

Defcon ends his missive with a notice on what to expect for the future. In short, they plan to rebuild and change the way money moves from buyer to seller using a technical "multi-signature" system possible through Bitcoin instead of a standard escrow. Those missing their Bitcoins are simply out of luck for now.