One of Europe's largest bitcoin exchanges has been robbed by cyber criminals who helped themselves to more than $1 million worth of the virtual currency.
Called Bips, the Denmark-based exchange and online wallet service was first attacked on 15 and 17 November, before a third attack this week saw 1,295 bitcoins stolen, with a value at the time of publication of around $1.13 million (£700,000, €836,000).
The initial DDoS (distributed denial of service) attacks, which Bips states were "massive" and believed to be connected, were "found to originate from Russia and neighboring countries," the company said in a statement.
A subsequent attack disabled the site and overloaded its systems. The company said: "Regrettably, despite several layers of protection, the attack caused vulnerabilities to the system, which has then enabled the attackers to gain access and compromise several wallets."
The robbery comes soon after an anonymous Australian man had around $1.4m worth of bitcoins stolen from his online wallet service; this month also saw a Chinese exchange disappear, taking $4m of coins with it, all while the US Senate attempts to understand the crypto-currency and build legislation around it.
Due to the anonymous nature of bitcoins, such thefts are all but impossible to track. While the transaction itself can be seen publically - here is the 1,295 bitcoin theft from Bips - the identity of wallet owners is not known.
But Bips' explanation has raised concerns among users of the BitcoinTalk forums. One user who calls himself Pierre said: "There's is definitely something fishy here. DDoS attacks don't just 'cause vulnerability' in a system. Either a very important part of the story is being left out or Bips is making it all up. I don't see how [the DDoS attack] can 'cause vulnerability' leaving their system open for hackers?"
A forum user called Kris, who claims to work for the Bips exchange, posted to say: "It is imperative to understand that everything was wiped from our servers and getting functionality back is priority number one."
Regarding how many bitcoins were left in users' wallets after the attack, Kris said: "Most balances left are minuscule".
Another BitcoinTalk and Bips user, who claimed to have lost a wallet containing 90 bitcoins ($78,750), said: "On one side, bitcoin is the wild west, and I really doubt this was intentional on the part of Bips...but on the other side, I don't think anyone will be happy if Bips continues on as a viable business without some kind of compensation for waller holders."
Bips is now asking its affected users to grant the company permission to disclose their details to the police, although given the anonymous nature of bitcoin transactions, recovering any stolen funds will be almost impossible.