Bitcoin is the best thing that ever happened to bored applied cryptographers: it's a public database of keys and signatures made by quickly developed software that, when broken, drops money as if it was loot. This talk will look at mistakes old and new that enabled attacks: from ECDSA repeated nonces to using Math.random to make keys, from double spending and transaction malleability to crappy brainwallets. The bad news is that most vulnerable wallets were emptied a long time ago. The good news is that we get to look at how (and how fast) "cryptocriminals" operate in the process. In any case, new tools that implement some of the attacks will be demoed and released. No need to be a Bitcoin or crypto wizard - everything you need in order to understand what those poor victims didn't will be explained.