If you're looking to dive into the exciting world of Bitcoin, chances are you're going to get your start with Coinbase, one of the more reputable wallet services that boasts about $15 million (£9.2 million) in Bitcoin transactions per month. But even the best Bitcoin services can be prone to theft, and as The Verge found out, that susceptibility has lost users upwards of $40,000 (£24,450).
One user named Jeff confirmed to The Verge that hackers managed to swipe 10.6 Bitcoins (totaling around $10,000 or £6,112) from his Coinbase wallet in December of last year. He eventually got his money refunded, but barely a month later, Jeff fell victim to another attack, this time losing $7,000 (approx. £4,280) in addition to his original ten. While he was able to save the additional $7,000, which the hacker had used to make a new Bitcoin purchase, his original 10.6 Bitcoins were gone. Coinbase refused to refund him a second time.
It's not just Jeff, though; there have also been two other recent Coinbase thefts totaling $21,000 (£12,836). The thing is, it's not that Coinbase necessarily has some service-wide vulnerability; it's Coinbase's API key, which is the code that grants programmers access rights. Part of the appeal of Coinbase is that, according to The Verge, "the right API key will let any programme move bitcoins in and out of a given account." So as soon as the key is compromised, hackers pretty much have free rein to do whatever they want with your account.
More than just Coinbase's API, though, the anonymous nature of Bitcoin itself makes reversing transactions impossible and laundering money far too easy. So regardless of Bitcoin's appeal as an untraceable, anonymous form of payment, keep in mind that it may not quite be the watertight solution you're looking for. [The Verge]