Bitcoin Exchanges React to OpenSSL Heartbleed Bug

Super User
By Super User April 8, 2014 08:25 Updated

Newsletter

Bitcoin Exchanges React to OpenSSL Heartbleed Bug

Tip button

Heartbleed Logo

Over the past twelve hours, there web has been abuzz with news of an OpenSSL (an encryption library in use by many sites on the web) bug that has been deemed rather serious.

As a primer, a description from Heartbleed.com:

The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop communications, steal data directly from the services and users and to impersonate services and users.

The bug was discovered by IT security firm Codenomicon, and the news is not only rippling through the bitcoin community, but the entire internet.

Bitstamp Reacts

Popular bitcoin exchange Bitstamp announced on Tuesday morning via Twitter that they’ve turned off ‘accregistration’ (which we assume to be account registration), account log-ins, and withdrawals until they are protected from the Heartbleed bug.

The measure is precautionary. The tweet was followed up with this note on the exchange’s website:

Dear Bitstamp clients,

After reported vulnerabilities in OpenSSL, we applied necessary patches to our system. Incapsula, our DDOS mitigation provider is still working patching their system.

In order to provide required security, both system need to be patched. We are in constant contact with Incapsula and are working with them to complete necessary procedures. Until then Bitstamp has decided to temporally deactivate:

-account registration, -account login -and all virtual currency withdrawal functions

We will keep you updated on the progress.

Thank you for understanding.

Best regards
Bitstamp team

Bitfinex

Exchange Bitfinex also announced via Twitter that they’ve halted withdrawals for about ten hours and they’re urging customers to change their credentials as soon as possible.

Other Exchanges

A user on social sharing website Reddit listed exchanges at risk of the Heartbleed bug. They include BTC-e, Bitcurex, BTC China, Cryptsy, and more.

Tip button
Super User
Super User  → administrator
A bitcoin enthusiast residing in Massachusetts, Eric got his news-writing start on his own technology blog from 2009-2011. He's also written for PetaPixel - a prominent photography blog. By day, he works in IT and has worked as a wire photographer for Retna. Updated

Common Banner Common Banner