Just months after a high-profile takedown and prompt resurrection, the Internet's most famous black market, Silk Road, has suffered a theft of bitcoins worth millions. The administrators say the thieves took advantage of a bug in the virtual currency itself, but others suspect it may have been an inside job.
In a post on the Silk Road's official forums, only accessible via anonymizing service Tor, a staff member going by the name Defcon explained that a hacker had cleaned them out:
"Our initial investigations indicate that a vendor exploited a recently discovered vulnerability in the Bitcoin protocol known as 'transaction malleability' to repeatedly withdraw coins from our system until it was completely empty," wrote Defcon. The bitcoins, belonging to both Silk Road staff and users, were temporarily in a vulnerable state while the site was being upgraded.
The full post can be read at DeepDotWeb, which was among the first to report the theft.
Also included were records of all the transactions, which were helpfully parsed and totaled by Twitter user Nicholas Weaver. All told, Weaver calculated, nearly 4,500 bitcoins were taken, which at Thursday's exchange rates amount to about $2.5 million.
Although Defcon blamed the theft on a technical glitch, not everyone was convinced. Silk Road users responded with rage at having lost money; Bitcoin enthusiasts on Reddit and other news sites immediately began picking apart the supposed bug. Others pointed out the irony of people flocking to a site for selling illegal goods via anonymous online-only money — and then being surprised when something criminal occurs.
For now, speculation reigns, and experts will have to examine the theft carefully to determine what actually happened.