Silk Road 2 moderator Defcon wrote a post in a forum that hackers used a transaction malleability exploit to hack the marketplace. Hackers gained around 4,474.26 Bitcoins that were worth around $2,747,000. The website’s escrow account was emptied.
Silk Road 2 has a central escrow service to send Bitcoins from buyers to sellers. Hackers exploited the transaction malleability bug, which is a way that users can mask transfers and ask for the same amount of Bitcoin multiple times.
According to TechCrunch, this is the same bug that forced Mt. Gox to halt withdrawals recently. The hackers used Silk Road’s automatic transaction verification system to order from each other and request refunds for unshipped goods. The hackers were able to use the transaction malleability bug since Silk Road used only transaction ID to confirm transfer of Bitcoins. Silk Road 2 claims that six vendors colluded to exploit the system by ordering from one another and submitted circular refund requests.
?Given the right flavor of influence from our community, we can only hope that he will decide to return the coins with integrity as opposed to hiding like a coward,? wrote Defcon. The website’s users are trying to track down the thief now.
Around 95% of the theft is suspected to be French person. These are the six vendor accounts that were used to order from each other:
Bitcoin’s price dropped by around 50 points as a result of the news. Now it is worth around $600 USD per Bitcoin.