Pages:
Author

Topic: BTC Stolen from Poloniex - page 33. (Read 167481 times)

newbie
Activity: 25
Merit: 0
March 04, 2014, 07:16:41 AM
If coinmarket is suffering from similar issues but is really bad at PR then its all good lads, both markets have shown promise and i would, despite my previous rants like to see both move forwards better and stronger.

In the meantime perhaps the group known as annonymous would consider digging out those trying to destroy the credibility of the coin exchanges and have a quiet word in their shell like and maybe empty thier wallets to enable those without food on the table to get by a bit better where there are no opportunities such as we have here.

If annonymous is truly the internet version of the A team and you can find them and hire them i would really like to see a plan come together, I am just a little man and this shit is way above my head.

+1 to Poloniex for biting the bullet and being straight up with us
sr. member
Activity: 420
Merit: 250
March 04, 2014, 07:16:12 AM
Wow, this sucks, but I'm glad you are being honest.
sr. member
Activity: 357
Merit: 250
March 04, 2014, 07:16:09 AM
I like poloniex everyday more and more, that mine second exchange after btce, i like how busoni managing with all problems. I'm Support !
legendary
Activity: 2114
Merit: 1040
A Great Time to Start Something!
March 04, 2014, 07:13:35 AM
I would leave the fees much lower, especially since you already "covered" the money.
member
Activity: 112
Merit: 10
March 04, 2014, 07:13:09 AM
Kudos for being transparent about the problems with your exchange. I know that some people doubted you at first when the XCP was stolen, but that turned out to not be your fault. Now when it actually is the fault of your exchange you are immediately holding your hand up. That takes courage and shows your integrity!  Smiley

I agree with all the previous posters here who have suggested that you sell some shares of your exchange instead of dramatically raising the fees across the board.

I know that a lot of people don't like https://cryptostocks.com/ but I think that has more to do with the projects/companies that are listed there than the actual exchange itself. It would be an easy and quick way to raise the money needed to re-pay what was stolen, and your users wouldn't be forced to take a loss.

Raising the fees to 1,5% is only going to hurt the exchange IMO, even if it's temporary. Perhaps you could increase them 50% from the current level, but increasing them to 1,5% is really a lot!

I have another suggestion.

It's kind of depending on if you follow through with the idea of doing an IPO or not, but I think it's something worth considering if you do.

How about raising enough money to create an "insurance fund" that will be available for those users who are willing to accept a slightly higher trading fee than uninsured users?

You would keep this fund in cold storage and it would be completely transparent on the blockchain for everyone to verify. It would only be used to reimburse those accounts that had paid the higher trading fee in case of another hack of the exchange. By making it voluntary it doesn't hurt anyone who doesn't want to pay the extra fee, and as the income from the insurance premiums increase so will the level of insurance. This will make Poloniex the first exchange where user funds are insured. Perhaps you could even make the funds on that cold storage account multisignature with 2 trusted members from the community, that way anyone who doubts your integrity will feel a lot safer as well...

I know that I would certainly be willing to pay a slightly higher fee to sleep a little better knowing that even if you are hacked again at least I will get reimbursed, and I'm sure there are a lot of sad MtGox users who feel the same way.

I'm embarrassed to admit that the second I saw something about Poloniex being hacked I immediately attempted a withdrawal of my BTC from there. Roll Eyes They are now "stuck in limbo" but I assume that they will show back up again once you have reversed the attempted transactions?
newbie
Activity: 36
Merit: 0
March 04, 2014, 07:12:58 AM
my few c

1. select for update to lock selects, then update the btc value, in a transaction.

There are many others like hashing and triggers to validate data, and to ensure sql injection if happens can be discovered easily.

Update set new value=old value - difference is more efficient and locks the row with resorting to the lock you mention.  Add a check constraint on table.
sr. member
Activity: 252
Merit: 250
March 04, 2014, 07:11:38 AM
I wake up and found out ALL my exchange sites and email got hacked around 4 hours ago... lost like 95% of my BTC(wallets are safe).... funny thing is poloniex.com is the only site that still has some coins left(BTC gone, but some other coins still there), i guess because of the frozen market... hopefully I can get rest of coins from here because my password has been changed, and I think I am still logged in because I did not close browser yet... dont know how long I will be remained signed in..... every other site(ones that are still logged in and I can see), all alt coins sold and BTC withdrawn, other sites I cant even log in anymore.

So a few questions...
is this all related or did I just happen to get hacked at this time?
how did all my online sites get hacked at same time?, wallets are safe...
is my wallets actually safe? do I need to reformat my computer right away? just main drive or all drives?
how was I hacked in the first place? what can I do to prevent this in future?

This sucks so fuckin much... I wake up to see LTC spike up alot, go try and sell some and find out... all my exchanges are empty or password changed... email password was changed... I spent the last 4 months fully dedicated to cryptos and now im worse off than when I started... not even from bad trading, but from hacks... this really fuckin sucks  

newbie
Activity: 13
Merit: 0
March 04, 2014, 07:11:15 AM
Today, about 12.3% of the BTC on Poloniex was stolen.

I take full responsibility for this and am committed to repaying the debt of BTC

So you take "full responsibility", but at the same time you let your customers pay for the loss? Hmmmmm.................
member
Activity: 105
Merit: 11
March 04, 2014, 07:07:49 AM
my few c

1. select for update to lock selects, then update the btc value, in a transaction.
2. trigger on db owned by privileged user on update for the btc value field, that throws an error to rollback transaction if negative.
3. audit sum() of values vs expected nett btc balance, which I'd expect was done already
4. triggers that log changes of btc values into log fields, sql injection can be logged

There are many others like hashing and triggers to validate data, and to ensure sql injection if happens can be discovered easily.
full member
Activity: 127
Merit: 100
March 04, 2014, 07:07:31 AM
So sad to hear this has happened I have had a great time trading on your exchange so far and don't think raising trade fees is a good idea either. 
Hopefully you will learn from this and the exchange will be better of in the long run.  Smiley
full member
Activity: 233
Merit: 102
March 04, 2014, 07:06:15 AM
So can we see proof of the remaining BTC 517.75 Huh
(if 12.8% ~= BTC 77, 87.2% = 517.75)

That'd go a long way in this MtGox BTC hacking clusterfuck of a trading environment.
newbie
Activity: 16
Merit: 0
March 04, 2014, 07:02:09 AM
Great way of handling it..  My question is what is being done to find and stop these people from knocking over the next exchange?
newbie
Activity: 4
Merit: 0
March 04, 2014, 06:59:11 AM
Why not take the amount you was stolen of from all the users?
+1.  Or, if it's easier for you, just the liquid coins.  Not fair that "just" BTC holders hit.  If you happened to have had a position on, you're okay? That's not right. Likely 99% of people were "using" BTC as a conduit to get into and out of the exchange. So, those people need to pony up.

Also, don't raise fees Busconi.  Pay us back slower if you have to.

IDEA: TAKE 12.6% from all withdrawals until funds are recovered.  Revenue will be higher, cause people will be trading with larger BTC sums. And, people will leave funds with you, and likely trade more.  You also eliminate the risk of a run on the exchange completely.

Whatever, I support Busconi, and I'll trust the exchange more now.
member
Activity: 61
Merit: 10
March 04, 2014, 06:47:40 AM
Damn thief stole my 4 mBTC. Are the XCP withdrawals also frozen?
legendary
Activity: 1055
Merit: 1002
March 04, 2014, 06:44:51 AM
Are you sure it is not one of exchange? 45k btc is a real big amount.
newbie
Activity: 11
Merit: 0
March 04, 2014, 06:40:58 AM
That's a lot of coins right there.

Following it you see withdrawals to different accounts but he splits them, so 50 coins sent, 49.9999 to the one address and 0.00001 to a different one.

Very cunning tbh

https://blockchain.info/tx/729d325dc1edb750d2bfb838dc61d2fcca315a3c676a7d5a8d399cc4b07bd650
legendary
Activity: 924
Merit: 1000
March 04, 2014, 06:35:12 AM
Everything pretty much ends up in this account if you follow the chain

https://blockchain.info/address/1N2f642sbgCMbNtXFajz9XDACDFnFzdXzV

and now he's taking everything out of that one too..

Looks like a serial scammer, possibly the one who brought down MxGox.
sr. member
Activity: 444
Merit: 250
Life is a bitch, get used to it...
March 04, 2014, 06:33:33 AM
Does anyone know when exactly the market froze? I started a BTC withdrawal +5 hours ago but it's stuck in PENDING.
I am also interested in THIS...
newbie
Activity: 30
Merit: 0
March 04, 2014, 06:31:38 AM
Everything pretty much ends up in this account if you follow the chain

https://blockchain.info/address/1N2f642sbgCMbNtXFajz9XDACDFnFzdXzV

and now he's taking everything out of that one too..

45000 BTC!!!!!!!!!!! Ouch!!!!!!!!!!!!!
newbie
Activity: 11
Merit: 0
March 04, 2014, 06:24:41 AM
Everything pretty much ends up in this account if you follow the chain

https://blockchain.info/address/1N2f642sbgCMbNtXFajz9XDACDFnFzdXzV

and now he's taking everything out of that one too..
Pages:
Jump to: