Because of its resistance to censorship and relative anonymity, Bitcoin lends itself well to criminal activity. This aspect may be considered regrettable, but is inseparable from the ideal of independence and freedom carried by the cryptocurrency. That's why Bitcoin was so quickly associated with shady affairs that were widely reported in the mainstream press.

Bitcoin is particularly suited to cybercrime, which is rampant on the Internet and previously lacked a currency that was both digital and elusive. From 2011 onward, a number of thefts and scams occurred involving the cryptocurrency. By May 2012, these dramatic events had multiplied to such an extent that a "List of Major Bitcoin Heists, Thefts, Hacks, Scams, and Losses" was posted on the forum. This list, updated regularly, would become so large over the years that a second thread should be opened in 2014 to record all incidents.

In this final chapter devoted to the Wild West of finance, we'll focus on describing the major events that took place during the first part of 2012. We'll be talking, of course, about the three hacks of Bitcoinica, which ultimately caused its downfall and ruined its users. We'll tell the story of Tony76's April 20 scam on Silk Road. We'll analyze the growth and collapse of the first Ponzi scheme, Bitcoin Savings & Trust. And we'll analyze the BTC-e and Bitfloor hacks, which took place in the summer of 2012.

We'll end the chapter with a general conclusion to what we hope has been an instructive course. But before that, let's get down to business!

Bitcoin-related cybercrime has been on the rise ever since the cryptocurrency was popularized in 2011. The summer of 2011 was particularly hot, with the infection of Allinvain's computer (resulting in a loss of 25,000 BTC, or $500,000), the Mt. Gox hack and its repercussions (involving at least 6019 BTC, or $105,000), and the MyBitcoin theft (of 78,740 BTC, or $1,000,000). We could also mention bitcoin mining by zombie machines, which initially appeared during this period: the practice was not very profitable, but foreshadowed the Cryptolocker ransomware of 2013.

In 2012, "cryptocriminality" took on a whole new dimension, and thefts of all kinds followed. The first event was the hacking of the Linode hosting service on March 1. On that day, a hacker accessed the company's customer service portal and took control of eight accounts, all of which were linked to Bitcoin. By accessing the active wallet hosted on Linode's servers, he was able to seize the bitcoins of the customers concerned.

Among these customers was the trading platform Bitcoinica, run by the young Chinese Zhou Tong. It lost 43,554 bitcoins, or over $210,000. However, the company remained solvent thanks to investors' money.

The hacker also got his hands on 3,094 bitcoins belonging to BitcoinCZ Mining, Slush's mining pool. These bitcoins, worth over $15,000 at the time, were held on the mining pool's hot wallet for payment to its members. Slush was personally covering the loss.

Finally, the third affected was Gavin Andresen's Bitcoin faucet. The service only lost 5 BTC (around $25), but this incident will prompt Gavin to want to improve its security, leading him to close it "for maintenance" during the year. The bitcoin tap will never reopen.

One month later, the Betco.in online poker platform, managed by Pavel Karoukin since 2010, was hacked. On April 11, all the money stored on Pavel's server and personal computer was siphoned off on April 11: a total of 3,171 bitcoins, or almost $16,000. As a result, he was forced to close down the service and put it up for sale, after reimbursing users as best he could.

Because of its notorious activities, the Silk Road marketplace was not immune to regrettable incidents either. On April 20, 2012, a major scam, later dubbed "The Great 420 Scam", was perpetrated by a seller using the pseudonym Tony76. This was a Canadian seller, who had been registered on the site since January 2012 and regularly shipped MDMA, cocaine and heroin to Canada and the USA. At that time, he had made over 500 sales, and his review thread on the Silk Road forum exceeded 1,000 posts.

It was thanks to this impeccable reputation that he managed to pull off his scam. The platform's reputation system was not perfect: bitcoins could be placed in escrow, but this takes time and exposes the seller to exchange rate fluctuations. This was why trusted sellers often ask users to opt for early finalization. Tony76 systematically required this option to be activated.

