Pages:
Author

Topic: Bitfinex HACKED - funds stolen ! - page 17. (Read 32179 times)

hero member
Activity: 1150
Merit: 502
August 07, 2016, 03:41:12 AM
I think losing 36% if better than Bitfinex going full MtGox and at least they notified users straight away instead of operating as usual like Cryptsy and those 'in the know' managing to take most of their BTC and everybody else losing everything. Not an ideal solution though.

Do you know if it will be 36% of BTC or 36% of all Alt coins too?

As far as I know it affects only currency impaired i.e btc. No altcoin balances would be abated to clog up the bitcoin leak.

Im OK albeit not entirely happy with the proposed way of loss socialization, and might add that bitfinex could have easily made neat profits from shorts before announcing the hack and use those for hedging against collateral damage that exchange had taken in a result of the hack.

Instead they coerce ridiculous haircut on their customers' balances. Badass move but could be the only possible option to make as more ppl as possible as whole as possible.
legendary
Activity: 1484
Merit: 1029
August 07, 2016, 02:33:52 AM
I think losing 36% if better than Bitfinex going full MtGox and at least they notified users straight away instead of operating as usual like Cryptsy and those 'in the know' managing to take most of their BTC and everybody else losing everything. Not an ideal solution though.

Do you know if it will be 36% of BTC or 36% of all Alt coins too?
legendary
Activity: 2492
Merit: 1491
LEALANA Bitcoin Grim Reaper
August 07, 2016, 12:51:47 AM
What many are forgetting is that up until now Bitfinex has only talked.

Talk is cheap.

Believe what you see and can verify, not what they tell you.
hero member
Activity: 532
Merit: 501
August 07, 2016, 12:50:39 AM
Dammit those guys took the 120k bitcoin before I could click on hack. Now what am I to do??? Maybe I could report the thief to FBI and they will get my money for me. After all I am white, they will listen to me!!!!!
hero member
Activity: 1150
Merit: 502
August 07, 2016, 12:47:26 AM
Overall its not that bad as it looked from the outset, and they are making moves on the way to recovery. I was on the fence stating they would not go full mt. gox, or otherwise this would be a collapse of the western bitcoin world. They propose 36 cut so let them work that out and settle legal ramifications pertaining to loss generalization, this may not be the best possible solution, but the least they could do to bring site functionality back online in the coming hours.
legendary
Activity: 2940
Merit: 1083
August 06, 2016, 11:01:38 PM
Bitfinex has stolen your funds. It was NO hacker !  They will keep 36% from YOUR money, 23 MIL USD and they will continue the business. How can you let this happen?!!?!?

You must be VERY stupids to leave the things like that.

just a conspiracy dude, i think bitfinex is stupid and lacks of defense strategy against hackers, that's why they lost money, should have stored money on cold wallet.
The possibilities of conspiracy is can happen is always there but if it's correct maybe the using the 3rd parties to pretended to hack their site and stole their funds. but if that's assuming it's correct and wow it's very surprised, and do withdrawal all of your money now. just assuming.

But if they are returning all the lost money then they want to prove that it is not a fake hacking or other thing they call it. Sometimes I think that this is also a marketing strategy. Trying to be popular in doing some big news.
legendary
Activity: 3276
Merit: 1029
Leading Crypto Sports Betting & Casino Platform
August 06, 2016, 10:46:15 PM
Bitfinex has stolen your funds. It was NO hacker !  They will keep 36% from YOUR money, 23 MIL USD and they will continue the business. How can you let this happen?!!?!?

You must be VERY stupids to leave the things like that.

just a conspiracy dude, i think bitfinex is stupid and lacks of defense strategy against hackers, that's why they lost money, should have stored money on cold wallet.
The possibilities of conspiracy is can happen is always there but if it's correct maybe the using the 3rd parties to pretended to hack their site and stole their funds. but if that's assuming it's correct and wow it's very surprised, and do withdrawal all of your money now. just assuming.
sr. member
Activity: 331
Merit: 250
August 06, 2016, 09:49:54 PM
Bitfinex has stolen your funds. It was NO hacker !  They will keep 36% from YOUR money, 23 MIL USD and they will continue the business. How can you let this happen?!!?!?

You must be VERY stupids to leave the things like that.

just a conspiracy dude, i think bitfinex is stupid and lacks of defense strategy against hackers, that's why they lost money, should have stored money on cold wallet.
legendary
Activity: 1470
Merit: 1004
August 06, 2016, 09:26:27 PM
Why should those who did not have anything stolen be robbed? I had 30,000 usd in margin funding, CASH. Why should I lose %36?

Is there any open cases against bitfinex yet? I will be joining, or starting a group lawsuit for all those who lost their money. Yes I am responsible for where I put my money, but they are responsible for making me think their system was secure, and my money was safe.

they are in fact a legal company based in hong kong, that means they are open for money recovery. I'm sure those guys who had a few million in cash on margin funding are already in contact with lawyers.


thieves.

I recommend you to file a complain with Hong Kong police and http://www.sfc.hk or http://www.customs.gov.hk/en/consumer_protection/trade_desc/contact_us/index.html 
through an attorney from your country as soon as possible.

Bitifinex was operated by a Hong Kong company, Renrenbee Limited.

Be sure that the police will investigate your complain.Just fill it. Do not let your money to be stolen by crooks like Bitfinex (well known ex ponzi runners)

Bitfinex said that they alerted a "law enforcement" but they didn't say which one. This a lie. Hong Kong police didn't receive any complaint from Bitfinex regarding to a hack.
legendary
Activity: 1806
Merit: 1828
August 06, 2016, 08:29:02 PM
What on earth am I going to do with BFX tokens? I really don't want a share in an exchange that won't last much longer. I'm going to be stuck with Bitfinex for quite sometime. I had about 269.00 USD, that I received from selling some BTC. Unfortunately, I haven't given Bitfinex my KYC info. I don't intend to. I'll just have to hope they can get the exchange going, so I can purchase a coin that I can exit with.
legendary
Activity: 1806
Merit: 1164
August 06, 2016, 08:26:44 PM
Usually the only real winners in lawsuits are the lawyers. I was expecting more than a 36% haircut. I would not be surprised when Bitfinex comes online again if you want to unlock your account and withdraw funds you have to agree to the terms of the socialized loss. If you do not and reserve your right to sue your account stays locked. We will see.
sr. member
Activity: 574
Merit: 252
August 06, 2016, 08:21:51 PM
Well, the thing is that was not one hacker, not even a group.
There was more than one group of hackers, so this is pretty strange... Im amazed that bitfinex had to have hot wallet that big, and thanks to this, hackers were able to steal those btc that have been hold on hot wallet instead of frozen... Im sorry all bitfinex users ;(
full member
Activity: 184
Merit: 100
August 06, 2016, 08:17:24 PM
Bitfinex handled this the right way.
legendary
Activity: 2198
Merit: 1014
Bitdice is scam scam scammmmmmmmmmmmmmmmmmmmmmmmmm
August 06, 2016, 08:07:59 PM
I think this would slow down the process of being able to sell bitcoin on their platform, as well as the ability to to debit customers' losses when they have leveraged losses.

Probably not so much, because they only settled accounts to the blockchain once per day. The exception being, if you bought bitcoins and immediately requested to withdraw them. That already took 15-45 minutes generally. Not sure how much this would really add.

The problem with BitGo is that they signed transactions that they should not have signed. I speculate that BitGo was signing transactions they believed to be "internal transfers" between bitfinex accounts, which I suspect are not subject to the limits that bitfinex set, although this is speculation.

They certainly signed transactions they shouldn't have signed. Even if they were internal transfers, that kind of volume (above, say, 20k or 30k) should trigger a circuit breaker. A telephone call, some kind of second step verification...something, rather than simply auto-signing for 120k bitcoins.

hero member
Activity: 591
Merit: 501
Scavenger of Crypto Sorrow
August 06, 2016, 06:09:19 PM
I don't beleive that bitfinex hack because they can give a 33% back funds to your account..
I think this just their reason that their hack but the truth they are not hack and they sold bitcoin and now the price of bitcoin is low they can deposit or buy bitcoins to give few funds as giveaway to others..

If they sold 120k BTC before the event and bought back right after, they could make a good fortune without much trouble. Large centralized exchanges are manipulated. That's how they make real profits. Those 0.2% trade fees are just for maintenance expenses.
sr. member
Activity: 420
Merit: 250
August 06, 2016, 06:04:09 PM
I don't beleive that bitfinex hack because they can give a 33% back funds to your account..
I think this just their reason that their hack but the truth they are not hack and they sold bitcoin and now the price of bitcoin is low they can deposit or buy bitcoins to give few funds as giveaway to others..
yeah come on. that is the reason a third party to steal money from their customers? they just want to look responsible when they launch an scaming. maybe they are right in the hack but the hack is a party of their own
hero member
Activity: 924
Merit: 1001
August 06, 2016, 05:49:32 PM
I don't beleive that bitfinex hack because they can give a 33% back funds to your account..
I think this just their reason that their hack but the truth they are not hack and they sold bitcoin and now the price of bitcoin is low they can deposit or buy bitcoins to give few funds as giveaway to others..
copper member
Activity: 2996
Merit: 2374
August 06, 2016, 05:27:28 PM
I think this would slow down the process of being able to sell bitcoin on their platform, as well as the ability to to debit customers' losses when they have leveraged losses.

Probably not so much, because they only settled accounts to the blockchain once per day. The exception being, if you bought bitcoins and immediately requested to withdraw them. That already took 15-45 minutes generally. Not sure how much this would really add.
This would prevent a user from being able to place a sale order without first confirming with BitGo. Also, as I previously mentioned, if a customer opens a leveraged position with BTC as collateral, that declines in value, then the customer would presumably not agree to have BTC withdrawn from his account, even though this would be the appropriate thing to do.

The problem with BitGo is that they signed transactions that they should not have signed. I speculate that BitGo was signing transactions they believed to be "internal transfers" between bitfinex accounts, which I suspect are not subject to the limits that bitfinex set, although this is speculation.

They certainly signed transactions they shouldn't have signed. Even if they were internal transfers, that kind of volume (above, say, 20k or 30k) should trigger a circuit breaker. A telephone call, some kind of second step verification...something, rather than simply auto-signing for 120k bitcoins.
I know that BitGo handles internal transfers differently from outright withdrawals, at least in terms of pricing (a review of their website says that internal transfers are free while withdrawals signed by BitGo start at 0.1% with volume discounts available). It would make sense for there to be different limits between internal transfers and withdrawals.

I wasn't referring to trades.  I was referring to withdrawals.  Finex said everyone on their exchange had a BitGo account.  If this is true, Finex, did not use commonsense as I had previously mentioned in terms of withdrawals.

However, you make a great point.  If this was done in a way to make it appear as there were trades and simply transfer to settle trades between accounts, that's an entirely different issue to contend with.
I understand that when a BitGo customer will need to create a new "account", the BitGo customer (in this case Bitfinex) will provide BitGo two public keys, and BitGo will provide the customer with one public key, all of which will be combined to create a 2-of-3 multi-sig address. Ideally, when bitfinex provides their two public keys, one of the corresponding private keys will be held in offline cold storage, and one of them will be held in their online/hot server.

I am not entirely sure how bitfinex handles the creation of BitGo wallets/accounts when a new bitfinex account is opened. Ideally, Bitfinex and BitGo have exchanged a large quantity of public keys (tens/hundreds of thousands, or even millions), so when a bitfinex customer opens their account, BitGo can simply "activate" 3 wallets/accounts for this customer. BitGo most likely does not have access to bitfinex's business records, so they will simply be told by bitfinex when a new wallet/account needs to be activated. It is possible however that Bitfinex and BitGo exchange keys at the time the new bitfinex account is created, and the attacker provdied BitGo two public keys, and BitGo provided the attacker one public key, and that the attacker would have access to both of the corresponding private keys. This would allow the attacker to potentially first direct BitGo to sign transactions moving customer BTC to these newly created "wallets" and the attacker subsequently using the two private keys that he is in possession of to create a second transaction spending the BTC to an address that he created far away from the bitfinex servers. So BitGo would have only signed "internal transfer" transactions, and the attacker signed the "withdrawal" transactions.

It appears that the attacker was able to work for several hours without detection, which IMO is a very long time for an unauthorized intruder to have access to a server. Based on the statements of bitfinex (and BitGo), it appears that bitfinex was not initially sure how the attacker was able to access their servers, and based on the fact that users are still not able to access their bitfinex accounts, they still may not know. Based on the above, I suspect that the attacker was likely able to use some kind of 0-day attack.

If you assume that the losses at Gox actually happened a long time before Feb 2014, then this is, by far the largest hack/theft of Bitcoin in history.

Most of this is of course, speculation.
legendary
Activity: 1470
Merit: 1004
August 06, 2016, 05:11:41 PM
Bitfinex has stolen your funds. It was NO hacker !  They will keep 36% from YOUR money, 23 MIL USD and they will continue the business. How can you let this happen?!!?!?

You must be VERY stupids to leave the things like that.
legendary
Activity: 1302
Merit: 1318
Technical Analyst/Trader
August 06, 2016, 04:08:27 PM
I think this would slow down the process of being able to sell bitcoin on their platform, as well as the ability to to debit customers' losses when they have leveraged losses.

The problem with BitGo is that they signed transactions that they should not have signed. I speculate that BitGo was signing transactions they believed to be "internal transfers" between bitfinex accounts, which I suspect are not subject to the limits that bitfinex set, although this is speculation.

I wasn't referring to trades.  I was referring to withdrawals.  Finex said everyone on their exchange had a BitGo account.  If this is true, Finex, did not use commonsense as I had previously mentioned in terms of withdrawals.

However, you make a great point.  If this was done in a way to make it appear as there were trades and simply transfer to settle trades between accounts, that's an entirely different issue to contend with.
Pages:
Jump to: