guys, should I lock this thread and show people over to the pretty much identical topic in thread Instawallet Security Breach for simplicity?
I'm locking this thread for simplicity.
Please discuss here: Instawallet Security Breach
Topic: bitcoin-central.net say they detected a security-breach (Read 9018 times)
I'm locking this thread for simplicity.
Please discuss here: Instawallet Security Breach
[Apr-1 10:30 CET] Bitcoin-Central and Paytunia update: Our customer's bitcoins and euros are safe and will not be affected by the security breach. We have taken the websites off-line for proper investigation.
The address 1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy is under our exclusive control.
The address 1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy is under our exclusive control.
Now that's some good news! These guys know how to build the suspense
yep good to know
finally! thanks!
How is it no big deal?
If it's vanity for Bitcoin Central COLD and the other large tx to the same address 1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy is indeed instawallet cold (as marked on blockchain.info) then we're looking at either the "theft transactions" or some transactions made by davout and team to "further secure the funds". I somehow think the latter is unlikely, since cold store should already be secure and they might've considered telling us "funds secure, don't worry" by now.
And if they're moving funds from their normal cold storage wallet to another address to demonstrate that they still have control of the funds (which is more reassuring than a "don't worry" statement), then that's something they should be publicising.
What's worrying is that when the Instawallet vulnerability was made public last week they should have assumed that both Instawallet and Bitcoin-Central would become bigger targets and that people would start looking for more vulnerabilities in both services, so they should have been locked down hard while a security audit was conducted. They should have been expecting a breach.
And it's not being confirmed because...?
guys, should I lock this thread and show people over to the pretty much identical topic in thread Instawallet Security Breach for simplicity?
Yes 
Excellent news.
Now just the strangeness of the lack of confirmations on a well-funded transaction.
Now just the strangeness of the lack of confirmations on a well-funded transaction.
guys, should I lock this thread and show people over to the pretty much identical topic in thread Instawallet Security Breach for simplicity?
"The address 1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy is under our exclusive control. "
Great, but the transactions being sent there are unconfirmed and don't exist on blockexplorer.com. Something's fishy.
Great, but the transactions being sent there are unconfirmed and don't exist on blockexplorer.com. Something's fishy.
[Apr-1 10:30 CET] Bitcoin-Central and Paytunia update: Our customer's bitcoins and euros are safe and will not be affected by the security breach. We have taken the websites off-line for proper investigation.
The address 1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy is under our exclusive control.
from
https://bitcoin-central.net/
The address 1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy is under our exclusive control.
from
https://bitcoin-central.net/
Now why did that take so long? Good news though. Can't wait to hear the details. Then I will consider if I'll do business with them again, have made good experiences in the past.
[Apr-1 10:30 CET] Bitcoin-Central and Paytunia update: Our customer's bitcoins and euros are safe and will not be affected by the security breach. We have taken the websites off-line for proper investigation.
The address 1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy is under our exclusive control.
The address 1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy is under our exclusive control.
Now that's some good news! These guys know how to build the suspense
[Apr-1 10:30 CET] Bitcoin-Central and Paytunia update: Our customer's bitcoins and euros are safe and will not be affected by the security breach. We have taken the websites off-line for proper investigation.
The address 1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy is under our exclusive control.
from
https://bitcoin-central.net/
The address 1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy is under our exclusive control.
from
https://bitcoin-central.net/
Transactions not found on blockexplorer.com
Don't trust only one source
Don't trust only one source
This block came 30 minutes after the last one, and only included 6 transactions.
http://blockchain.info/block-index/369660/000000000000010194961754d3d0739a794b934559b63137201273f01cd0f14d
Then one minute or so later, this block comes:
http://blockchain.info/block-index/369661/000000000000027a3775948e3c5f02cec95d9e1421e43130f5f589067fb0d1a2
...and includes all the other transactions. But neither of the two blocks include the transaction from 1bcco1d or the one from the Instawallet cold storage, even though it has a huge fee.
Strange things going on in here, at least from my uninformed-about-the-technical-details-user perspective. Someone care to elaborate?
Someone please tell me how to avoid my transactions getting included at will, even when paying a fee!
Is it possible that all the miners are being conscious enough not to include this transaction?
http://blockchain.info/block-index/369660/000000000000010194961754d3d0739a794b934559b63137201273f01cd0f14d
Then one minute or so later, this block comes:
http://blockchain.info/block-index/369661/000000000000027a3775948e3c5f02cec95d9e1421e43130f5f589067fb0d1a2
...and includes all the other transactions. But neither of the two blocks include the transaction from 1bcco1d or the one from the Instawallet cold storage, even though it has a huge fee.
Strange things going on in here, at least from my uninformed-about-the-technical-details-user perspective. Someone care to elaborate?
Another block has just been mined that they weren't included in. Strange.
Maybe the best plotted April fool's joke ever.Is it possible that all the miners are being conscious enough not to include this transaction?
Everybody has of course seen http://blockchain.info/address/1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy
unconfirmed! quick, double spend and mine them FAST!!
I see big discussion about this coming up. In the end, who knows who's the "good guys" and the "bad guys" here? Where's the evidence?
Can anyone who unlike me actually understands transactions look at the raw stuff and say if it's a nonstandard tx and why?
Everybody has of course seen http://blockchain.info/address/1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy
unconfirmed! quick, double spend and mine them FAST!!
that, my friend, would be amazing. don't know if bad or good though.
It is very likely I'm seeing things that aren't there, but...
http://blockchain.info/tx/4cf56d0c1566778030095925328f4bc7ae988657bd62fe8bc05ac67302d32b4c
Address "bccold" (1BcCo1d)?
http://blockchain.info/tx/4cf56d0c1566778030095925328f4bc7ae988657bd62fe8bc05ac67302d32b4c
Address "bccold" (1BcCo1d)?
It is a vanity address, not big deal. Bitcoin Central COLD. I have a few which start from 1Vladimir
How is it no big deal?
If it's vanity for Bitcoin Central COLD and the other large tx to the same address 1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy is indeed instawallet cold (as marked on blockchain.info) then we're looking at either the "theft transactions" or some transactions made by davout and team to "further secure the funds". I somehow think the latter is unlikely, since cold store should already be secure and they might've considered telling us "funds secure, don't worry" by now.
Another block has just been mined that they weren't included in. Strange.
Maybe the best plotted April fool's joke ever.
Does anyone have contact by skype or irc or anything with the admins?
Another block has just been mined that they weren't included in. Strange.
I had 31 BTC on my account.
they have since been moved to 1BCo1d and are part oft he huge-ass trx that is of yet unconfirmed.
they have since been moved to 1BCo1d and are part oft he huge-ass trx that is of yet unconfirmed.
Everybody has of course seen http://blockchain.info/address/1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy
unconfirmed! quick, double spend and mine them FAST!!
I sold some 10 btc (all i had in there) at 77,897€ there today during the 100$ rush.
I then hit my head on the wall as it s always hard to miss opportunity.
I now bless my wisdom ahah.
I then hit my head on the wall as it s always hard to miss opportunity.
I now bless my wisdom ahah.
<--
Honestly though, I thought we'd seen the last of these multi-million hacks. I hope for all who store any money there that this pans out in their favor and was a transfer done by the admins.
It is very likely I'm seeing things that aren't there, but...
http://blockchain.info/tx/4cf56d0c1566778030095925328f4bc7ae988657bd62fe8bc05ac67302d32b4c
Address "bccold" (1BcCo1d)?
http://blockchain.info/tx/4cf56d0c1566778030095925328f4bc7ae988657bd62fe8bc05ac67302d32b4c
Address "bccold" (1BcCo1d)?
Still not showing as confirmed, despite having a big fee attached...
The plot thickens. If anything else, this is a very interesting mystery.
Still not showing as confirmed, despite having a big fee attached...
31BTC at central
and many times that in €
sheesh.
and many times that in €
sheesh.
at least the € should be insured by the cartel, right?
31BTC at central
and many times that in €
sheesh.
and many times that in €
sheesh.
instawhelped
i hope they tried to double spend it with huge fees...
those two big withdrawals are still "unconfirmed," for a few hours already. If this was a theft, the BC/instawallet guys should quickly try to doublespend with big fees.
Uhoh, says that was 42,000 coins transferred from the cold wallet right? Shouldn't it be 42k transferred to the cold wallet instead of other way around.
Zhu Tonged x 2
Zhu Tonged x 2
Everybody has of course seen http://blockchain.info/address/1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy
Looks like a whelp to me.
I looked up "whelp" (http://www.urbandictionary.com/define.php?term=whelp).
None of the definitions seem to make sense in this context. ("A hot young 20 something guy who prefers having sex, dating, or marrying older women.")
In EvE Online if you "whelp" your ship/fleet it means you died/lost in a horrible embarrassing manner.
Hopefully people keep their bitcoins in a cold wallet, not on some exchange. I mean, srsly?
If you want to trade on that exchange you kind-of have to, no?
well now you have a simple question to ask them. Do they or do they not control private key to that BTC address?
The second question I suppose would be if it is in instawallet and in google yet.
The second question I suppose would be if it is in instawallet and in google yet.
Yeah, they might've used instawallet for the "cold" wallet of bitcoin-central.... lol.
That wallet couldn't have been very cold if it was hackable...
If it was safe in the first place, there would be no reason to move funds to some "emergency address", though. Maybe it wasn't that cold, only cool.
Everybody has of course seen http://blockchain.info/address/1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy
Looks like a whelp to me.
I looked up "whelp" (http://www.urbandictionary.com/define.php?term=whelp).
None of the definitions seem to make sense in this context. ("A hot young 20 something guy who prefers having sex, dating, or marrying older women.")
In EvE Online if you "whelp" your ship/fleet it means you died/lost in a horrible embarrassing manner.
Hopefully people keep their bitcoins in a cold wallet, not on some exchange. I mean, srsly?
That wallet couldn't have been very cold if it was hackable...
Everybody has of course seen http://blockchain.info/address/1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy
Looks like a whelp to me.
I looked up "whelp" (http://www.urbandictionary.com/define.php?term=whelp).
None of the definitions seem to make sense in this context. ("A hot young 20 something guy who prefers having sex, dating, or marrying older women.")
In EvE Online if you "whelp" your ship/fleet it means you died/lost in a horrible embarrassing manner.
Everybody has of course seen http://blockchain.info/address/1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy
Looks like a whelp to me.
I looked up "whelp" (http://www.urbandictionary.com/define.php?term=whelp).
None of the definitions seem to make sense in this context. ("A hot young 20 something guy who prefers having sex, dating, or marrying older women.")
Everybody has of course seen http://blockchain.info/address/1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy
I hope to god that the people from bitcoin central did that as a security measurement....
Do we know when the site went down? If the timing is close, then this may just be the case. Though, if it were the case, it'd be prudent of them to say that those with coins there havent' lost anything
uh oh...
Everybody has of course seen http://blockchain.info/address/1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy
I hope to god that the people from bitcoin central did that as a security measurement....
Everybody has of course seen http://blockchain.info/address/1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy
Looks like a whelp to me.
Everybody has of course seen http://blockchain.info/address/1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy
Same thing at Instawallet...
Jump to: