Bitcoin Forum>Bitcoin>Bitcoin Discussion
Pages:
Author

Topic: Bitcoinica lost 43,554 BTC from Linode compromise, suspicious TXIDs publicized - page 2. (Read 56416 times)

btcash
hero member
Activity: 968
Merit: 515
Re: Bitcoinica lost 43,554 BTC from Linode compromise, suspicious TXIDs publicized
March 03, 2012, 01:32:49 PM
#132
Quote from: zhoutong on March 01, 2012, 10:44:31 PM
Quote from: theymos on March 01, 2012, 10:39:23 PM
How can you reimburse that much? Have you really made that much profit?

Yes, our historical profit is fairly sufficient to cover the loss from this incident, and we believe that it's the best interest for the community to keep running the business. We will take appropriate strategies and implement more security features to prevent this from happening ever again, even with the presence of dishonest partners or employees.
this is hard to believe. It takes MtGox around 2 months to earn that much and their volume is way larger then yours.

I am wondering why somemany bitcoin people used that hoster. There are thousands of hoster.
gamer4156
sr. member
Activity: 1008
Merit: 250
Re: Bitcoinica lost 43,554 BTC from Linode compromise, suspicious TXIDs publicized
March 03, 2012, 01:20:13 PM
#131
I remember seeing that post on SR as well.
muyuu
donator
Activity: 980
Merit: 1000
Re: Bitcoinica lost 43,554 BTC from Linode compromise, suspicious TXIDs publicized
March 03, 2012, 07:52:33 AM
#130
Bitcoinica was also in Rackspace, right?

Well, this just in http://www.rackspace.com/knowledge_center/content/slicehost-forum-archive-migration-and-conversion

Rackspace's slicehost forum user DB compromised. They are a bit unclear on how and what exactly was compromised, and why do they know it.

This shouldn't in theory affect rackspace users but is a fair warning on not reusing passwords and also not having your passwords anywhere near "the cloud"...
BkkCoins
hero member
Activity: 784
Merit: 1009
firstbits:1MinerQ
Re: Bitcoinica lost 43,554 BTC from Linode compromise, suspicious TXIDs publicized
March 03, 2012, 07:46:08 AM
#129
Quote from: Herodes on March 03, 2012, 07:17:16 AM
Quote from: bitcoinBull on March 02, 2012, 04:30:19 PM
Quote from: Aggro on March 02, 2012, 01:32:44 PM
Quote from: Clipse on March 01, 2012, 10:47:54 PM
I cant help but know some Linode employee wont be at work tomorrow.

This all is way way way to convenient, seems like an inside job planned overtime with the knowledge of who runs worthwhile bitcoin services and on which VPS accounts.

This is alot of money, please for all of us make its your top priority to get compensation out of Linode otherwise any future losses less than this would be seen acceptable by these crappy hosting companies or other services.

Indeed. It seems rather odd that a random hacker would systematically probe linode for security flaws, and then magically find 8 customers related to bitcoin, and methodically empty their wallets. This is clearly somebody from the inside.

They could have been observing bitcoin node ip addresses and found that 8 of them belonged to linode.  Could have observed that the transaction broadcasts of bitcoinica withdrawals were originating from one of those 8.  Then concluded that bitcoinica's hot wallet was on a linode VPS.

Yes, but would it not be likely that he/they would need intimiate knowledge of the linode systems, meaning they would need to be a customer or already a sysadmin at Linode ?
No, this is exactly how hackers work. They explore and try tons of different attack vectors until they find ones that work. Whether this was an insider or not I don't know but certainly a hacker wouldn't need to be an insider. This is what they do. They find flaws and dig in deeper until they can leverage the flaws. (I'm saying hacker but a more correct term would be "cracker".)
Herodes
hero member
Activity: 868
Merit: 1000
Re: Bitcoinica lost 43,554 BTC from Linode compromise, suspicious TXIDs publicized
March 03, 2012, 07:17:16 AM
#128
Quote from: bitcoinBull on March 02, 2012, 04:30:19 PM
Quote from: Aggro on March 02, 2012, 01:32:44 PM
Quote from: Clipse on March 01, 2012, 10:47:54 PM
I cant help but know some Linode employee wont be at work tomorrow.

This all is way way way to convenient, seems like an inside job planned overtime with the knowledge of who runs worthwhile bitcoin services and on which VPS accounts.

This is alot of money, please for all of us make its your top priority to get compensation out of Linode otherwise any future losses less than this would be seen acceptable by these crappy hosting companies or other services.

Indeed. It seems rather odd that a random hacker would systematically probe linode for security flaws, and then magically find 8 customers related to bitcoin, and methodically empty their wallets. This is clearly somebody from the inside.

They could have been observing bitcoin node ip addresses and found that 8 of them belonged to linode.  Could have observed that the transaction broadcasts of bitcoinica withdrawals were originating from one of those 8.  Then concluded that bitcoinica's hot wallet was on a linode VPS.

Yes, but would it not be likely that he/they would need intimiate knowledge of the linode systems, meaning they would need to be a customer or already a sysadmin at Linode ?
bitcoinBull
legendary
Activity: 826
Merit: 1001
rippleFanatic
Re: Bitcoinica lost 43,554 BTC from Linode compromise, suspicious TXIDs publicized
March 02, 2012, 04:30:19 PM
#127
Quote from: Aggro on March 02, 2012, 01:32:44 PM
Quote from: Clipse on March 01, 2012, 10:47:54 PM
I cant help but know some Linode employee wont be at work tomorrow.

This all is way way way to convenient, seems like an inside job planned overtime with the knowledge of who runs worthwhile bitcoin services and on which VPS accounts.

This is alot of money, please for all of us make its your top priority to get compensation out of Linode otherwise any future losses less than this would be seen acceptable by these crappy hosting companies or other services.

Indeed. It seems rather odd that a random hacker would systematically probe linode for security flaws, and then magically find 8 customers related to bitcoin, and methodically empty their wallets. This is clearly somebody from the inside.

They could have been observing bitcoin node ip addresses and found that 8 of them belonged to linode.  Could have observed that the transaction broadcasts of bitcoinica withdrawals were originating from one of those 8.  Then concluded that bitcoinica's hot wallet was on a linode VPS.
Clipse
hero member
Activity: 504
Merit: 502
Re: Bitcoinica lost 43,554 BTC from Linode compromise, suspicious TXIDs publicized
March 02, 2012, 03:10:41 PM
#126
Quote from: neo_rage on March 02, 2012, 02:55:57 PM
Awesome. Hope that you guys solve this problem with a little troubles.

Thanks god I'm not mining at Bitcoinica, but i'm with you.

Bitcoinica is far from a mining pool Wink
neo_rage
full member
Activity: 196
Merit: 100
Re: Bitcoinica lost 43,554 BTC from Linode compromise, suspicious TXIDs publicized
March 02, 2012, 02:55:57 PM
#125
Awesome. Hope that you guys solve this problem with a little troubles.

Thanks god I'm not mining at Bitcoinica, but i'm with you.
mc_lovin
legendary
Activity: 1190
Merit: 1000
www.bitcointrading.com
Re: Bitcoinica lost 43,554 BTC from Linode compromise, suspicious TXIDs publicized
March 02, 2012, 02:55:12 PM
#124
i pretty much saw this coming.
runeks
legendary
Activity: 980
Merit: 1008
Re: Bitcoinica lost 43,554 BTC from Linode compromise, suspicious TXIDs publicized
March 02, 2012, 02:51:40 PM
#123
I think insurance companies would get a lot of cases on their hands if they started insuring bitcoins. I mean, how can you insure something that can be stolen without leaving any trace?
ball4thegame
sr. member
Activity: 309
Merit: 251
Re: Bitcoinica lost 43,554 BTC from Linode compromise, suspicious TXIDs publicized
March 02, 2012, 02:50:54 PM
#122
Quote from: Matthew N. Wright on March 02, 2012, 02:46:26 PM
Quote from: ball4thegame on March 02, 2012, 02:45:42 PM
Just a thought to share with Zhou and others trying to locate the thief...

Approximately a week ago on the SR forums, there was someone who put out a $30,000 offer to anyone who would submit ID info and such to Mt Gox to enable him/her to withdraw from a large account without giving up his/her real information. Perhaps this was the hacker trying to cover his identity for his future 'endeavor'. Figured I would let people know.

Link?

Can't access from work, will try to post it later if nobody else does. It was in the discussion section on the SR forums.
Rassah
legendary
Activity: 1680
Merit: 1035
Re: Bitcoinica lost 43,554 BTC from Linode compromise, suspicious TXIDs publicized
March 02, 2012, 02:47:50 PM
#121
Insure for a certain amount of USD/Fiat based on business risks, instead of a specific BTC value. To be safe, the Bitcoin business operator can insure for more than they actually have in case they get more. It's doable. Just stupid expensive.
Matthew N. Wright
hero member
Activity: 588
Merit: 500
Hero VIP ultra official trusted super staff puppet
Re: Bitcoinica lost 43,554 BTC from Linode compromise, suspicious TXIDs publicized
March 02, 2012, 02:46:26 PM
#120
Quote from: ball4thegame on March 02, 2012, 02:45:42 PM
Just a thought to share with Zhou and others trying to locate the thief...

Approximately a week ago on the SR forums, there was someone who put out a $30,000 offer to anyone who would submit ID info and such to Mt Gox to enable him/her to withdraw from a large account without giving up his/her real information. Perhaps this was the hacker trying to cover his identity for his future 'endeavor'. Figured I would let people know.

Link?
ball4thegame
sr. member
Activity: 309
Merit: 251
Re: Bitcoinica lost 43,554 BTC from Linode compromise, suspicious TXIDs publicized
March 02, 2012, 02:45:42 PM
#119
Just a thought to share with Zhou and others trying to locate the thief...

Approximately a week ago on the SR forums, there was someone who put out a $30,000 offer to anyone who would submit ID info and such to Mt Gox to enable him/her to withdraw from a large account without giving up his/her real information. Perhaps this was the hacker trying to cover his identity for his future 'endeavor'. Figured I would let people know.
Matthew N. Wright
hero member
Activity: 588
Merit: 500
Hero VIP ultra official trusted super staff puppet
Re: Bitcoinica lost 43,554 BTC from Linode compromise, suspicious TXIDs publicized
March 02, 2012, 02:44:19 PM
#118
Quote from: stochastic on March 02, 2012, 02:32:48 PM
Quote from: Matthew N. Wright on March 02, 2012, 02:21:29 PM
Quote from: stochastic on March 02, 2012, 02:18:29 PM
Any insurance can exist.  It is just a contract.  Of course if these thefts keeps happening then the premiums are going to be expensive.

I didn't say it won't ever exist, I said it doesn't exist. Now provide your link to the only service in the world that will insure bitcoins (because I've checked to London and back and there isn't one) or stop daydreaming outloud.

What I am saying is a person needs to call a specialist insurance company and they will figure it out.  Did you call Lloyd's?

Are you kidding? They're the first I thought of!

Given the lack of assurance to the location of the bitcoins, the fact that the keys can be copied and moved, the volatility of the market value, and the inability to hold the only physical copies in any medium, they won't insure.

If it had a fixed price, I'd imagine they would insure it for more than it's spot value in fees, but what's the point of that?
Phinnaeus Gage
legendary
Activity: 1918
Merit: 1570
Bitcoin: An Idea Worth Spending
Re: Bitcoinica lost 43,554 BTC from Linode compromise, suspicious TXIDs publicized
March 02, 2012, 02:43:47 PM
#117
Quote from: goodlord666 on March 02, 2012, 12:21:03 PM
Quote from: zhoutong on March 01, 2012, 10:37:39 PM
Again, we would like to reassure that trading will not be in any way affected and we are already in the process of contacting Linode regarding this incident. The Bitcoinica system has not been compromised and our reserves are more than sufficient for regular trading activities.

Your writing style has improved exceptionally since the beginning! Keep it up!


Ironically, I was going to pen a similar sentiment, but you, goodlord666, beat me to it.
stochastic
hero member
Activity: 532
Merit: 500
Re: Bitcoinica lost 43,554 BTC from Linode compromise, suspicious TXIDs publicized
March 02, 2012, 02:32:48 PM
#116
Quote from: Matthew N. Wright on March 02, 2012, 02:21:29 PM
Quote from: stochastic on March 02, 2012, 02:18:29 PM
Any insurance can exist.  It is just a contract.  Of course if these thefts keeps happening then the premiums are going to be expensive.

I didn't say it won't ever exist, I said it doesn't exist. Now provide your link to the only service in the world that will insure bitcoins (because I've checked to London and back and there isn't one) or stop daydreaming outloud.

What I am saying is a person needs to call a specialist insurance company and they will figure it out.  Did you call Lloyd's?
Matthew N. Wright
hero member
Activity: 588
Merit: 500
Hero VIP ultra official trusted super staff puppet
Re: Bitcoinica lost 43,554 BTC from Linode compromise, suspicious TXIDs publicized
March 02, 2012, 02:21:29 PM
#115
Quote from: stochastic on March 02, 2012, 02:18:29 PM
Any insurance can exist.  It is just a contract.  Of course if these thefts keeps happening then the premiums are going to be expensive.

I didn't say it won't ever exist, I said it doesn't exist. Now provide your link to the only service in the world that will insure bitcoins (because I've checked to London and back and there isn't one) or stop daydreaming outloud.
stochastic
hero member
Activity: 532
Merit: 500
Re: Bitcoinica lost 43,554 BTC from Linode compromise, suspicious TXIDs publicized
March 02, 2012, 02:18:29 PM
#114
Quote from: Matthew N. Wright on March 02, 2012, 02:01:11 AM
Quote from: stochastic on March 02, 2012, 01:36:11 AM
Quote from: zhoutong on March 01, 2012, 10:37:39 PM
We didn't have the opportunity to scan our whole system for suspicious transactions that were not initiated from our customers because we had to shut down the system immediately after we've discovered the huge loss. We did get a rough estimate and we published a press release to warn our users about the deposit address replacement.

However, now we have concluded that we lost 43,554 BTC from this incident and we will reimburse our customers for the full amount. For transparency, we would like to disclose all the suspicious transaction ids in this incident:

I hope you get insurance next time to account for any losses due to theft.

Doesn't exist.

You could only have the USD insured.

Any insurance can exist.  It is just a contract.  Of course if these thefts keeps happening then the premiums are going to be expensive.
Matthew N. Wright
hero member
Activity: 588
Merit: 500
Hero VIP ultra official trusted super staff puppet
Re: Bitcoinica lost 43,554 BTC from Linode compromise, suspicious TXIDs publicized
March 02, 2012, 01:44:06 PM
#113
Quote from: Aggro on March 02, 2012, 01:32:44 PM
Quote from: Clipse on March 01, 2012, 10:47:54 PM
I cant help but know some Linode employee wont be at work tomorrow.

This all is way way way to convenient, seems like an inside job planned overtime with the knowledge of who runs worthwhile bitcoin services and on which VPS accounts.

This is alot of money, please for all of us make its your top priority to get compensation out of Linode otherwise any future losses less than this would be seen acceptable by these crappy hosting companies or other services.

Indeed. It seems rather odd that a random hacker would systematically probe linode for security flaws, and then magically find 8 customers related to bitcoin, and methodically empty their wallets. This is clearly somebody from the inside.

I don't know, I hacked VizVideo's phone banks and the St. Joseph county library network both using the method you just described --stumbling upon it.
Pages:
Bitcoin Forum>Bitcoin>Bitcoin Discussion
Jump to: