Author

Topic: Alitin Mint Adam Smith Coins compromised! (Read 4324 times)

hero member
Activity: 796
Merit: 519
October 30, 2023, 10:17:32 PM
#95
Some unfortunate news for the Forsyth family. Wonder if it had anything to do with this rugging

https://cointelegraph.com/news/bitcoin-millionaire-onfo-coin-creator-dead

legendary
Activity: 1260
Merit: 1010
but for stolen btc we can have refund?
They are refunding all the stolen BTC.  Do you own any Alitin coins that had the BTC stolen from them?  If so, contact Alitin directly and they will get you a refund.  Read the OP of this thread:

https://bitcointalksearch.org/topic/alitin-mint-coin-breach-1815933

Thanks, now I submit my request
legendary
Activity: 2646
Merit: 1138
All paid signature campaigns should be banned.
Are mixers really useful for large volumes?

This small amount of Bitcoins would be easy to mix.  From BitMixer FAQ:
Quote
We have a large Bitcoin reserve in our mixer (currently 2100.27 BTC), so you do not need to wait for other users to send coins to be mixed. Your coin mixing will be processed instantly as soon as we have received your funds. To prevent advanced time-based analysis of your blockchain transactions, you may set a time delay for every forward address to receive the BTC. We will then send your coins according to the time delays you have specified.
legendary
Activity: 2646
Merit: 1138
All paid signature campaigns should be banned.
but for stolen btc we can have refund?
They are refunding all the stolen BTC.  Do you own any Alitin coins that had the BTC stolen from them?  If so, contact Alitin directly and they will get you a refund.  Read the OP of this thread:

https://bitcointalksearch.org/topic/alitin-mint-coin-breach-1815933
legendary
Activity: 1260
Merit: 1010
but for stolen btc we can have refund?
member
Activity: 90
Merit: 11
Author of Bitcoin Books, the latest: Mining Pools
I'm getting rather tired of Bitcoin physical coin manufacturers scamming the Bitcoin community!   Angry

Alitin Mint has become the next on the list of scammers!  Please check your coin addresses if you own any coins made by them.  My Adam Smith 2BTC coin balance was stolen on February 26th, 2017!



This could be mitigated using multisig addresses
copper member
Activity: 2996
Merit: 2374
Only if he's dumb enough to cash out.
Blockchain analysis shows the coins were immediately sent through a mixer so the thief could have pretty easily cashed out by now.

Are mixers really useful for large volumes? Have not checked them in quite a while, but when someone with >100btc trying to mix it becomes pretty obvious which output coins are his. So while it might not be a conclusive evidence, once he cashes out and it turns that he used to work at alitin at the time, dots connect and case opens.
That probably depends on how you define "large volumes". I don't think the few hundred BTC that is the upper bound of what the thief took would be easy to trace, especially if multiple mixers are used.

You would probably need to move four digits worth of coins in a short period in order to potentially have your coins traced with blockchain analysis.
legendary
Activity: 1176
Merit: 1010
Borsche
Only if he's dumb enough to cash out.
Blockchain analysis shows the coins were immediately sent through a mixer so the thief could have pretty easily cashed out by now.

Are mixers really useful for large volumes? Have not checked them in quite a while, but when someone with >100btc trying to mix it becomes pretty obvious which output coins are his. So while it might not be a conclusive evidence, once he cashes out and it turns that he used to work at alitin at the time, dots connect and case opens.
legendary
Activity: 2646
Merit: 1138
All paid signature campaigns should be banned.
Only if he's dumb enough to cash out.
Blockchain analysis shows the coins were immediately sent through a mixer so the thief could have pretty easily cashed out by now.
legendary
Activity: 1176
Merit: 1010
Borsche
This is very sad to hear. More so for the owners of raided coins.

If there was a leak of private keys somewhere in the production process the manufacturer should know the name of the people involved.
So if an investigation is ongoing no much info can be publicly released. Over time hope some names surface, we know who did it in Coinographic's case.

Richard was apparently the only one with access to private keys, so he stole them himself, or he is flat out lying.
One other possibility is that he thought he was the only one to ever see the private keys but someone else got a copy of (some of) them.

They did have a lot of people on their failed "risk management" committee/team.

But how is that possible? He claimed he created the private keys himself, then engraving coins and destroyed the private keys. It's a pretty simple process.

Simple process with many steps.

Created - how, on which device, who else had access to this device before or after the key was generated? Engraving - where, was the room checked for recording devices, did he ever leave that room for bio needs, who else could have been in the building at this time? Packaging the coin - same questions. There is a lot of trust you need to put in the process of private key creation to be sure it did not get recorded somewhere. As they got sweeped only now, when BTC price reached newsworthy levels, probably the thief/person who had the partial list of keys only remembered about that now. Would be pretty hard to find a trace of what could have happened 3 years ago... Only if he's dumb enough to cash out.

PS on a related note, if anybody selling compromised joannas / adam smiths after you get your refund, please PM.
legendary
Activity: 2646
Merit: 1138
All paid signature campaigns should be banned.
I believe that address is part of the mixer process.  All of the coins were placed into a mixer and the thief got new (untainted)  BTC a long time ago.  All of the stolen coins will eventually be mixed and given out to other customers of the mixer who are not the thief.  So following the coins will not lead you to the thief.
newbie
Activity: 1
Merit: 0
A large amount of the stolen bitcoin from the compromised addresses below end up in this address: 1AHZ4H8YgM1hMYHYGHaN89QKgf1YvnTuBD

Compromised addresses:
1QLQDk2KotPqqBjQQK9atEqmmmjBZySPwc
18maxv3kVNNKUE9NZhcYcfHhcRrtSXC8eE
17Qn7Y27xpAgtjEefEknwpFcLnpCiK4tSA
1BCgfLnJiJFvckMKRwcJa32tarsi7TD3QF
1DXjC2oKNsQbtHzWDEgzuMyoeaMtAr1r44
1FxH5pJcgX6VrJYb7pweXUjEMSX1naero9
13Y8zQHtorD1uSRuSvuxFxLMB6Qq8fVKTJ
1JxjKfA2EhJo4Hd8yD7NQSTqxGjJ4UNBXH
13bbV8kaFs8kQTiJFGxVnpFiMXwjk5XPpw
1Ctebt6wCrW7EMR2DTu75Tzzc2wEbZU6Sb
16cXpHf87Y8mENGKGD4PyaJsVo1pdtm198
1EBf3H6oukihFbDwX4xCShQsQF9j5PQD9p
18t1hPWGT2iLAnK4Nt4wYTbuqUYAD9R9hC
1F85aCkDHL4dBTbZkxBGwptjsHSv2WCNfr
1K2cio3dVFrk76yvKosDTdzmKWE2DFT1Kw
1GLNq4tvHr5Sm6aSnxKe3ybMutb2J3rFt2
1B25QYDjCCk7qxGXgd8Kfm3SeATySxRwZs
13iAiSxEtDSBfF7XbxraLhnhasRBrTrHZF
1Emq52ZTBWC4Qh24FP5TMSThnAu6kGdmy
172xh9w84E7rDF13dTVCC5XMkC11n8LYQg
129kihbjRChoy1AX5RuNdBAFUU36KUWTZr
15iLakai3bsiBWXCVRTkDzeiUgL6b2yFth
189nyDxDHJk81HL6kGJryNA5fsXW18h3nm
15XBjwnG6VQNQW5FCz1w54mttuxPxLkNow
12ZgkjLqvuVPLt6JaFUGBGUyt4kyibChVa
1GSrNTwCBJL6TxZm481P12SR1LcHSH1f85
1AwNFaz38irKbpzy7inkCYHJXv9QvDcuym
1CDLbRKvh53j795zZDrFyduPj9AqZ1ERQC
12THLcCXqBbTgFA9vM4qHPbkidda2ULgYS
1HBS9BtNtnViVJydbAMHeawCWxshPEXKLh
1Mh1Vvr5BtwA1s3GH3Dr7bfbao6sZdCmRJ
1HaWwdwN3irpWtxaPvaoL4eGuZhcGqzPMz
14D2HdBqvaiDS34SCGJ45A1N9AXDimisBg
12WJE6CRWC47gzZQgJpC7CSxqteTaLvhBd
1b7wKzbFSm4U5KMVCD88EuhXVvK1ZAzk1
1BEKYbfh2FMTbjanWLSAZw3kxrpiLShVVp
1LtGmmAkXo3DtqzpAZoMMVu6uZFRuXYpP5
1KBy7s2cFaewBjEczTUxNpsPcjXsC5SibD
1LwL1uE4FQS7Moc1AzxHYPBup5ucbq1mNU
1A8rRSXmQx9bsV1WhpoQx2ZcKzFZxSjUMm
1DKyy7sUs9Sc3khwK69f1vH8yVeR7LK3Kg
1H5uvoQuv2P1G9gYtj1Wod24TX29gAsbox
12aQG3VLZiY6GFwQ2M4jyAh4oK7kGJoK2f
1JAeL1qZmEuXaL8XQWWmKTAjt3ZF38g6Rk
1KftRz6WoLHaEZW3ZEJpckKyUCCs74ZBiD
1Hu2p4qcDeCho8UggvQPrGeehWwWkbrtAf
15LqzxX6Md4iwyGboWB8UedYM3JuqDBmib
18GU8tjGyR7uwrUAMV2cpF14QdFdYfMaai
14Qi3PcrPctt7E2VwBw33V4BwnXeDbg1qp
1imZGYfzgca4MaX8NjPJpBQWGFqL3GjwR
1oACKoxLFWm5yZfL4aUA4TipAG53eE6QK
1F7JiKn15X29bBTxG4SkSDJgtCVx8iwam8
1Dqck66Bbuc7WDP73XrGmeUAxPNCWfX12
1K2hc5aYQ5ASVqBu5NfHTSiiKFTjhyeXbM
1PWfrQhQZ5ph3ZKzA27TArYJZytDB9BTQm
1Fh1LB1eBqBtVyBrvZg7xnqmSN84rzWa5G
1NiFc47UBdSPotKve9wSnQeLGuNQhd5NA1
17bFHy41efk5GfNnH9fvHhh4yfpmTBAJMe
12vwV7ySuxtss26WKqBFXzNtnMoemgERhK
1NsjoNxC5izhti926rXT6Jr4kJxBASQArC
18qz8gELaKgtJRU8n3bRqhtAzbH71zxoxY
1FFsifLUW1Tkvof6M4y6XyvtfmPjnDYmuy
1vx4myJo21XuYbUeVKQhgiQ5axzE6JJAU
1NNhvxuppiU3WnQSHRmA74qwGfMCvaNyza
1QqqHdFHzZs1HLG2MkQ1c9BSKd4EqM52r
1QBVHeRHXNSUQFgyEepjJXqQGviKGsMc3n
legendary
Activity: 2646
Merit: 1138
All paid signature campaigns should be banned.
This is very sad to hear. More so for the owners of raided coins.

If there was a leak of private keys somewhere in the production process the manufacturer should know the name of the people involved.
So if an investigation is ongoing no much info can be publicly released. Over time hope some names surface, we know who did it in Coinographic's case.

Richard was apparently the only one with access to private keys, so he stole them himself, or he is flat out lying.
One other possibility is that he thought he was the only one to ever see the private keys but someone else got a copy of (some of) them.

They did have a lot of people on their failed "risk management" committee/team.

But how is that possible? He claimed he created the private keys himself, then engraving coins and destroyed the private keys. It's a pretty simple process.
Agreed.  Interesting times...
hero member
Activity: 715
Merit: 500
This is very sad to hear. More so for the owners of raided coins.

If there was a leak of private keys somewhere in the production process the manufacturer should know the name of the people involved.
So if an investigation is ongoing no much info can be publicly released. Over time hope some names surface, we know who did it in Coinographic's case.

Richard was apparently the only one with access to private keys, so he stole them himself, or he is flat out lying.
One other possibility is that he thought he was the only one to ever see the private keys but someone else got a copy of (some of) them.

They did have a lot of people on their failed "risk management" committee/team.

But how is that possible? He claimed he created the private keys himself, then engraving coins and destroyed the private keys. It's a pretty simple process.
legendary
Activity: 2646
Merit: 1138
All paid signature campaigns should be banned.
This is very sad to hear. More so for the owners of raided coins.

If there was a leak of private keys somewhere in the production process the manufacturer should know the name of the people involved.
So if an investigation is ongoing no much info can be publicly released. Over time hope some names surface, we know who did it in Coinographic's case.

Richard was apparently the only one with access to private keys, so he stole them himself, or he is flat out lying.
One other possibility is that he thought he was the only one to ever see the private keys but someone else got a copy of (some of) them.

They did have a lot of people on their failed "risk management" committee/team.
hero member
Activity: 715
Merit: 500
This is very sad to hear. More so for the owners of raided coins.

If there was a leak of private keys somewhere in the production process the manufacturer should know the name of the people involved.
So if an investigation is ongoing no much info can be publicly released. Over time hope some names surface, we know who did it in Coinographic's case.

Richard was apparently the only one with access to private keys, so he stole them himself, or he is flat out lying.
legendary
Activity: 1722
Merit: 1000
This is very sad to hear. More so for the owners of raided coins.

If there was a leak of private keys somewhere in the production process the manufacturer should know the name of the people involved.
So if an investigation is ongoing no much info can be publicly released. Over time hope some names surface, we know who did it in Coinographic's case.
legendary
Activity: 1470
Merit: 1004
So my suggestion is to keep your coins and do not sell them to all of these people saying they want to buy the silver unless you are aware that you may not be able to make a future claim - the buyer will get any future claim.  

Good advice.
legendary
Activity: 2646
Merit: 1138
All paid signature campaigns should be banned.
I am saying that there is a possibility they will catch the thief.  It is a very stupid crime.  There is a very small finite group of people that ever had access to the lists of private keys.  The thief is one of those people.  Since there is such a small group of possible suspects there is a chance the thief will be caught.

They will seize all of the thief's assets so even if he sold the BTC there is a chance we might get paid back.

Of course, I am not holding my breath waiting for this to happen.

But in the mean time I am suggesting that any claim on any of the recovered funds will probably involve proving you have the swept or accidentally unfunded coin.

So my suggestion is to keep your coins and do not sell them to all of these people saying they want to buy the silver unless you are aware that you may not be able to make a future claim - the buyer will get any future claim.  

Just a thought.
legendary
Activity: 3780
Merit: 1418
This is strange.  I bought two coins.  The first one is an Adam Smith number 60/600.

https://blockchain.info/address/1QLQDk2KotPqqBjQQK9atEqmmmjBZySPwc

It was swept 2017-02-26 02:31:26, so I lost 2 BTC on that deal.

My second coin is a Joan of Arc number 17/600.  But when I went to check on it I found that it had never been funded!  Were we supposed to fund these ourselves? Check it out:

https://blockchain.info/address/1KzvorTcd6W497eYdk7Jc9U1YLNTF1A6LK

When I bought it I assumed it was funded.  I am sure I paid more than 1 BTC for the thing.  What is the deal with that?

Oh my.  So a second breach of trust now?  Im sorry for your loss really.  Is there anyone else who's 1btc coin was never funded?
I am very interested in this also.  Does anyone else have an unfunded coin?

BTW:  I would keep your unfunded coin intact and not sell it!  You have no reason to peal it and an intact unfunded coin is a good thing to have for a proof of claim.

ALSO:  You should also keep your swept coins!!!  We do not know what their procedure will be for getting your BTC back once they either catch the thief or start paying everyone back.  You may need the swept coin as proof of claim.

I think that is your own fault for not checking the balance of the coin. I also think it is impossible for alitin mint to refund all of its customers because these coins where sold what 3? years ago in 2014 and they are just saying they will to avoid more questions and so on

Salt in wounds right now isnt needed man.  Lose thousands of dollars and have someone kick you when your on the floor.  Undecided
hero member
Activity: 2268
Merit: 960
100% Deposit Match UP TO €5000!
This is strange.  I bought two coins.  The first one is an Adam Smith number 60/600.

https://blockchain.info/address/1QLQDk2KotPqqBjQQK9atEqmmmjBZySPwc

It was swept 2017-02-26 02:31:26, so I lost 2 BTC on that deal.

My second coin is a Joan of Arc number 17/600.  But when I went to check on it I found that it had never been funded!  Were we supposed to fund these ourselves? Check it out:

https://blockchain.info/address/1KzvorTcd6W497eYdk7Jc9U1YLNTF1A6LK

When I bought it I assumed it was funded.  I am sure I paid more than 1 BTC for the thing.  What is the deal with that?

Oh my.  So a second breach of trust now?  Im sorry for your loss really.  Is there anyone else who's 1btc coin was never funded?
I am very interested in this also.  Does anyone else have an unfunded coin?

BTW:  I would keep your unfunded coin intact and not sell it!  You have no reason to peal it and an intact unfunded coin is a good thing to have for a proof of claim.

ALSO:  You should also keep your swept coins!!!  We do not know what their procedure will be for getting your BTC back once they either catch the thief or start paying everyone back.  You may need the swept coin as proof of claim.

I think that is your own fault for not checking the balance of the coin. I also think it is impossible for alitin mint to refund all of its customers because these coins where sold what 3? years ago in 2014 and they are just saying they will to avoid more questions and so on
legendary
Activity: 2646
Merit: 1138
All paid signature campaigns should be banned.
This is strange.  I bought two coins.  The first one is an Adam Smith number 60/600.

https://blockchain.info/address/1QLQDk2KotPqqBjQQK9atEqmmmjBZySPwc

It was swept 2017-02-26 02:31:26, so I lost 2 BTC on that deal.

My second coin is a Joan of Arc number 17/600.  But when I went to check on it I found that it had never been funded!  Were we supposed to fund these ourselves? Check it out:

https://blockchain.info/address/1KzvorTcd6W497eYdk7Jc9U1YLNTF1A6LK

When I bought it I assumed it was funded.  I am sure I paid more than 1 BTC for the thing.  What is the deal with that?

Oh my.  So a second breach of trust now?  Im sorry for your loss really.  Is there anyone else who's 1btc coin was never funded?
I am very interested in this also.  Does anyone else have an unfunded coin?

BTW:  I would keep your unfunded coin intact and not sell it!  You have no reason to peal it and an intact unfunded coin is a good thing to have for a proof of claim.

ALSO:  You should also keep your swept coins!!!  We do not know what their procedure will be for getting your BTC back once they either catch the thief or start paying everyone back.  You may need the swept coin as proof of claim.
legendary
Activity: 3780
Merit: 1418
This is strange.  I bought two coins.  The first one is an Adam Smith number 60/600.

https://blockchain.info/address/1QLQDk2KotPqqBjQQK9atEqmmmjBZySPwc

It was swept 2017-02-26 02:31:26, so I lost 2 BTC on that deal.

My second coin is a Joan of Arc number 17/600.  But when I went to check on it I found that it had never been funded!  Were we supposed to fund these ourselves? Check it out:

https://blockchain.info/address/1KzvorTcd6W497eYdk7Jc9U1YLNTF1A6LK

When I bought it I assumed it was funded.  I am sure I paid more than 1 BTC for the thing.  What is the deal with that?

Oh my.  So a second breach of trust now?  Im sorry for your loss really.  Is there anyone else who's 1btc coin was never funded?
sr. member
Activity: 322
Merit: 250
Man, this just sucks for everyone involved - everyone has lost when something like this happens.  As an owner of several physicals every time I read something like this it sends a chill.

I hope the source is found, and that Alitin honors their pledge to offer refunds.  If you can find proof of when your coin was swept, and the value at that time, it is worth trying to go through something like renters or homeowners insurance and see what they say.  Sometimes you do need an extra rider on your policy to cover these things, sometimes not, depends but at least worth a try.

I know it won't really replace what was lost, but add me to the list of interested parties for any resale of these, peeled or still intact but de-funded.  PM me your asking price, for either series and/or multiple coins.
legendary
Activity: 3206
Merit: 1348
If anyone wants to sell one of their peeled coins, send me a PM with an asking price. I may be interested in picking one up. Thanks
legendary
Activity: 1260
Merit: 1010
Honestly peel your coins, save your BTC if it is still there for god's sake.

Sell the redeemed or stolen coins to anyone who will buy them for the silver value alone.

This is not going to get better.

Refunds, maybe a long shot, but if your coin has BTC on it, are you really not going to peel it at this point?

thanks!

Yes, this is the best and logic solution at this point ... # PEEL YOUR COINS AND SAVE BTC #
legendary
Activity: 2746
Merit: 1181
Honestly peel your coins, save your BTC if it is still there for god's sake.

Sell the redeemed or stolen coins to anyone who will buy them for the silver value alone.

This is not going to get better.

Refunds, maybe a long shot, but if your coin has BTC on it, are you really not going to peel it at this point?

thanks!
legendary
Activity: 2646
Merit: 1138
All paid signature campaigns should be banned.
This is strange.  I bought two coins.  The first one is an Adam Smith number 60/600.

https://blockchain.info/address/1QLQDk2KotPqqBjQQK9atEqmmmjBZySPwc

It was swept 2017-02-26 02:31:26, so I lost 2 BTC on that deal.

My second coin is a Joan of Arc number 17/600.  But when I went to check on it I found that it had never been funded!  Were we supposed to fund these ourselves? Check it out:

https://blockchain.info/address/1KzvorTcd6W497eYdk7Jc9U1YLNTF1A6LK

When I bought it I assumed it was funded.  I am sure I paid more than 1 BTC for the thing.  What is the deal with that?
hero member
Activity: 715
Merit: 500

I wonder if it is possible for the key to be read right through the packaging with heat imaging like a thermal camera or something similar..

Perhaps, but that's not why these were swept, most of the compromised coins were sent directly from Alitin.
hero member
Activity: 715
Merit: 500

Physical bitcoins in coin form are a novelty for bitcoin geeks (like me) and never had a chance of going mainstream. OpenDime has no collector appeal.

Yes of course, however if there was a way to incorporate the opendime security model with a collector coin, that would be trustless
legendary
Activity: 2296
Merit: 2262
BTC or BUST
As if the physical market isn't already bad enough..

It looks like the coins had the private key physically engraved on the side of them

I wonder if it is possible for the key to be read right through the packaging with heat imaging like a thermal camera or something similar..
legendary
Activity: 2128
Merit: 1119
J.R. replied back to my email today saying they would repay the BTC value.   

If they follow through on that then color me impressed.

I am also interested in buying one of these unloaded coins if anyone is selling.
legendary
Activity: 2646
Merit: 1138
All paid signature campaigns should be banned.
legendary
Activity: 1806
Merit: 1164
SilverWallets has the right idea. Sell the coin unfunded with hologram provided and let the buyer generate the key pair and assemble the coin themselves. Likewise Polymerbit.

I would have to disagree with you. The whole point of physical bitcoins is that they are easily exchanged from one person to another, knowing that if the hologram or whatever is intact, they contain the face value of Bitcoin. If you let the "buyer" generate the private key, then later sell the physical coin, you have to trust the initial buyer didn't copy the private key. If this was the model from the get go, I believe you would see widespread individual sweeping of coins. You have to put trust in one entity, like Casascius.

Edit; in my opinion, the only "truly" trusted physicals at this point is OpenDime. Where the person loading the BTC never sees the private key.

Physical bitcoins in coin form are a novelty for bitcoin geeks (like me) and never had a chance of going mainstream. OpenDime has no collector appeal.
hero member
Activity: 715
Merit: 500
SilverWallets has the right idea. Sell the coin unfunded with hologram provided and let the buyer generate the key pair and assemble the coin themselves. Likewise Polymerbit.

I would have to disagree with you. The whole point of physical bitcoins is that they are easily exchanged from one person to another, knowing that if the hologram or whatever is intact, they contain the face value of Bitcoin. If you let the "buyer" generate the private key, then later sell the physical coin, you have to trust the initial buyer didn't copy the private key. If this was the model from the get go, I believe you would see widespread individual sweeping of coins. You have to put trust in one entity, like Casascius.

Edit; in my opinion, the only "truly" trusted physicals at this point is OpenDime. Where the person loading the BTC never sees the private key.
legendary
Activity: 1806
Merit: 1164
SilverWallets has the right idea. Sell the coin unfunded with hologram provided and let the buyer generate the key pair and assemble the coin themselves. Likewise Polymerbit.
hero member
Activity: 715
Merit: 500
This has me worried about the physical coin market in general. I know Casascius is known to be trusted here, I'm wondering did Mike mainly work alone and did he personally address what was done with private keys, assuming he destroyed them. I've never heard of issues with Casascius.

Honestly, I am surprised this hasn't happened more often.  Other than Alitin, the only other maker is Coinographic who performed a mass sweep of private keys, and in the case of Coinographic it was only Litecoin, so the damages were not as severe.  This case with Alitin is by far the biggest incident I'm aware of.  

The fact it hasn't happened very much leads me to believe the community has done a decent job vetting and/or only buying funded coins from people who they trust.  The biggest deterrent to doing something like this would be knowing exactly who is making the coins and where they are located.  It's unlikely someone is willing to ruin their name and go "on the run" if they have spent years building up a reputation in the community.  

In the case of Alitin, I have no idea whether these Forsyth guys are real people, or assumed identities.  If they are real, my hope is that it was all a result of negligence and there's a valid explanation for how this happened and a plan to pay the victims back.  If they aren't real, then it's even more important that we perform due diligence on any future makers who want to offer funded coins.  

Agreed, although I don't believe there are really that many BTC physical coin producers, if there were hundreds, I would expect to see this happen more often. Luckily for us, guys like Mike are as honest as they come. If Casascius had been compromised early on, it would have been the end of any physical BTC market.
hero member
Activity: 943
Merit: 783
In Memory of Zepher
This has me worried about the physical coin market in general. I know Casascius is known to be trusted here, I'm wondering did Mike mainly work alone and did he personally address what was done with private keys, assuming he destroyed them. I've never heard of issues with Casascius.

Honestly, I am surprised this hasn't happened more often.  Other than Alitin, the only other maker is Coinographic who performed a mass sweep of private keys, and in the case of Coinographic it was only Litecoin, so the damages were not as severe.  This case with Alitin is by far the biggest incident I'm aware of.  

The fact it hasn't happened very much leads me to believe the community has done a decent job vetting and/or only buying funded coins from people who they trust.  The biggest deterrent to doing something like this would be knowing exactly who is making the coins and where they are located.  It's unlikely someone is willing to ruin their name and go "on the run" if they have spent years building up a reputation in the community.  

In the case of Alitin, I have no idea whether these Forsyth guys are real people, or assumed identities.  If they are real, my hope is that it was all a result of negligence and there's a valid explanation for how this happened and a plan to pay the victims back.  If they aren't real, then it's even more important that we perform due diligence on any future makers who want to offer funded coins.  
legendary
Activity: 1470
Merit: 1017
Star Wars Ep. 9 is here
J.R. replied back to my email today saying they would repay the BTC value.   
hero member
Activity: 715
Merit: 500
This has me worried about the physical coin market in general. I know Casascius is known to be trusted here, I'm wondering did Mike mainly work alone and did he personally address what was done with private keys, assuming he destroyed them. I've never heard of issues with Casascius.
legendary
Activity: 2461
Merit: 1058
Don't use bitcoin.de if you care about privacy!
Ouch, that's horrible! Hope there is a Chance to get btc back.
legendary
Activity: 1470
Merit: 1004
No.  I guessed they wouldn't answer that question either since they are focused on how it happened.

BTW, I have tracked my coin funds down to two addresses:

1tUcP5FxpPTJhkS3bEpKXj1qbCgUK913U which has 256BTC (hasn't changed since 2/27)

1ERenyvfEepDjFsCgJmB1hwLqRCGEC4Jo6
which has 364BTC and has been very active (last transaction was today)

Wow, large sums of BTC, wondering if all is from Alitin coins or part of personal stash, if the latter I would guess that this is an inside job from one of the founders.
sr. member
Activity: 845
Merit: 267
No.  I guessed they wouldn't answer that question either since they are focused on how it happened.

BTW, I have tracked my coin funds down to two addresses:

1tUcP5FxpPTJhkS3bEpKXj1qbCgUK913U which has 256BTC (hasn't changed since 2/27)

1ERenyvfEepDjFsCgJmB1hwLqRCGEC4Jo6
which has 364BTC and has been very active (last transaction was today)

nice detective work my man ! 
sr. member
Activity: 296
Merit: 250
No.  I guessed they wouldn't answer that question either since they are focused on how it happened.

BTW, I have tracked my coin funds down to two addresses:

[Redacted]
[Redacted]


EDIT:
I think I jumped the gun.  These are the endpoint (likely exchanges), so likely not accurate.  Sorry.

These are more accurate (from my groupings):

19A5uTjZzip9gmNUVjSifeAeUwMdyYQ4zQ - 35 BTC
19ts4csSw2X1gzwsuc3AFQkJk3a1ZG5wtZ - 30.35725 BTC
1M9XcA6kQAoxih2T6ymcr2ShxHZ3uR5dKt - 6.0079869 BTC
173nKDVsFv121rYydJxW7Z13tH2vmyzvrv - 25 BTC
16x5RqEDuDRRKh7muDJ37xReurxWmLj5kh - 13.9967648 BTC
1FjkhxNtTGdNBgqaEKKM6vT1vfWP6sJnHM - 22.74030177 BTC
35o4y29BXAtTXrartEgbbux76ek6XGb4q1 - 7.98259439 BTC


legendary
Activity: 2198
Merit: 1989
฿uy ฿itcoin
I know what you mean...  If they don't tomorrow, then I'll start barking more!  I truly believe they don't know how this happened based on the conversation via email and phone.  Maybe I'm being played...   Undecided

Did you ask if they outsourced the engraving?
sr. member
Activity: 296
Merit: 250
I know what you mean...  If they don't tomorrow, then I'll start barking more!  I truly believe they don't know how this happened based on the conversation via email and phone.  Maybe I'm being played...   Undecided
legendary
Activity: 2198
Merit: 1989
฿uy ฿itcoin
I have repeatedly asked for a list of public addresses, but those requests have been ignored thus far. 

My guess is there has been some sort of internal "breach" or compromised email, etc.  I have been told by JR that they have contacted law enforcement authorities and they will have a public/formal statement tomorrow. 

I'm getting the feeling they're just buying time. Why haven't they posted by now at least to let people know they're investigating the leak? That only takes a few minutes time and shows that they're actively trying to find who did this.
sr. member
Activity: 296
Merit: 250
I have repeatedly asked for a list of public addresses, but those requests have been ignored thus far. 

My guess is there has been some sort of internal "breach" or compromised email, etc.  I have been told by JR that they have contacted law enforcement authorities and they will have a public/formal statement tomorrow. 
copper member
Activity: 2996
Merit: 2374
On the side? What would stop someone from taking a picture of the coin, reselling it and then redeeming the BTC in the coin?

There is foam inside the casing which is/was permanently sealed:


In order to redeem the coins, the owner was supposed to break apart the case to reveal the engraving. So either either the private key generation or engraving process was compromised, or the private keys were actually stored to be illegally redeemed at a later date.
It is also possible that someone took a picture of the coins after they were engraved but prior to when they were put in the case.

I think it is most likely that the manufacturer stored the private keys to the coins. Otherwise the manufacturer could have discovered the malware (or other compromise) and warned his customers to redeem the btc in the coins, so the thief would have redeemed the btc right away as opposed to when btc is at ATH
member
Activity: 78
Merit: 12
On the side? What would stop someone from taking a picture of the coin, reselling it and then redeeming the BTC in the coin?

There is foam inside the casing which is/was permanently sealed:


In order to redeem the coins, the owner was supposed to break apart the case to reveal the engraving. So either either the private key generation or engraving process was compromised, or the private keys were actually stored to be illegally redeemed at a later date.
copper member
Activity: 2996
Merit: 2374
It looks like the coins had the private key physically engraved on the side of them, was that engraving done in house or by an external engraver?
On the side? What would stop someone from taking a picture of the coin, reselling it and then redeeming the BTC in the coin?

If the private key was not protected by some kind of halo then the theft was the result of negligence on the part of the manufacturer, and any number of people involved throughout the process could be the actual thief. 
legendary
Activity: 2828
Merit: 1222
Just looking for peace
This is kind of scary and makes me think about many other funded coins that people own.

I can only hope this is a mistake and not on their end but some other problem and it gets fixed soon.
Good luck guys! Though if you haven't ,  redeem them already
legendary
Activity: 1470
Merit: 1004
In regards to key generation, and disposal, there is zero room for error in this market. This is a real shame and it saddens me to see this. I also don't feel that businesses in the physical crypto space should operate if there is more than a single person to cast blame on if any problems should arise. I make an effort to build relationships with my customers to help establish trust, but I also leave my customers with the option of leaving their Kialaras unfunded.

The last thing myself and other honest, responsible makers want is the community questioning our own trust because of the actions and irresponsibility of others.

Sincerely feeling for those affected.

Max-

Yes, I trust you and guys like Mike, who (most of the time) worked alone. Alitin had really nice coins, they most likely had to outsource several steps along the way. Too many people involved
hero member
Activity: 532
Merit: 500
I hope you guys who still have your btc on the coins move the btc asap. Something is a rye here.
legendary
Activity: 2702
Merit: 1072
It looks like the coins had the private key physically engraved on the side of them, was that engraving done in house or by an external engraver?
sr. member
Activity: 343
Merit: 254
From The New World
 I hope they find the culprit  that did this and everyone is reimbursed. We all should watch the addresses and see if this person tries to cash them out on an exchange . The bitfinex hacker still cannot cash the coins on any of the exchanges. We all should make sure that he or she will never be able to move those coins.
sr. member
Activity: 296
Merit: 250
My Jeanne D'Arc 1BTC is also still funded.  *knocks on wood*  
legendary
Activity: 1470
Merit: 1017
Star Wars Ep. 9 is here
My 2BTC funds (#79) were stolen 17Qn7Y27xpAgtjEefEknwpFcLnpCiK4tSA (mentioned on bitenvy's list)
My 1BTC is still intact at the moment 1FF1NtAMX7BTrCxN6fjwNDNuXRmvserH1p
hero member
Activity: 551
Merit: 789
In regards to key generation, and disposal, there is zero room for error in this market. This is a real shame and it saddens me to see this. I also don't feel that businesses in the physical crypto space should operate if there is more than a single person to cast blame on if any problems should arise. I make an effort to build relationships with my customers to help establish trust, but I also leave my customers with the option of leaving their Kialaras unfunded.

The last thing myself and other honest, responsible makers want is the community questioning our own trust because of the actions and irresponsibility of others.

Sincerely feeling for those affected.

Max-
copper member
Activity: 686
Merit: 603
Electricity is really just organized lightning
Zepher,

Some of those addresses are NOT the coin addresses but where the coins were sent by the thief.  My second 16 list above are the coin addresses.

https://blockchain.info/tx/4c98843cce3e00dd561f36406fe20afed37d7d2ff33f08e52f4cc716ecdd8e24

With advanced view on, you will find that each address is 2 BTC less the tx fee at the time. Seems correct to me.
If you click on (for example) the first address:  https://blockchain.info/address/1CgoMZvfdxwqb2Wexhsubvb7GfpsUrcd9x
You go back one more level and you will see what I'm talking about.  The original funding transaction is sent to:  https://blockchain.info/address/1Emq52ZTBWC4Qh24FP5TMSThnAu6kGdmy
This is the address of the coin, funded in 2014, not 1CgoMz which was sent on 2/26/17 by the thief.



Okay, you keep it updated for us, thanks Smiley I will be watching as I am affected as well. 34+ coins. This is not looking good for you, Alitin Mint/Mr Forsyth.
sr. member
Activity: 296
Merit: 250
Zepher,

Some of those addresses are NOT the coin addresses but where the coins were sent by the thief.  My second 16 list above are the coin addresses.

https://blockchain.info/tx/4c98843cce3e00dd561f36406fe20afed37d7d2ff33f08e52f4cc716ecdd8e24

With advanced view on, you will find that each address is 2 BTC less the tx fee at the time. Seems correct to me.
If you click on (for example) the first address:  https://blockchain.info/address/1CgoMZvfdxwqb2Wexhsubvb7GfpsUrcd9x
You go back one more level and you will see what I'm talking about.  The original funding transaction is sent to:  https://blockchain.info/address/1Emq52ZTBWC4Qh24FP5TMSThnAu6kGdmy
This is the address of the coin, funded in 2014, not 1CgoMz which was sent on 2/26/17 by the thief.

legendary
Activity: 1470
Merit: 1004
It would appear to me that this was done with a specific batch, if he/she had the private keys for all of the Adam coins, why not just empty them all at once. Especially since it went virtually unnoticed for over a week.
copper member
Activity: 686
Merit: 603
Electricity is really just organized lightning
Zepher,

Some of those addresses are NOT the coin addresses but where the coins were sent by the thief.  My second 16 list above are the coin addresses.

https://blockchain.info/tx/4c98843cce3e00dd561f36406fe20afed37d7d2ff33f08e52f4cc716ecdd8e24

With advanced view on, you will find that each address is 2 BTC less the tx fee at the time. Seems correct to me.

Edit: Okay, have seen your list. We'll use yours, you keep it updated for us please Smiley
sr. member
Activity: 296
Merit: 250
Zepher,

Some of those addresses are NOT the coin addresses but where the coins were sent by the thief.  My second 16 list above are the coin addresses.
legendary
Activity: 2254
Merit: 1140
This, and other legal reasons are ultimately the reason why I decided to make my bars unfunded.   This is sad to see and it's not the first time something like this has happened. 
copper member
Activity: 686
Merit: 603
Electricity is really just organized lightning

What specific lapse caused these coins to be vulnerable. Do the rest of the coins, not yet raided, have risk from the same issue

It would appear so right now.

Cryptodechange has said 2 coins he personally funded and sold have been raided.

Would you mind posting those addresses please, Cryptodechange?

Thanks

182oEvBzKwXrKsi6AtYPad6sEM6sYuScPT
1AwNFaz38irKbpzy7inkCYHJXv9QvDcuym

Thank you very much. The 182 address was redeemed today, and is a legit redemption - as it was a coin that I sold to someone, which I purchased from you.

Here is another 16 17 coins that have been raided: https://blockchain.info/tx/4c98843cce3e00dd561f36406fe20afed37d7d2ff33f08e52f4cc716ecdd8e24

Addresses:

1CgoMZvfdxwqb2Wexhsubvb7GfpsUrcd9x
13ked8fohzLmvVtr9hfDfPsxSqykwsMnQu
14s7vGCgSiReHRtbRBVTimKzJfCEaCM18f
1EF4W4UU9JVM6RZXGVwSH1oUvghB15A6Yx
12tFDAccT7JKM8EcAF8HXNMFqUehS6QvVB
18qWMykgMLkm7Cg2zYHUXxFyG5bXJqLXCY
1DAxuiMnMQ7CW5XDqAzudPNjodVVRWWgkW
1PhtpseNdkxJ8TrS7NPGRWZac1K1s5LwED
1Q2jnP8uP9XQNtSkL76K2qaefhw7bxST5Z
16RMD4Zsr5ynPsG1sSqDqdYH6ozHS1fUD1
1FDVYFRnjcVaLrgJotzSme6hhEEd55JQCg
1Mvya8SkJa2KE94zVCdcF1Zr6Lxn9NHDJp
1DRDRjBL4EAjqh49ZgtXqBZTn9Vf3SZiBV
17HeJR5a5VMTXBHidb3ysKYRKSquYZz2Hu
1AqQerqsTqFtoGPQtDJ9SnxUETjV2gNqoV
1FqTs3t2ix9usTbWai1m7c8BErmWBCxvXa
1AwNFaz38irKbpzy7inkCYHJXv9QvDcuym


That brings the current total to 34 35 coins.
member
Activity: 78
Merit: 12

What specific lapse caused these coins to be vulnerable. Do the rest of the coins, not yet raided, have risk from the same issue

It would appear so right now.

Cryptodechange has said 2 coins he personally funded and sold have been raided.

Would you mind posting those addresses please, Cryptodechange?

Thanks

182oEvBzKwXrKsi6AtYPad6sEM6sYuScPT
1AwNFaz38irKbpzy7inkCYHJXv9QvDcuym
sr. member
Activity: 845
Merit: 267
I spoke with JR and this is all news to him after I emailed him.  He has personally guaranteed me the funds on the coins will be refunded to me and wants to make things right.  They are investigating how this happened.   JR said Richard will be posting shortly in this thread.  I truly believe they did not purposely scam me or others, but someone somehow got a hold of a handful of private keys from at least a small grouping of coins (18?).  I suggest we give them some time to investigate this since I just found out about it and notified them a few hours ago.  I believe they will make things right.  

well thats good then, I think eventually the manufactures of loaded coins will implement a higher slandered of Quality Control (QA/QC) with regard to private key and a guarantee from BTC theft such as Cionbase has now with Loyd's of London

sr. member
Activity: 296
Merit: 250
Uhg.  Hate to see where all of this is going but my guess is not going to be good.  So it was just a batch of the 18 coins and not the entire lot?
MMMmmm, I'm thinking more. I'm still perusing... I only see 18 so far.

Here's a list of the 1st 18:

https://blockchain.info/address/1QLQDk2KotPqqBjQQK9atEqmmmjBZySPwc
https://blockchain.info/address/18maxv3kVNNKUE9NZhcYcfHhcRrtSXC8eE --> bonefix
https://blockchain.info/address/17Qn7Y27xpAgtjEefEknwpFcLnpCiK4tSA --> bithalo
https://blockchain.info/address/1BCgfLnJiJFvckMKRwcJa32tarsi7TD3QF
https://blockchain.info/address/1DXjC2oKNsQbtHzWDEgzuMyoeaMtAr1r44
https://blockchain.info/address/1FxH5pJcgX6VrJYb7pweXUjEMSX1naero9  --> bitenvy
https://blockchain.info/address/13Y8zQHtorD1uSRuSvuxFxLMB6Qq8fVKTJ
https://blockchain.info/address/1JxjKfA2EhJo4Hd8yD7NQSTqxGjJ4UNBXH -->  msin
https://blockchain.info/address/13bbV8kaFs8kQTiJFGxVnpFiMXwjk5XPpw
https://blockchain.info/address/1Ctebt6wCrW7EMR2DTu75Tzzc2wEbZU6Sb
https://blockchain.info/address/16cXpHf87Y8mENGKGD4PyaJsVo1pdtm198
https://blockchain.info/address/1EBf3H6oukihFbDwX4xCShQsQF9j5PQD9p
https://blockchain.info/address/18t1hPWGT2iLAnK4Nt4wYTbuqUYAD9R9hC  --> TheNewAnon135246 found from Google search (worldtreasurefinders)
https://blockchain.info/address/1F85aCkDHL4dBTbZkxBGwptjsHSv2WCNfr
https://blockchain.info/address/1K2cio3dVFrk76yvKosDTdzmKWE2DFT1Kw
https://blockchain.info/address/1GLNq4tvHr5Sm6aSnxKe3ybMutb2J3rFt2
https://blockchain.info/address/1B25QYDjCCk7qxGXgd8Kfm3SeATySxRwZs
https://blockchain.info/address/13iAiSxEtDSBfF7XbxraLhnhasRBrTrHZF


EDIT:  
And, another 16:


https://blockchain.info/address/1Emq52ZTBWC4Qh24FP5TMSThnAu6kGdmy
https://blockchain.info/address/172xh9w84E7rDF13dTVCC5XMkC11n8LYQg
https://blockchain.info/address/129kihbjRChoy1AX5RuNdBAFUU36KUWTZr
https://blockchain.info/address/15iLakai3bsiBWXCVRTkDzeiUgL6b2yFth
https://blockchain.info/address/189nyDxDHJk81HL6kGJryNA5fsXW18h3nm
https://blockchain.info/address/15XBjwnG6VQNQW5FCz1w54mttuxPxLkNow
https://blockchain.info/address/12ZgkjLqvuVPLt6JaFUGBGUyt4kyibChVa
https://blockchain.info/address/1GSrNTwCBJL6TxZm481P12SR1LcHSH1f85 --> msin
https://blockchain.info/address/1AwNFaz38irKbpzy7inkCYHJXv9QvDcuym --> cryptodechange
https://blockchain.info/address/1CDLbRKvh53j795zZDrFyduPj9AqZ1ERQC
https://blockchain.info/address/12THLcCXqBbTgFA9vM4qHPbkidda2ULgYS
https://blockchain.info/address/1HBS9BtNtnViVJydbAMHeawCWxshPEXKLh
https://blockchain.info/address/1Mh1Vvr5BtwA1s3GH3Dr7bfbao6sZdCmRJ
https://blockchain.info/address/1HaWwdwN3irpWtxaPvaoL4eGuZhcGqzPMz
https://blockchain.info/address/14D2HdBqvaiDS34SCGJ45A1N9AXDimisBg
https://blockchain.info/address/12WJE6CRWC47gzZQgJpC7CSxqteTaLvhBd

That's a total of 34 so far!  We need full list from Alitin though!

182oEvBzKwXrKsi6AtYPad6sEM6sYuScPT was redeemed by user.  

EDIT2:
And, 6 4 more that are unconfirmed:

Unconfirmed (found transacted on 2/26/17 and original transaction in 2014):

https://blockchain.info/address/1b7wKzbFSm4U5KMVCD88EuhXVvK1ZAzk1
https://blockchain.info/address/1BEKYbfh2FMTbjanWLSAZw3kxrpiLShVVp
https://blockchain.info/address/1LtGmmAkXo3DtqzpAZoMMVu6uZFRuXYpP5 --> User mostly redeemed 8/26/16, but rest was taken on 2/26?  Interesting...
https://blockchain.info/address/1KBy7s2cFaewBjEczTUxNpsPcjXsC5SibD

EDIT3:
And, another batch of 11, again unconfirmed...

https://blockchain.info/address/1LwL1uE4FQS7Moc1AzxHYPBup5ucbq1mNU
https://blockchain.info/address/1A8rRSXmQx9bsV1WhpoQx2ZcKzFZxSjUMm
https://blockchain.info/address/1DKyy7sUs9Sc3khwK69f1vH8yVeR7LK3Kg
https://blockchain.info/address/1H5uvoQuv2P1G9gYtj1Wod24TX29gAsbox
https://blockchain.info/address/12aQG3VLZiY6GFwQ2M4jyAh4oK7kGJoK2f
https://blockchain.info/address/1JAeL1qZmEuXaL8XQWWmKTAjt3ZF38g6Rk
https://blockchain.info/address/1KftRz6WoLHaEZW3ZEJpckKyUCCs74ZBiD
https://blockchain.info/address/1Hu2p4qcDeCho8UggvQPrGeehWwWkbrtAf
https://blockchain.info/address/15LqzxX6Md4iwyGboWB8UedYM3JuqDBmib

2015?
https://blockchain.info/address/18GU8tjGyR7uwrUAMV2cpF14QdFdYfMaai
https://blockchain.info/address/14Qi3PcrPctt7E2VwBw33V4BwnXeDbg1qp

I've counted at least 51 49.  Still waiting for confirmation or any post from either JR or Richard.  

This is getting tiring...

EDIT4:
Another 7...

https://blockchain.info/address/1imZGYfzgca4MaX8NjPJpBQWGFqL3GjwR
https://blockchain.info/address/1oACKoxLFWm5yZfL4aUA4TipAG53eE6QK
https://blockchain.info/address/1F7JiKn15X29bBTxG4SkSDJgtCVx8iwam8
https://blockchain.info/address/1Dqck66Bbuc7WDP73XrGmeUAxPNCWfX12
https://blockchain.info/address/1K2hc5aYQ5ASVqBu5NfHTSiiKFTjhyeXbM
https://blockchain.info/address/1PWfrQhQZ5ph3ZKzA27TArYJZytDB9BTQm
https://blockchain.info/address/1Fh1LB1eBqBtVyBrvZg7xnqmSN84rzWa5G

58! 56!  

That's my total.  I think I missed a few.  But, those are the ones I found.  These are all from Block #454739

EDIT5 (3/6):
10 MORE...

https://blockchain.info/address/1NiFc47UBdSPotKve9wSnQeLGuNQhd5NA1
https://blockchain.info/address/17bFHy41efk5GfNnH9fvHhh4yfpmTBAJMe
https://blockchain.info/address/12vwV7ySuxtss26WKqBFXzNtnMoemgERhK
https://blockchain.info/address/1NsjoNxC5izhti926rXT6Jr4kJxBASQArC
https://blockchain.info/address/18qz8gELaKgtJRU8n3bRqhtAzbH71zxoxY
https://blockchain.info/address/1FFsifLUW1Tkvof6M4y6XyvtfmPjnDYmuy
https://blockchain.info/address/1vx4myJo21XuYbUeVKQhgiQ5axzE6JJAU
https://blockchain.info/address/1NNhvxuppiU3WnQSHRmA74qwGfMCvaNyza
https://blockchain.info/address/1QqqHdFHzZs1HLG2MkQ1c9BSKd4EqM52r
https://blockchain.info/address/1QBVHeRHXNSUQFgyEepjJXqQGviKGsMc3n

66!
legendary
Activity: 3780
Merit: 1418
Uhg.  Hate to see where all of this is going but my guess is not going to be good.  So it was just a batch of the 18 coins and not the entire lot?
legendary
Activity: 3206
Merit: 1348
This is sad to see. It puts all coin makers in a bad light and increases skepticism about physical coins.
I don't want to make any accusations. Its possible that Alitin actually kept a record of the keys and have now swiped the coins. However, it's also just as plausible to say that they didn't follow the correct protocol when assembling the coins and as a result the keys weren't erased from any devices which have since been compromised. Either way, a lot of questions will need answering.
Sorry for all those who lost their funds. I really took a liking to these coins. Shame to see another coin maker go down like this.
copper member
Activity: 686
Merit: 603
Electricity is really just organized lightning

What specific lapse caused these coins to be vulnerable. Do the rest of the coins, not yet raided, have risk from the same issue

It would appear so right now.

Cryptodechange has said 2 coins he personally funded and sold have been raided.

Would you mind posting those addresses please, Cryptodechange?

Thanks
legendary
Activity: 1252
Merit: 1259
MONKEYNUTS
Makers need to state the scope of this. How many have been affected.

While I agree that the internal investigation is their issue, and that a refund of lost funds is appropriate, that only addresses the issue for those coins so far raided, and not for the rest of the coins

What specific lapse caused these coins to be vulnerable. Do the rest of the coins, not yet raided, have risk from the same issue
copper member
Activity: 686
Merit: 603
Electricity is really just organized lightning
I can confirm that at least 2 of the coins I sold and loaded myself were redeemed within the past week.

Oh fuck. This is not good, as I bought 2 of these coins at different times, 1 was purchased through you. I sold one to another forum member, who has broken the slab upon hearing this news as it was still loaded. It would appear that mine has been raided. I don't hold the coin in my possession - it is kept with my mom. She sent me a (shitty) picture of the COA and I used that for the address, and it shows it as raided.

I will provide the address tomorrow once I can confirm this (it is late, she is an old woman, and I don't want to pester her).
legendary
Activity: 1470
Merit: 1004
I spoke with JR and this is all news to him after I emailed him.  He has personally guaranteed me the funds on the coins will be refunded to me and wants to make things right.  They are investigating how this happened.   JR said Richard will be posting shortly in this thread.  I truly believe they did not purposely scam me or others, but someone somehow got a hold of a handful of private keys from at least a small grouping of coins (18?).  I suggest we give them some time to investigate this since I just found out about it and notified them a few hours ago.  I believe they will make things right.  

Thank you for the update. I suggest they refund us immediately. Personally I could care less about an internal investigation, that's their problem and more time doesn't put the BTC back on our coins.
sr. member
Activity: 296
Merit: 250
I spoke with JR and this is all news to him after I emailed him.  He has personally guaranteed me the funds on the coins will be refunded to me and wants to make things right.  They are investigating how this happened.   JR said Richard will be posting shortly in this thread.  I truly believe they did not purposely scam me or others, but someone somehow got a hold of a handful of private keys from at least a small grouping of coins (18?).  I suggest we give them some time to investigate this since I just found out about it and notified them a few hours ago.  I believe they will make things right.  
legendary
Activity: 2746
Merit: 1181
This is just sad...how many makers wil be left trustworthy?

greed.
member
Activity: 78
Merit: 12
I can confirm that at least 2 of the coins I sold and loaded myself were redeemed within the past week.
legendary
Activity: 1470
Merit: 1004
Keep us updated. I've also shared my # with him as he responded via email. He stated that he will "personally guarantee" the value of the coins. I've requested face value refund.
sr. member
Activity: 296
Merit: 250
JR Forsyth wants to discuss over phone.  I will be talking to him soon.  I have also mentioned this thread to him as well.

I have made a scam accusation here:  https://bitcointalksearch.org/topic/alitin-mint-adam-smith-2btc-coins-compromised-1814916

legendary
Activity: 1252
Merit: 1259
MONKEYNUTS
Manufacturer needs to post on here, and do it quickly
legendary
Activity: 1470
Merit: 1004
This is pretty sad, what's the best theory so far as to how the coins were unloaded?

Edit: Will not make personal assumptions yet as to who is responsible.
legendary
Activity: 3206
Merit: 3596
I purchased two Adams and both have been swept as well, on 2/26. I purchased them in early 2015. I live in US. Will be contacting authorities on Monday.

1JxjKfA2EhJo4Hd8yD7NQSTqxGjJ4UNBXH

1GSrNTwCBJL6TxZm481P12SR1LcHSH1f85

Well.. there you have it... more proof.....  

I would recommend anyone who owns one and is an active member on here to open a Scam Accusation thread asap.
legendary
Activity: 2702
Merit: 1072
This is pretty sad, what's the best theory so far as to how the coins were unloaded?
legendary
Activity: 1470
Merit: 1004
I purchased two Adams and both have been swept as well, on 2/26. I purchased them in early 2015. I live in US. Will be contacting authorities on Monday.

1JxjKfA2EhJo4Hd8yD7NQSTqxGjJ4UNBXH

1GSrNTwCBJL6TxZm481P12SR1LcHSH1f85

Well.. there you have it... more proof.....  

I would recommend anyone who owns one and is an active member on here to open a Scam Accusation thread asap.

Also, I have two Joanne's and they are both still holding 1 BTC each, will be cracking them and retrieving BTC. Sad, I really like the coins, now the kids have something more to play with.  Smiley
legendary
Activity: 1470
Merit: 1004
I guess since BTC is at an ATH, we can expect more and more of this kind of stuff. Anyway, this has turned me off to physical BTC permanently. Wasn't very much for me, they were pretty cheap at the time, but not happy regardless. I have Richard's email if anyone wants it.
legendary
Activity: 3570
Merit: 1959
2 coins so far swept.... and there is no public address list??

I would assume that all coins are now empty.

Wonder which maker is next???

Wallet explorer indicates more than one on that first address following it forward one hop to -> https://www.walletexplorer.com/wallet/31fe4d3703621e4f?from_address=1LyYobKJVRbLCizjqpQJxC7CkumHh7fGx2 then again I may be reading that wrong.  Sorry people, that sucks.

legendary
Activity: 1470
Merit: 1004
I purchased two Adams and both have been swept as well, on 2/26. I purchased them in early 2015. I live in US. Will be contacting authorities on Monday.

1JxjKfA2EhJo4Hd8yD7NQSTqxGjJ4UNBXH

1GSrNTwCBJL6TxZm481P12SR1LcHSH1f85
hero member
Activity: 943
Merit: 783
In Memory of Zepher
I'm very sorry to see this, bitenvy.  I just checked my Adam Smith coin and cracked it open because it was still funded. This is very disheartening.

It looks like 18 inputs of approx 2 BTC were sent into this address: https://blockchain.info/address/19A5uTjZzip9gmNUVjSifeAeUwMdyYQ4zQ

If Alitin wants to gain any sort of credibility here, we need them to publish a full list of all addresses to determine how many may have been compromised. We also need to know the full chain of custody from who generated the keys, who did the engraving, and who performed the final slabbing.  

It's odd that they may have only redeemed a small number of coins, so maybe only a subset are at risk.  If your coin is still funded, I would strongly consider redeeming it now and forget about losing out on whatever premium you may have gotten.  At this point, I doubt people would want to buy these funded or pay any premium at all, so just take your coins if you still can.   Angry
legendary
Activity: 3206
Merit: 3596
2 coins so far swept.... and there is no public address list??

I would assume that all coins are now empty.

Wonder which maker is next???
hero member
Activity: 1568
Merit: 544
Thanks to let us know bitenvy.

The question i got is, How are the prived keys handled and by who ? 
 
legendary
Activity: 2198
Merit: 1989
฿uy ฿itcoin
Found this image through Google:



https://blockchain.info/address/18t1hPWGT2iLAnK4Nt4wYTbuqUYAD9R9hC

Address was sweeped on the same day as your coin :/.
sr. member
Activity: 296
Merit: 250
Richard Forsyth replied to my email stating:  

"I can assure you that none of us stole anything. I will investigate."
legendary
Activity: 2198
Merit: 1989
฿uy ฿itcoin
Lesson to be learned here: Pre-funded coins are counter-intuitive to Bitcoin. They are a bad idea to begin with.

Short pocket excuses.
legendary
Activity: 2674
Merit: 3000
Terminated.
Lesson to be learned here: Pre-funded coins are counter-intuitive to Bitcoin. They are a bad idea to begin with.

Short pocket excuses.
Stop trolling and educate yourself.
legendary
Activity: 1806
Merit: 1164
Sorry for your loss. This is why I have never bought any funded physical bitcoins though I have been tempted.
sr. member
Activity: 296
Merit: 250
I'm getting rather tired of Bitcoin physical coin manufacturers scamming the Bitcoin community!   Angry

Alitin Mint has become the next on the list of scammers!  Please check your coin addresses if you own any coins made by them.  My Adam Smith 2BTC coin balance was stolen on February 26th, 2017!

My coin address:  https://blockchain.info/address/1FxH5pJcgX6VrJYb7pweXUjEMSX1naero9

My coin is still in the sealed protective case and has been since 2014.



Alitinmint.com is no longer available.  Not sure if they were compromised or if they stole the funds.  Either way, they are now responsible for the loss of the funds.  

    Name: Richard Forsyth
    Organization: Alitin LLC
    Street: 1531 E. Brandford Parkway
    Street: Suite 230
    City: Springfield
    State/Province: Missouri
    Postal Code: 65804
    Country: United States
    Phone: +1.4174895200
    Email: NA

I have contacted Richard Forsyth and JR Forsyth and await a response.  

 Angry

EDIT:
I have decided to put all the compromised (stolen coin) addresses I have found in my first post for visibility.

66 COINS!

Here is the list of addresses that I think the funds have been stolen (and verified username, if applies):

https://blockchain.info/address/1QLQDk2KotPqqBjQQK9atEqmmmjBZySPwc --> BurtW
https://blockchain.info/address/18maxv3kVNNKUE9NZhcYcfHhcRrtSXC8eE --> bonefix
https://blockchain.info/address/17Qn7Y27xpAgtjEefEknwpFcLnpCiK4tSA --> bithalo
https://blockchain.info/address/1BCgfLnJiJFvckMKRwcJa32tarsi7TD3QF
https://blockchain.info/address/1DXjC2oKNsQbtHzWDEgzuMyoeaMtAr1r44
https://blockchain.info/address/1FxH5pJcgX6VrJYb7pweXUjEMSX1naero9  --> bitenvy
https://blockchain.info/address/13Y8zQHtorD1uSRuSvuxFxLMB6Qq8fVKTJ
https://blockchain.info/address/1JxjKfA2EhJo4Hd8yD7NQSTqxGjJ4UNBXH -->  msin
https://blockchain.info/address/13bbV8kaFs8kQTiJFGxVnpFiMXwjk5XPpw
https://blockchain.info/address/1Ctebt6wCrW7EMR2DTu75Tzzc2wEbZU6Sb
https://blockchain.info/address/16cXpHf87Y8mENGKGD4PyaJsVo1pdtm198
https://blockchain.info/address/1EBf3H6oukihFbDwX4xCShQsQF9j5PQD9p
https://blockchain.info/address/18t1hPWGT2iLAnK4Nt4wYTbuqUYAD9R9hC  --> worldtreasurefinders
https://blockchain.info/address/1F85aCkDHL4dBTbZkxBGwptjsHSv2WCNfr
https://blockchain.info/address/1K2cio3dVFrk76yvKosDTdzmKWE2DFT1Kw
https://blockchain.info/address/1GLNq4tvHr5Sm6aSnxKe3ybMutb2J3rFt2
https://blockchain.info/address/1B25QYDjCCk7qxGXgd8Kfm3SeATySxRwZs
https://blockchain.info/address/13iAiSxEtDSBfF7XbxraLhnhasRBrTrHZF

https://blockchain.info/address/1Emq52ZTBWC4Qh24FP5TMSThnAu6kGdmy
https://blockchain.info/address/172xh9w84E7rDF13dTVCC5XMkC11n8LYQg
https://blockchain.info/address/129kihbjRChoy1AX5RuNdBAFUU36KUWTZr
https://blockchain.info/address/15iLakai3bsiBWXCVRTkDzeiUgL6b2yFth
https://blockchain.info/address/189nyDxDHJk81HL6kGJryNA5fsXW18h3nm
https://blockchain.info/address/15XBjwnG6VQNQW5FCz1w54mttuxPxLkNow
https://blockchain.info/address/12ZgkjLqvuVPLt6JaFUGBGUyt4kyibChVa
https://blockchain.info/address/1GSrNTwCBJL6TxZm481P12SR1LcHSH1f85 --> msin
https://blockchain.info/address/1AwNFaz38irKbpzy7inkCYHJXv9QvDcuym --> cryptodechange
https://blockchain.info/address/1CDLbRKvh53j795zZDrFyduPj9AqZ1ERQC
https://blockchain.info/address/12THLcCXqBbTgFA9vM4qHPbkidda2ULgYS
https://blockchain.info/address/1HBS9BtNtnViVJydbAMHeawCWxshPEXKLh
https://blockchain.info/address/1Mh1Vvr5BtwA1s3GH3Dr7bfbao6sZdCmRJ
https://blockchain.info/address/1HaWwdwN3irpWtxaPvaoL4eGuZhcGqzPMz
https://blockchain.info/address/14D2HdBqvaiDS34SCGJ45A1N9AXDimisBg
https://blockchain.info/address/12WJE6CRWC47gzZQgJpC7CSxqteTaLvhBd

https://blockchain.info/address/1b7wKzbFSm4U5KMVCD88EuhXVvK1ZAzk1
https://blockchain.info/address/1BEKYbfh2FMTbjanWLSAZw3kxrpiLShVVp
https://blockchain.info/address/1LtGmmAkXo3DtqzpAZoMMVu6uZFRuXYpP5
https://blockchain.info/address/1KBy7s2cFaewBjEczTUxNpsPcjXsC5SibD

https://blockchain.info/address/1LwL1uE4FQS7Moc1AzxHYPBup5ucbq1mNU
https://blockchain.info/address/1A8rRSXmQx9bsV1WhpoQx2ZcKzFZxSjUMm
https://blockchain.info/address/1DKyy7sUs9Sc3khwK69f1vH8yVeR7LK3Kg
https://blockchain.info/address/1H5uvoQuv2P1G9gYtj1Wod24TX29gAsbox
https://blockchain.info/address/12aQG3VLZiY6GFwQ2M4jyAh4oK7kGJoK2f
https://blockchain.info/address/1JAeL1qZmEuXaL8XQWWmKTAjt3ZF38g6Rk
https://blockchain.info/address/1KftRz6WoLHaEZW3ZEJpckKyUCCs74ZBiD
https://blockchain.info/address/1Hu2p4qcDeCho8UggvQPrGeehWwWkbrtAf
https://blockchain.info/address/15LqzxX6Md4iwyGboWB8UedYM3JuqDBmib

https://blockchain.info/address/18GU8tjGyR7uwrUAMV2cpF14QdFdYfMaai
https://blockchain.info/address/14Qi3PcrPctt7E2VwBw33V4BwnXeDbg1qp

https://blockchain.info/address/1imZGYfzgca4MaX8NjPJpBQWGFqL3GjwR
https://blockchain.info/address/1oACKoxLFWm5yZfL4aUA4TipAG53eE6QK
https://blockchain.info/address/1F7JiKn15X29bBTxG4SkSDJgtCVx8iwam8
https://blockchain.info/address/1Dqck66Bbuc7WDP73XrGmeUAxPNCWfX12
https://blockchain.info/address/1K2hc5aYQ5ASVqBu5NfHTSiiKFTjhyeXbM
https://blockchain.info/address/1PWfrQhQZ5ph3ZKzA27TArYJZytDB9BTQm
https://blockchain.info/address/1Fh1LB1eBqBtVyBrvZg7xnqmSN84rzWa5G

https://blockchain.info/address/1NiFc47UBdSPotKve9wSnQeLGuNQhd5NA1
https://blockchain.info/address/17bFHy41efk5GfNnH9fvHhh4yfpmTBAJMe
https://blockchain.info/address/12vwV7ySuxtss26WKqBFXzNtnMoemgERhK
https://blockchain.info/address/1NsjoNxC5izhti926rXT6Jr4kJxBASQArC
https://blockchain.info/address/18qz8gELaKgtJRU8n3bRqhtAzbH71zxoxY
https://blockchain.info/address/1FFsifLUW1Tkvof6M4y6XyvtfmPjnDYmuy
https://blockchain.info/address/1vx4myJo21XuYbUeVKQhgiQ5axzE6JJAU
https://blockchain.info/address/1NNhvxuppiU3WnQSHRmA74qwGfMCvaNyza
https://blockchain.info/address/1QqqHdFHzZs1HLG2MkQ1c9BSKd4EqM52r
https://blockchain.info/address/1QBVHeRHXNSUQFgyEepjJXqQGviKGsMc3n



Still FUNDED:  

I have 6 addresses still showing as funded.  

On second thought, I am keeping these private just in case someone is watching this list.  PM me if you would like this list.

Jump to: