Topic: Bitcoinica MtGox account compromised - page 17. (Read 155957 times)

Quote from: Phinnaeus Gage on July 14, 2012, 01:16:41 PM

PS: Please forgive for posting so often in this thread with what looks like on the surface to be nonsense but, because of the nature of this beast, it's warranted.

It's really not, though. It's like your life revolves around finding some drama in the bitcoin community. Give it a rest go outside and play some golf or whatever old people do these days. Spare us your verbal diarrhea. Your conspiracies and "gotcha" posts are uninformed and universally wrong. I'll leave you with two of my favorite quotes.

"A wise man speaks because he has something to say; a fool because he has to say something."

&

"Conspiracy is easier to understand than complexity"

I take it you're also not a fan of Al the Alpaca.

Seriously, I take the time to apologize, and you find within yourself to stick it up my ass, when all I'm trying to do is help. To be totally honest, I will give you this: I've never been one to engulf myself with drama, but, yes, I have done just that quite a few times here on this forum. In the past year, I have changed. Changed, directly and indirectly.

Once again, I apologize, but will not stop for there's a lot at stack.

~Bruno~

Herodes

hero member

Activity: 868

Merit: 1000

L.I.B.! Berlin is in the UK, possibly outside London.

That's right, it's just around the corner at the local pub two blocks away from the North Woolwich train station.

Phinnaeus Gage

legendary

Activity: 1918

Merit: 1570

Bitcoin: An Idea Worth Spending

Herodes

hero member

Activity: 868

Merit: 1000

Quote from: zhoutong on July 14, 2012, 01:36:33 AM

Quote from: Bitcoin Oz on July 14, 2012, 01:17:47 AM

What the fuck was 40 000 bitcoins doing sitting at mt gox. After the first hack it was claimed 80% of funds were sitting in cold storage.

Someone told lies about this too. Can someone dig up the original thread where they promised the coins were in cold storage ?

The funds were in the cold storage. But apparently someone transferred that to Mt. Gox account to be ready for refunds.

It would be interested to know the reason for transferring funds to MtGox for refunds. AFAIK bitcoins can be sent from any bitcoin client to any other bitcoin client, and fiat money can be transferred from any bank account to any other bank account. I do not understand why these funds would need to move to MtGox to be 'ready' for payout.

I guess some people without any ethics, moral or regards for anyone else is 'laughing' a lot these days. I hope they're happy and sleep well at night.

I felt particularily sorry for the person that lost 2 years worth of saving in this thread, but there's a lot of people that are owed a lot of money.

I'd like to say a lot more as well, but I think most of what I'd like to say has already been said in this thread.

sadpandatech

hero member

Activity: 504

Merit: 500

Quote from: Otoh on July 14, 2012, 12:43:57 PM

I think that this is the original 40,000 BTC withdrawal from Gox tx:

http://blockexplorer.com/tx/24f7c6836156e9d23cabde0db5dcbca3d95fde34f31673f2bce26c8c8e05ed5a#o0

to 100% taint address: http://blockexplorer.com/address/1Cc7nc5Rgwnh5qfWc5jKymyn5d6Y1PcXjj

Edit: actually I'm confused about this, there appears to be an additional 39998.9843 BTC also sent to this address, someone who knows how it all works better correct me about which tx is the original theft/withdrawal.

this makes it easier to visulize; http://blockchain.info/address/1Cc7nc5Rgwnh5qfWc5jKymyn5d6Y1PcXjj
the 39k~ one was change from a 1~ BTC tx

if you trace back some of those to mywallet you can see they were popping it out of there in like 4k chunks, mostly unmixed; http://blockchain.info/address/19EHKZhD4zPXHJ783Y4H4rkcXUigWgF3jh

Phinnaeus Gage

legendary

Activity: 1918

Merit: 1570

Bitcoin: An Idea Worth Spending

Quote from: Phinnaeus Gage on July 14, 2012, 12:44:54 PM

<>

No. I received this email. I was still in the [email protected] mailing list.

I believe that the theft happened much earlier and no one discovered. No one cared about this spammy-look email either (or they don't check their mailbox).

Quote

From: Bitcoinica Sucks <[email protected]>
To: [email protected]
Date: Friday, 13 July 2012 3:39:55 AM
Subject: Bitcoinica is done

THANK YOU FOR YOU SOURCE CODE.

BITCONICA IS NOW OFFICALY DONE!

LASTPAS PASWORD: c02e1a27-5524-449f-ba65-aff9581ddedc

Hacker, or somebody, can't spell or purposely misspelled word: LASTPAS; OFFICALY

Question: Did the hacker send the recent email to notify parties that an the alleged break-in occurred a while back and, since nobody took notice, he somehow felt cheated by not getting an extra 15 minutes of fame?

Also...

Quote

No, I was merely stating a fact. I discovered something unusual and I emailed them. They promised an update. And that's it.

Do these people no have phones? 3-4 principles should have each other's phone numbers, shouldn't they, or did I miss that memo when the internet became mainstream?

~Bruno~

the email does seem very very odd....

You think that's odd? Wait till I start linking concerns prior to them supposedly meeting up only recently--before Bitcoin was conceived which starts with C and rhymes with D as in deceive and that spells doom. ~The Music Man

~Bruno~

Phinnaeus Gage

legendary

Activity: 1918

Merit: 1570

Bitcoin: An Idea Worth Spending

Quote from: Clipse on July 14, 2012, 12:25:13 PM

<>

No. I received this email. I was still in the [email protected] mailing list.

I believe that the theft happened much earlier and no one discovered. No one cared about this spammy-look email either (or they don't check their mailbox).

Quote

From: Bitcoinica Sucks <[email protected]>
To: [email protected]
Date: Friday, 13 July 2012 3:39:55 AM
Subject: Bitcoinica is done

THANK YOU FOR YOU SOURCE CODE.

BITCONICA IS NOW OFFICALY DONE!

LASTPAS PASWORD: c02e1a27-5524-449f-ba65-aff9581ddedc

Hacker, or somebody, can't spell or purposely misspelled word: LASTPAS; OFFICALY

Question: Did the hacker send the recent email to notify parties that an the alleged break-in occurred a while back and, since nobody took notice, he somehow felt cheated by not getting an extra 15 minutes of fame?

And the hacker used hotmail. Surely an IP can be traced via them/there.

Also...

Quote

No, I was merely stating a fact. I discovered something unusual and I emailed them. They promised an update. And that's it.

Do these people no have phones? 3-4 principles should have each other's phone numbers, shouldn't they, or did I miss that memo when the internet became mainstream?

~Bruno~

Otoh

donator

Activity: 3024

Merit: 1105

I think that this is the original 40,000 BTC withdrawal from Gox tx:

http://blockexplorer.com/tx/24f7c6836156e9d23cabde0db5dcbca3d95fde34f31673f2bce26c8c8e05ed5a#o0

to 100% taint address: http://blockexplorer.com/address/1Cc7nc5Rgwnh5qfWc5jKymyn5d6Y1PcXjj

Edit: actually I'm confused about this, there appears to be an additional 39998.9843 BTC also sent to this address, someone who knows how it all works better correct me about which tx is the original theft/withdrawal.

ErebusBat

hero member

Activity: 560

Merit: 500

I am the one who knocks

Quote from: ErebusBat on July 14, 2012, 12:15:31 PM

Quote from: Clipse on July 14, 2012, 12:25:13 PM

So where is the wallet address of this BTC withdrawal ?

At the very least people can see where it goes and if it moves to an exchange to be sold eventually.

piuk posted the suspected TX in the blockchain.info thread.... It looks like they ran it through his servers.

Im not asking for suspected TX, I am asking for the withdrawal address that would be listed in MTGOX. No reason for anyone to speculate over where the funds went.

Can't you back trace it? The 40,000 did just materialize in that TX.

Otoh

donator

Activity: 3024

Merit: 1105

Quote from: ErebusBat on July 14, 2012, 12:15:31 PM

Quote from: ErebusBat on July 14, 2012, 12:15:31 PM

So where is the wallet address of this BTC withdrawal ?

At the very least people can see where it goes and if it moves to an exchange to be sold eventually.

piuk posted the suspected TX in the blockchain.info thread.... It looks like they ran it through his servers.

Im not asking for suspected TX, I am asking for the withdrawal address that would be listed in MTGOX. No reason for anyone to speculate over where the funds went.

While you're waiting you could check the 100 BTC donation tx to ZT's personal restitution thread as that was from the hacker apparently, it was sent to:

1Lmb3fGLtizurD3mBq3QAKZ6mVb9kGMLSh

from:

http://blockexplorer.com/address/19X4nKW8Swm32UHLZ5LFuacCu9DBr1rfDJ

with 13798.9838 BTC in change

http://blockexplorer.com/tx/fd307e86985acf7aaa3634ce92f7920343ce6ef7ae61f1b693056c5a8741fcdb#o0

there's plenty in it & just follow it back a little, http://blockexplorer.com/address/1Cc7nc5Rgwnh5qfWc5jKymyn5d6Y1PcXjj had 40,000 BTC in it but it can be traced back further to more.

Clipse

hero member

Activity: 504

Merit: 502

So where is the wallet address of this BTC withdrawal ?

At the very least people can see where it goes and if it moves to an exchange to be sold eventually.

piuk posted the suspected TX in the blockchain.info thread.... It looks like they ran it through his servers.

Im not asking for suspected TX, I am asking for the withdrawal address that would be listed in MTGOX. No reason for anyone to speculate over where the funds went.

ErebusBat

hero member

Activity: 560

Merit: 500

I am the one who knocks

Quote from: 556j on July 14, 2012, 06:55:12 AM

So where is the wallet address of this BTC withdrawal ?

At the very least people can see where it goes and if it moves to an exchange to be sold eventually.

piuk posted the suspected TX in the blockchain.info thread.... It looks like they ran it through his servers.

Clipse

hero member

Activity: 504

Merit: 502

So where is the wallet address of this BTC withdrawal ?

At the very least people can see where it goes and if it moves to an exchange to be sold eventually.

ErebusBat

hero member

Activity: 560

Merit: 500

I am the one who knocks

Love it... "don't taint me bro"
HACKER: This ^^^^

Even opens up a while line of shirts: "Bitconica's MtGox got compromised and all I got was this lousy taint..."

Otoh

donator

Activity: 3024

Merit: 1105

BTC : You can still withdraw up to 4,000.00000000 BTC provided you have enough on your account (your limit is 4,000.00000000 BTC per 24 hours )
USD : You can still withdraw up to $10,000.00000 provided you have enough on your account (your limit is $10,000.00000 per 24 hours and $50,000.00000 per 30 days)

I guess the Bitcoinica funds had requested higher withdrawal limits than normal verified accounts, otherwise it would take 10 days to get the coins out & 4 days to drain the $s, or has this siphoning off being going on for a while.

I assume that the $40k were sent to sock puppet accounts by Mt. Gox $ codes & then coins were bought & moved out, rather than being withdrawn in actual $s.

Shout out to the hacker - Don't taint me bro! 1G5apmPvo2iTtmkNWAHTCET7Y842Ufijs8 Wink

imanikin

hero member

Activity: 702

Merit: 503

Quote from: jcp on July 14, 2012, 07:05:42 AM

PS: Please forgive for posting so often in this thread with what looks like on the surface to be nonsense but, because of the nature of this beast, it's warranted.

...
"A wise man speaks because he has something to say; a fool because he has to say something."
...

(+1 It's annoying to follow threads with such posters in it. When someone has 6k+ posts, and has only been in the forum a year, it's likely that most of those posts were brief blurbs of nonsense...

I think Phinnaeus Gage will be the first member on my ignore list. Cheesy

)

As for the topic, my sympathies for all who were damaged. I was hoping that after the 2011 Magic the Gathering Online Xchange hack, the BtCex.com affair, the MyBitcoin scam, and appearance of things like 2-factor and paper wallets, such incidents would be behind us... Sad

May all of you be well! There is, obviously, more to Life than Bitcoin... Cool

allten

sr. member

Activity: 455

Merit: 250

You Don't Bitcoin 'till You Mint Coin

Quote from: JoelKatz on July 14, 2012, 06:18:03 AM

This is possible. Even if Zhoutong received a fair price, he could still theoretically be held liable for negligently transferring control over the assets of his depositors.

From the facts known to me, this seems like an extremely unlikely way for events to turn. It seems, at least to me, that Zhoutong negotiated in good faith, believed the people he were dealing with were more competent than him to run the business, and had no reason to suspect any of the future problems. I don't know whether his compensation was fair or not, but I understand he was motivated to sell, so it's unlikely he was paid more than the business was worth.

It doesn't matter. I'm not talking about theoreticals, the facts you and I know regarding the ownership transfer is slim-to-none and that's one of the fundamental problems. To postulate that he was not paid more than what the company was worth is indicative of illusory self-confidence in knowledge, unless you are privy to non-public facts that have not been disclosed here (if so, I'm sure people that have lost money would love to know).

If I did not make it clear enough, the lack of public knowledge of ownership transfer creates serious potential for negligence claims against Zhoutong (as he has a fiduciary duty to deposit holders). Transfer of a money service to another entity which has different credit risk/security expertise without disclosure, then having the new entity defaulting on debts is an open and shut case of proximate cause, I disagree with the opinion that it's an unlikely avenue of pursuit in the event of actual default.

To reiterate, assuming that Zhoutong has zero involvement with the theft/loss-of-funds, it is in his personal best interests to ensure/advocate that everyone gets paid back in full.

+10,000,000

Bam! Nice write up. This is why I think any lawsuit should also include Zhou!
There were 3 parties here, the original Bitcoinica team, the Intersango team, and the investors. The ball was dropped in the hand off. It's the perfect scenario for an inside job and to get away with it. The innocent players were blinded by greed and should have been much more cautious. Any reasonable person would have considered limiting funds during the handoff which should have taken months to be done properly - not just a day for some passwords to be transmitted. Like jcp points out, none of the users were told until after the fact. This will be a great lesson to anyone thinking of buying or selling a Bitcoin business.

Good luck to anyone with large stakes. With lawsuits being forced, this slowing moving train wreck just got another 6 to 12 months added to it.

Clipse

hero member

Activity: 504

Merit: 502

If someone did steal the sourcecode, How the hell did that happen?

Did you guys email the sourcode to everyone ?

Seriously, there is no way you can explain your way out of such a leak of the sourcecode to the core of your business.

sadpandatech

hero member

Activity: 504

Merit: 500

Quote from: sadpandatech on July 14, 2012, 11:00:16 AM

Quote from: Maged on July 14, 2012, 09:09:46 AM

Quote from: BitcoinBug on July 14, 2012, 09:00:33 AM

I only have one question for Consultancy: "How do you know the hacker got the MtGox password from LastPass and what its master passsword was?"

As always, Zhou is the only one who actually has answers:

Quote from: Maged on July 14, 2012, 09:09:46 AM

I received this email. I was still in the [email protected] mailing list.

I believe that the theft happened much earlier and no one discovered. No one cared about this spammy-look email either (or they don't check their mailbox).

Quote

From: Bitcoinica Sucks <[email protected]>
To: [email protected]
Date: Friday, 13 July 2012 3:39:55 AM
Subject: Bitcoinica is done

THANK YOU FOR YOU SOURCE CODE.

BITCONICA IS NOW OFFICALY DONE!

LASTPAS PASWORD: c02e1a27-5524-449f-ba65-aff9581ddedc

Wasn't that mail after the hack though? I still have the same question, lastpass has logs that can be checked..

why send mail first, then take coins? im no mastermind but steal first then gloat?

yea, I can see that. The question still stands though. "Who is it that pointed out their lastpass had been breeched and how did they know? Where are the logs?

sadpandatech

hero member

Activity: 504

Merit: 500

Quote from: BitcoinBug on July 14, 2012, 09:00:33 AM

I only have one question for Consultancy: "How do you know the hacker got the MtGox password from LastPass and what its master passsword was?"

As always, Zhou is the only one who actually has answers: