Retailer Overstock experienced a glitch in their system that allowed customers to pay for goods using Bitcoin Cash rather than Bitcoin, which is valued at a fraction of what Bitcoin is.
Not Quite a Discount
Online retailer Overstock is known for their many deals and sales, but a glitch on the company’s website allowed customers to get an unexpected bargain.
Overstock’s website gave customers the option to pay with either Bitcoin or Bitcoin Cash interchangeably. Although a seemingly small error, the two cryptocurrencies hold vastly different values. According to Coin Market Cap, Bitcoin is valued at approximately $14,000 while Bitcoin Cash sits at a value of about $2,566. Customers taking advantage of this mistake would also have had the possibility of cancelling the order and being refunded in Bitcoin, making a profit as a result.
The glitch was first reported by Brian Krebs, an independent journalist of KrebsOnSecurity. Krebs exemplified how to pull off the heist when he purchased solar lights off the website.
Overstock instructed Krebs to send 0.00475574 worth of Bitcoin to their address for the lights, a price of $78.27, but he sent the payment in Bitcoin Cash instead. By sending the payment in Bitcoin Cash, he essentially paid $12.02 for the lights. Worse yet, when he requested a refund, it was processed, approved, and paid out in Bitcoin.
The glitch in the system becomes exponentially more alarming as the price of the item purchased increases. Krebs mentioned the possibility of buying a diamond ring priced at $100,000 from the website and repeating the same steps to make $85,000 almost instantly.
Fixing a Potentially Costly Error
When made aware of the issue, Overstock quickly reached out to Coinbase, their partner in allowing Bitcoin payments on their website, to resolve the issue. The company also issued a statement to Mr. Krebs, stating:
We were made aware of an issue affecting cryptocurrency transactions and refunds by an independent researcher. After working with the researcher to confirm the finding, that method of payment was disabled while we worked with our cryptocurrency integration partner, Coinbase, to ensure they resolved the issue. We have since confirmed that the issue described in the finding has been resolved, and the cryptocurrency payment option has been re-enabled.
Despite the Coinbase and Overstock working together to solve the problem, neither company seems to want responsibility for the glitch.
Coinbase quickly released a statement claiming the glitch was “caused by the merchant partner improperly using the return values in our merchant integration API,” while also noting that no other Coinbase customer had this problem. On the other hand, Overstock argues they didn’t change any of the underlying code on their site.
There have been no reported instances of customers abusing the glitch to receive money as of yet.
Will we see more instances of glitches like this occurring as more retailers begin to accept cryptocurrency, or is this an isolated incident? Let us know in the comments below!
Featured Image courtesy of Pexels