A high-tech heist worth £60m (about $98m US) went down over the weekend, and the internet is looking for the guy who did it.
One of the largest heists in bitcoin history is happening right now. 96,000 bitcoins – that’s roughly £60m as of the time of writing – was taken from the accounts of customers, vendors and administrators of the Sheep Marketplace over the weekend.
Sheep was one of the main sites that came to replace the Silk Road when it closed in October, but it too has now closed as a result of this theft. It’s a little hard to work out exactly what’s happened, but Sheep customers have been piecing it together on reddit’s r/sheepmarketplace.
Here’s what happened: someone (or some group) managed to fake the balances in peoples’ accounts on the site, showing that they had their bitcoins in their wallets when they’d actually been transferred out. Over the course of a week the whole site was drained, until the weekend when the site’s administrators realised what was happening and shut everything down.
Originally it was thought that only 5,200BTC – or £3m – was taken, with a message posted on Sheep’s homepage blaming a vendor called “EBOOK101″ for finding and exploiting a bug. However, over the weekend it became clear that the amount stolen was much, much larger.
In a normal robbery that money would be gone by now, but it isn’t. Bitcoin is pseudonymous, not anonymous, and bitcoins can’t just disappear. It works because each and every transaction is public and visible to each and every other person using the Bitcoin network, and a person is only as anonymous as their link to their wallet.
A couple of reddit users realised that the sheer size of the heist makes “tumbling” the coins – the normal method of laundering bitcoins – impossible, as long as they kept on their toes. Someone with bitcoin can send some to a tumbler like bitcoinfog, where it will be split into smaller subdivisions and mixed with other bitcoins from other places, recombining and splitting again several times over until the whole amount eventually comes out the other end, theoretically in such a way that it’s impossible to track. Silk Road’s in-built tumbler successfully foiled the FBI, allegedly.
However, reddit user TheNodManOut managed to track where the first bunch of transfers out of Sheep went, and from there and silkroadreloaded2 worked out which tumbler that the thief was using. Here’s how silkroadreloaded2 describes what’s happened since (“Tomas” is the alleged owner of Sheep, and one of the suspects for many users):
All day, we’ve been chasing the scoundrel with our stolen bitcoins through the blockchain. Around lunchtime (UK), I was chasing him across the roof of a moving train, (metaphorically). I was less than 20 minutes, or 2 blockchain confirmations, behind “Tomas”.