The second incarnation of the Silk Road has run into some trouble, with the administrator known as Defcon claiming today the site has fallen victim to a hack, and that all the associated accounts have been emptied. Judging by the blockchain records, attackers made off with roughly $2.7 million in bitcoin, the site's complete holdings.
The site is still officially active
According to Defcon, the hack exploited the same "transaction malleability" bug that caused temporary shutdowns at Mt Gox and BitStamp earlier this week. He claims a vendor exploited the bug during a vulnerable moment in the site's relaunch process, initiating and hiding a flood of transactions until the accounts were emptied. The process required unusually lax security procedures by the site, with little separation between vendor wallets and escrow holdings, but given the scrappy nature of the endeavor, it's entirely plausible that an enterprising and unscrupulous vendor would be able to pull off the heist.
In the meantime, the Silk Road project is left in a difficult position. The site is still officially active, but the administrators have implemented strict new security protocols that will make transactions significantly more difficult. Most importantly, the site has given up on holding funds in escrow entirely, which many experts say will make transactions significantly easier to track between buyer and seller.