The hacker used social engineering to get in, contacting domain registrar Site5 posing as Shrem and using his place of birth and mother's maiden name (both in the public record) to gain access to the company's account.
"After gaining access, they redirected DNS by pointing the nameservers to hetzner.de in germany, they used hetzner's nameservers to redirect traffic to a hosting provider in ukraine," Shrem wrote. "By doing this, he locked out both my login and Gareths's login and they used this to hijack our emails and reset the login for one exchange (VirWox), enabling them to gain access and steal $12,480 USD worth of BTC."
"In addition to stealing the Bitcoins, the attackers have also managed to access internal company emails, but no sensitive information has been accessed because of the mandatory use of PGP encryption by members," writes Softpedia's Eduard Kovacs. "'Site5 is denying any damages, but we suspect this was partly their fault,' BitInstant representatives explained. The company says it will move to a more secure registrar."