Science & Tech 2 December 2013 There's a £60m Bitcoin heist going down right now, and you can watch in real-time Sheep Marketplace closed down over the weekend after someone got away with 96,000 bitcoins - and angry users are chasing him around the internet. Sign up for our weekly email * Print HTML One of the largest heists in bitcoin history is happening right now. 96,000 bitcoins - that’s roughly £60m as of the time of writing - was taken from the accounts of customers, vendors and administrators of the Sheep Marketplace over the weekend. Sheep was one of the main sites that came to replace the Silk Road when it closed in October, but it too has now closed as a result of this theft. It’s a little hard to work out exactly what’s happened, but Sheep customers have been piecing it together on reddit’s r/sheepmarketplace. Here's what happened: someone (or some group) managed to fake the balances in peoples’ accounts on the site, showing that they had their bitcoins in their wallets when they’d actually been transferred out. Over the course of a week the whole site was drained, until the weekend when the site's administrators realised what was happening and shut everything down. Originally it was thought that only 5,200BTC - or £3m - was taken, with a message posted on Sheep's homepage blaming a vendor called "EBOOK101" for finding and exploiting a bug. However, over the weekend it became clear that the amount stolen was much, much larger. In a normal robbery that money would be gone by now, but it isn't. Bitcoin is pseudonymous, not anonymous, and bitcoins can’t just disappear. It works because each and every transaction is public and visible to each and every other person using the Bitcoin network, and a person is only as anonymous as their link to their wallet. A couple of reddit users realised that the sheer size of the heist makes “tumbling” the coins - the normal method of laundering bitcoins - impossible, as long as they kept on their toes. Someone with bitcoin can send some to a tumbler like bitcoinfog, where it will be split into smaller subdivisions and mixed with other bitcoins from other places, recombining and splitting again several times over until the whole amount eventually comes out the other end, theoretically in such a way that it’s impossible to track. Silk Road’s in-built tumbler successfully foiled the FBI, allegedly. However, reddit user TheNodManOut managed to track where the first bunch of transfers out of Sheep went, and from there and silkroadreloaded2 worked out which tumbler that the thief was using. Here’s how silkroadreloaded2 describes what’s happened since (“Tomas” is the alleged owner of Sheep, and one of the suspects for many users): All day, we've been chasing the scoundrel with our stolen bitcoins through the blockchain. Around lunchtime (UK), I was chasing him across the roof of a moving train, (metaphorically). I was less than 20 minutes, or 2 blockchain confirmations, behind "Tomas". He was desperately creating new wallet addresses and moving his 49 retirement wallets through them, but having to wait for 3 or 4 confirmations each time before moving them again. Each time I caught up, I "666"ed him - sent 0.00666 bitcoins to mess up his lovely round numbers like 4,000. Then,all of a sudden, decimal places started appearing, and fractions of bitcoins were jumping from wallet to wallet like grasshoppers on a hotplate without stopping for confirmations. Shit! He was tumbling our stolen bitcoins a second time, and a tumbler is unbeatable.... Unless you guess which one it is, nearly all the coins belong to the person you're tracking, jump in with him, and get jumbled up through the same wallets using the same algorithm. I was hopping from foot to foot shouting "come on!" at my laptop, waiting an age for 6 blockchain confirmations to get 0.5 btc into "bitcoin fog". My half a bitcoin got sliced and diced through loads of wallets and I followed the biggest chunk with blockchain.info - along with 96,000 stolen ones! Or, in other words: He gathered 96,000 in one pot, then split it into about 50 smaller ones. then he saw me 666ing them all. Imagine a sports stadium with 96,000 people in it, each with $1000. He sent them all via different routes all over the world, but the same 96,000 people then arrived at a different stadium and he went to bed. Now there are 96,001, and I just phoned you on my mobile to tell you where the stadium is. A major problem with tumblers is that they only work with lots of bitcoins coming and going from a lot of different sources - if a tumbler is taking in 96,000 bitcoins, those will massively outnumber all other bitcoins being tumbled and it’ll be easy to spot them coming out the other end. Mix in a little of your own with all those other ones and you'll find out the wallet addresses that the tumbler uses, and it should be easy to spot large transactions splitting off from there. The fascinating consequence of this is that you can see the stolen bitcoins on the public blockchain, and as long as there are people keeping tabs on it there’s going to be no way for the thief to cash in on their haul. Considering how people rely on tumblers to maintain anonymity when buying illegal stuff online, this unusual loophole is something of a revelation. Right now, as you’re reading this, you can watch as the the thief starts trying to move their bitcoins on again - it’s currently down to 92,000 bitcoins and dropping as smaller chunks begin going out. Selling those bitcoins and turning them into cash is going to be extremely difficult, as the major Bitcoin exchanges all demand proof of identity (specifically to avoid charges that they're involved in money laundering), and if they're broken down into smaller quantities to sell via a site like localbitcoins.com a paper trail will still be generated. As soon as it's possible to link one real-life bank account or identity to any bitcoins from that stash, it will be possible to work out their real-life identity. This counts as one of the largest robberies in history at Bitcoin's current market value, ranking in the same company as real-life thefts like the $108m diamond theft at the Harry Winston store in Paris in 2008. 96,000 bitcoins also places the thief as one of the wealthiest Bitcoin millionaires on the current rich list (but bear in mind that few serious Bitcoin players keep their currency in just one wallet) - and all without having to go to the trouble of wearing balaclavas or threatening someone with a gun. Let's watch and see what happens next. › The divide between Scotland's people and its political class has never been greater Some fan-made physical bitcoins. (Photo: antanacoins/Flickr) Ian Steadman is a staff science and technology writer at the New Statesman. He is on Twitter as @iansteadman. More Related articles Flat Tummy Tea: why the ASA is cracking down on influencers shilling detox drinks The internet’s bigotry problem: how Google searches reveal our dark side “We’re not freaks, we’re not weirdos”: the online community that watches people die Subscription offer 12 issues for £12 + FREE book LEARN MORE Close This week’s magazine
Show Hide image Science & Tech 19 September 2017 The science and technology committee debacle shows how we're failing women in tech It would be funny if it wasn’t so depressing. Sign up to the Staggers Morning Call email * Print HTML Five days after Theresa May announced, in her first Prime Minister’s Questions after the summer recess, that she was "particularly keen to address the stereotype about women in engineering", an all-male parliamentary science and technology committee was announced. You would laugh if it wasn’t all so depressing. It was only later, after a fierce backlash against the selection, that Conservative MP Vicky Ford was also appointed to the committee. I don’t need to say that having only one female voice represents more than an oversight: it’s simply unacceptable. And as if to rub salt into the wound, at the time of writing, Ford has still not been added to the committee list on parliament's website. To the credit of Norman Lamb, the Liberal Democrat MP who was elected chair of the committee in July, he said that he didn't "see how we can proceed without women". "It sends out a dreadful message at a time when we need to convince far more girls to pursue Stem [Science, Technology, Engineering and Mathematics] subjects," he added. But as many people have pointed out already, it’s the parties who nominate members, and that’s partly why this scenario is worrying. The nominations are a representation of those who represent us. Government policy has so far completely failed to tap into the huge pool of talented women we have in this country – and there are still not enough women in parliament overall. Women cannot be considered an afterthought, and in the case of the science and technology committee they have quite clearly been treated as such. While Ford will be a loud and clear voice on the committee, one person alone can’t address the major failings of government policy in improving conditions for women in science and technology. Study after study has shown why it is essential for the UK economy that women participate in the labour force. And in Stem, where there is undeniably a strong anti-female bias and yet a high demand for people with specialist skills, it is even more pressing. According to data from the Women’s Engineering Society, 16 per cent of UK Stem undergraduates are female. That statistic illustrates two things. First, that there is clearly a huge problem that begins early in the lives of British women, and that this leads to woefully low female representation on Stem university courses. Secondly, unless our society dramatically changes the way it thinks about women and Stem, and thereby encourages girls to pursue these subjects and careers, we have no hope of addressing the massive shortage in graduates with technical skills. It’s quite ironic that the Commons science and technology committee recently published a report stating that the digital skills gap was costing the UK economy £63bn a year in lost GDP. Read more: Why does the science and technology committee have no women – and a climate sceptic? Female representation in Stem industries wasn’t addressed at all in the government’s Brexit position paper on science, nor was it dealt with in any real depth in the digital strategy paper released in April. In fact, in the 16-page Brexit position paper, the words "women", "female" and "diversity" did not appear once. And now, with the appointment of the nearly all-male committee, it isn't hard to see why. Many social issues still affect women, not only in Stem industries but in the workplace more broadly. From the difficulties facing mothers returning to work after having children, to the systemic pay inequality that women face across most sectors, it is clear that there is still a vast amount of work to be done by this government. The committee does not represent the scientific community in the UK, and is fundamentally lacking in the diversity of thought and experience necessary to effectively scrutinise government policy. It leads you to wonder which century we’re living in. Quite simply, this represents a total failure of democracy. Pip Wilson is a tech entrepreneur, angel investor and CEO of amicable More Related articles No, Virgin Trains East Coast, I will not bid for the “luxury” of first class The National Trust is right to bring gay history out of the closet I hate musicals. Apart from Guys and Dolls, South Pacific, Follies – oh, wait Subscription offer 12 issues for £12 + FREE book LEARN MORE Close This week’s magazine