April 20 was an emblematic date for cannabis consumers in North America. So, on Silk Road, numerous discounts were posted on the site. On April 17, Tony76 announced to participate, his reason being that "all these incredible deals from other vendors" had "made me want to go for it" and "awakened my competitive side a bit". He also announced that he was opening orders to international buyers for the first time. On the evening before the fateful day, he offered all kinds of products at reduced prices: cannabis, MDMA, LSD, ketamine, cocaine and heroin.

His good reputation led to a steady stream of orders. Throughout April 20 and beyond, he continued to interact with customers, but disappeared completely from the forum on the 25th. After a week, users start to worry. They soon realized that they've been duped.

It was estimated that Tony76 obtained between $100,000 and $250,000 in this way, for an amount running into tens of thousands of bitcoins. This incident constituted the biggest heist in Silk Road's history, if we omit the seizure by US agencies that occurred in October 2013.

2012 was also marked by the collapse of margin trading platform Bitcoinica, which came after two more hacks.

As we explained in a previous chapter, Bitcoinica had been a great success since its launch in September 2011. It was managed by Zhou Tong, real name Ryan Zhou, who was just 17 years old at the time. In November, an American investment fund offered to buy the platform "for a good price" and pay him a generous salary: it was the Wendon Group, represented by a certain Tihan Seale and linked to Peter Vessenes' CoinLab incubator. Zhou Tong accepted "due to regulatory concerns": he was still a minor from a legal point of view and therefore could not set up a company to carry out his business properly. The handover took place in January 2012.

Zhou Tong continued to manage the platform until spring. In March-April, Bitcoinica LP was established in New Zealand and registered as a financial services provider with the Financial Markets Authority. On April 24, thanks to Tihan Seale's negotiations, Zhou Tong was joined by the members of Bitcoin Consultancy (Amir Taaki, Patrick Strateman and Donald Norman), who were already managing several projects including the Intersango foreign exchange platform. They formed a special company for the occasion, called Bitcoinica Consultancy Ltd. So, despite the loss of 43,000 bitcoins in the Linode hack (covered by the investment fund), Bitcoinica seemed to be on the right track.

However, things didn't go as planned, as a second hack occurred shortly afterwards. On May 11, 2012, a hacker gained access to the Bitcoinica email server (which was hosted by Rackspace) and used the forget password feature to log into the platform with one of the administrator accounts. He managed to withdraw 18,574 bitcoins, or almost $92,000. In addition, he got his hands on the user database, which he copied and deleted from the server. There was no backup of this database, so the event was catastrophic. Platform operations were suspended within the hour.

On May 13, Zhou Tong published a long message on the Bitcoin forum in which he announced that he was "leaving Bitcoin". He explained that "this isn't related to the Bitcoinica hack", and that it was based on the lack of meaning brought by his work. He felt that he had failed to "generate value for the society", considering that "speculation is a zero-sum game". He wanted to "build products that save people time, money and headaches", and Bitcoin "doesn't help address my real need". At that time, he moved to Australia to continue his studies, and he wanted to keep pursuing entrepreneurial activities, notably with a project called NameTerrific. He remained attached to Bitcoin, however, and claimed to keep a Casascius coin worth 1,000 bitcoins. He returned in 2013, co-founding CoinJar, an Australian exchange platform.

Crisis management had been entrusted entirely to the Bitcoin Consultancy. In a blog post published on May 15, they announced "are choosing to leave Bitcoinica offline until such time as a new platform can be built and tested with security best-practices built-in from scratch", for a period "measured in months". However, they still needed to provide a way for users to recover their bitcoins, which was a complex task (to say the least) in the absence of a database! The plan was to pay 50% of the funds to the creditors, and then pay the remaining half at a later date, so as to limit the effects of an error. Each creditor must provided relevant information such as copies of e-mails sent by Bitcoinica, Mt. Gox codes used, deposit and withdrawal transaction identifiers, a copy of his or her ID, and so on.

The process was slow. The first payments took place on June 13, and involved less than 1% of customers. By early July, 27% of funds had been paid out (54% if partial repayments were taken into account). By mid-July, this percentage had risen to 38% (76% reimbursed at 50%).

However, something unexpected happened again. On July 7, Amir Taaki, who was in conflict with Bitcoinica's management, released the platform's full source code. This source code contained a API key, which also happened to be the password giving access to Bitcoinica's LastPass safe, containing some of his passwords, including that of his Mt. Gox account. On July 13, a hacker exploited this vulnerability and managed to withdraw 40,000 bitcoins and 40,000 LR-USD from Mt. Gox (the upper limit), representing almost $350,000! This brought the total amount lost by the platform (in dollars) to over $650,000.

Amir Taaki pointed out that the money stolen in this latest hack corresponded to a third of the funds still to be repaid, meaning that the platform was bankrupt. This panicked users waiting for their refund, including Roger Ver (who kept 25,000 bitcoins on the platform) or French trader Émilien Dutang (who had just over 5,000). Zhou Tong, who benefited greatly from his sale in January, showed generosity and promised to contribute 5,000 BTC to the refund. Two days later, thanks to Zhou Tong's donation and voluntary contributions from the community, the creditors who had applied (including Roger and Émilien) were reimbursed at 6.24%.

On July 26, a new development took place: Zhou Tong was suspected of being responsible for the third hack by Roberto Gutierrez (CEO of the AurumXchange platform), Charlie Shrem (BitInstant) and Mark Karpelès (Mt. Gox). It turned out that Zhou Tong's account was used by the hacker to sell Mt. Gox codes on AurumXChange, directly linking the Chinese to the theft. Zhou Tong denied responsibility and instead accused a former associate of his, a certain Chen Jianhai, who allegedly accessed his account.

Ultimately, this latest hack would have sounded the death knell for the margin trading platform. The liquidation of Bitcoinica would be announced on August 1, 2012 by Tihan Seale and would be made effective in October. A reliable replacement would also emerge during October, with the creation of Bitfinex.

Bitcoin can also be used to revive old schemes, particularly those based on the lure of profit. Ponzi pyramids, which rely on the influx of new entrants to pay those who claim their interest, are one such scheme.

In the Internet age, pyramid schemes often took the form of high-yield investment programs (HYIPs), which promisd abnormally high interest rates for short periods to encourage their customers to deposit money quickly. They had flourished in the spheres of alternative currencies such as e-gold and Liberty Reserve. In 2011-2012, one of the largest such schemes was the MMM-2011 pyramid scheme run by Russian Sergei Mavrodi.

It was clear that the Bitcoin community was not immune to this type of scam, and high-yield programs were multiplying over the months. There was the Brazilian site Bitcoin Rain, for example, which opened in October 2011 and promised 12% returns per month, or 290% per year. But the most important of these was Bitcoin Savings & Trust.

The fund was launched by Trendon Shavers, a 29-year-old Texan father. He called himself PirateAt40 on the Bitcoin forum and on IRC, in reference to Jimmy Buffett's 1974 song "A Pirate Looks At Forty", in which a modern-day drug dealer laments being born too late to have been a buccaneer.

At the end of 2011, Trendon was active on the OTC exchange channel #bitcoin-otc, where it acquired a good reputation. He sold bitcoin at a higher exchange rate than on Mt. Gox; and, faced with strong demand, he began to take out loans from trusted individuals. On November 3, 2011, he announced on the forum to be "looking for lenders" in order to operate as a local reseller (via cash exchange services and Craiglist). He offered two ways to lend money. One method, called "storage", and to be renamed "savings", involved leaving money on deposit against an interest rate that could be sent to a specific address or reinvested. The promised interest rate was 1% per day, which represented a 37-fold increase in the initial investment in just one year!

Trendon claimed to have "created my own custom management software that I've built to monitor deposits, withdrawals and interest payments". He initially managed customer investment via private message on the forum, before deploying an interface at Btclending.com a month and a half later. At the same time, Trendon opened a mining cloud service, called GPUMAX, which enabled users to lend and borrow mining power.

At the beginning of 2012, the investment plan was simplified and offered weekly interest payments. Interest rates were graduated according to the amount invested, to encourage larger deposits: 100 BTC earned 4.2% per week, while 1,000 BTC (and more) earned 7%. Registrations went now only through referral (allowing existing members to earn more). A minimum amount of 100 BTC (approx. $570) was introduced to eliminate the need to deal with small lenders. This new barrier to entry led to the emergence of intermediaries, notably through the issue of bonds (known as "Pirate passthroughts" or PPT) on GLBSE.

In January, the name of the fund became First Pirate Savings & Trust, referring to the name of certain American banks. In April, the service changed its name again and became Bitcoin Savings & Trust (BTCS&T). The interface was upgraded and hosted at BTCST.com.

Trendon explained that his revenue came from three sources of profit. The first was the local resale of bitcoins, as the exchange rate was higher on OTC markets than on Mt. Gox. The second was "market arbitrage" between the various exchange platforms, which (in reality) was more akin to speculation and price manipulation. The third source of income was the lending of bitcoins to people with whom Trendon was in contact. This was fast becoming the main activity of his system.

The success of Bitcoin Savings & Trust was phenomenal. At its peak, the total bitcoins managed by the fund would reach over 500,000 bitcoins, or around 5% of the 9.7 million bitcoins in circulation!

Of course, the relatively opaque operation of BTCS&T attracted suspicion. As early as November, the first response to the announcement on the forum came from a certain ElectricMucus, who remarked that what Trendon was offering "smells like a classical HYIP scam". As the months passed and BTCS&T became more and more successful, more and more accusations were made by well-known members of the community, including Matthew N. Wright, Mircea Popescu and Vitalik Buterin. One forum user (Vandroiy) even went so far as to bet 5,000 BTC with Trendon that BTCS&T would default before October 2013.

The end came in the summer. In June, the price of bitcoin rose from $5 to $6.5, putting pressure on Trendon, whose debts were denominated in bitcoins. In early July, in the face of uncertainty, he announced to lower the interest rate to 3.9% for all amounts and open registration to all, which became effective on August 14. Unfortunately, this reduction intensified the number of withdrawals by customers, who sensed that something was amiss.

On August 17, 2012, Trendon finally made the decision to close BTCS&T. He reimbursed his closest collaborators, but a majority of people were hurt. The repercussions of this closure were felt, particularly on the market. The price on Mt. Gox immediately plummeted, halving in the space of 48 hours from a local high of $15.4 on the 17th to briefly below $8 on the 19th. In the days that followed, it stabilized at around $10, before recovering to an acceptable level.

The losses were colossal. According to further analysis by SEC investigator Daphne Downes, they amounted to around 263,000 bitcoins, or $1.8 million at the time of their investment in BTCS&T.

Trendon would later claim not to be responsible: "one of my largest clients decided they would make things difficult for me", by stealing 202,000 bitcoins as part of an unsecured loan. However, the activity of the fund's address would not confirm this information.

Last but not least, the 2012 series of hacks continued over the summer. Two thefts took place: BTC-e in July and BitFloor in early September. These two incidents served to heighten the sense of insecurity surrounding exchange platforms.

The BTC-e hack occurred on the night of July 30-31, around midnight. The API key linked to BTC-e's Liberty Reserve account was compromised, enabling the hacker to make fictitious deposits, with which he obtained bitcoins, namecoins and litecoins, exaggerating their price. He managed to withdraw the equivalent of 4,500 bitcoins, representing over $42,000. However, the losses were offset by the platform. All exchanges made after the hack were cancelled, and activity resumed at around 3 p.m.

The Bitfloor hack, which took place in September, was more significant. BitFloor was an American exchange platform based in New York. It was launched in October 2011 by a 25-year-old named Roman Shtylman, with the help of a friend. The platform managed to quickly attract users by rewarding liquidity providers (makers) with "rebates" credited upon exchange execution. In May 2012, BitFloor also began accepting cash deposits, a very attractive feature as we explained.

At the end of summer 2012, BitFloor represented a rising platform: it was the fourth-largest platform in terms of dollar trading volume, behind BTC-e, Bitstamp and above all Mt. Gox. In August, a Bitcointalk member predicted that "bitfloor will have the #2 spot in BTC trade volume", adding that "exchanges at #2 have a terrible track record".

He couldn't have been more right. On the night of September 3 to 4, 2012, a hacker accessed some of Bitfloor's servers and got his hands on an unencrypted backup of the wallet keys. The vast majority of the platform's bitcoins were withdrawn: just over 24,000 BTC, or around $250,000 at the time. Exchange activity was suspended as a result.

On September 21, Bitfloor reopened its doors. Roman Shtylman announced this on the platform's Google+ blog, where he stated that he is "committed to keeping Bitfloor alive, strong, and growing for the bitcoin ecosystem". Customers' bitcoin balances were not restored, however. The plan was to make refunds using revenue from exchange fees.

As the months went by, Bitfloor recovered and managed to repay 2.7% of bitcoins to its creditors. Nevertheless, the platform would eventually close for good in April 2013, following the closure of its US bank account. Its hacking would thus have been one of the major thefts of 2012, alongside incidents linked to Bitcoinica and the collapse of Bitcoin Savings & Trust.

Whatever one may say, Bitcoin was indeed a currency of crime in the period between 2011 and 2012, being particularly used in the case of thefts of all kinds. This was evident as early as the summer of 2011, with the Allinvain trojan, the Mt. Gox hack, the MyBitcoin theft and the Bitomat loss. In 2012, notable incidents included the Linode hack, the Tony76 scam on Silk Road, the Bitcoinica hacks, the Bitcoin Savings & Trust collapse and the Bitfloor hack. In the years that followed, platforms improved their security and mistrust became more insistent, but this didn't stop hacks and scams from multiplying.

Robberies weren't the only reprehensible acts. We can also mention the blackmail against Republican presidential candidate Mitt Romney, carried out in September 2012 by Michael Brown (aka Knightmb). The latter demanded to receive $1 million in bitcoins and, failing that,threatened to leak some of the politician's tax documents.

The media tended to highlight these sordid affairs, probably because of their natural negativity bias and conformism with the conventional financial system. Bitcoin had to be portrayed in a spectacular light, just as Hollywood's westerns portrayed the Wild West as a land of lawless people stealing, cheating and killing, even though the reality was much more subtle (bank robberies in the Wild West were infrequent for example). Most interactions within the bitcoin community were voluntary acts; hacks, thefts and other scams remained minority, one-off events, although their effect on the Bitcoin economy was sometimes devastating.

Bitcoin's disastrous image had a repulsive effect on the general population and, in turn, encouraged state intervention. Illegal and criminal activities aroused the interest of state agencies, particularly the FBI. In an internal report from the Bureau that leaked in May 2012, the following consideration thus appeared:

The hornet swarm Satoshi Nakamoto had feared in December 2010 had arrived, bringing with it state repression and all that goes with it. In the years to come, many players in the ecosystem would be called to account by the authorities. Regulation of foreign exchange platforms, which was in its infancy in 2012, was to take root. Financial supervision would develop with the generalization of customer knowledge and the emergence of chain analysis.

To remedy these risks, a communications effort was needed. The Bitcoin community needed to improve its image. It had to be made clear that it wasn't used only by criminals, that bitcoin wasn't used exclusively for money laundering and terrorist financing. The discourse had to be reworked, to avoid attracting attention and become acceptable in the eyes of the general population. The authorities had to be courted through lobbying, to avoid a complete ban. All this resulted in the creation of the Bitcoin Foundation on September 27, 2012, a pivotal date in Bitcoin's history.

By the end of 2012, the Wild West of finance was already in decline. The share of conventional trade joined that of drug trafficking in March 2013, when BitPay's volume surpassed that of Silk Road. But above all, speculation grew profoundly, causing a prodigious rise in the exchange rate: while it had stagnated between $5 and $15 throughout 2012, the price of bitcoin skyrocketed from January 2013 onwards, surpassing the former peak of $32 in February, reaching $266 in April and peaking at $1,240 by the end of the year.

This rise was accompanied by the emergence of a new way of dealing with bitcoin, all the more so as the first halving had just taken place: rather than an exchange currency facilitating illicit activities, it was gradually seen as an investment vehicle, like digital gold kept in a vault. This shift in discourse naturally created its own set of tensions.

The increase in speculation was also good news for Mt. Gox, which grew considerably larger and richer as a result. However, the market's leading foreign exchange platform was amateurishly run and totally unprepared for such demand. And so it would meet with a tragic fate...

The course on the construction of Bitcoin between spring 2011 and summer 2012 ends here. The next period of cryptocurrency history, that of Bitcoin's irresistible rise, will be covered in the next course, God willing.