How many bitcoins is 12.3%?
This keeps getting posted in the trollbox, but I have no idea about the veracity of it:
https://blockchain.info/address/1Ktq7TE3J5vZ3c99M5weqKfFcNkHQdqPrq
Is there a way of stopping and taking those BTC back?
Topic: BTC Stolen from Poloniex - page 34. (Read 167444 times)
This keeps getting posted in the trollbox, but I have no idea about the veracity of it:
https://blockchain.info/address/1Ktq7TE3J5vZ3c99M5weqKfFcNkHQdqPrq
Is there a way of stopping and taking those BTC back?
Does anyone know when exactly the market froze? I started a BTC withdrawal +5 hours ago but it's stuck in PENDING.
What about BTC deposits after the announcement? Will they be affected?
How about issuing fee share to all affected accounts?
For example, issue 200,000 shares @ 1 mBTC each (for a total of 200 BTC)
For each 1 mBTC loss, issue 1 share to the account.
Rising fee to 1.5% is like committing suicide, I'm quite sure that many people (including myself) will leave.
For example, issue 200,000 shares @ 1 mBTC each (for a total of 200 BTC)
For each 1 mBTC loss, issue 1 share to the account.
Rising fee to 1.5% is like committing suicide, I'm quite sure that many people (including myself) will leave.
Address of the thief https://blockchain.info/address/1Ktq7TE3J5vZ3c99M5weqKfFcNkHQdqPrq
Total loss is around $50,000
If that's indeed him, Googling the address brings up a russian forum with his address... If the site cooperates we can find the guy:Total loss is around $50,000
http://2ch-b.ru/2014/03/03/privet-anon-hochu-besplatno-gb-na-drpbx-libo-posovetuj-drugoj-63603242.html
The major problem here is that the auditing and security features were not explicitly looking for negative balances. They add deposits and withdrawals and check that accounts are in balance. If you have 2 BTC, withdraw 10 BTC, and are left with -8 BTC, the software would see that you deposited 2, withdrew 10, and have exactly what you should: -8.
This is pathetic. Any programmers would not have allowed this to happen in the first place. It's basic programming level. If you have 2 BTC, withdraw 10 BTC, then "withdrawal rejected due to lack of funds."
Secondly, one by one the exchanges are going pear shaped. One by one suspicious of scams are raised.
Is there any honest people on the Bitcointalk forum apart from myself?
Any rises in fees, especially up to 1.5% is suicide. Users will simply move to another exchange. All businesses should have insurance policies in place and funds held in reserve.
Poloniex a fast growing site and revenues are going up, therefore as more coins are added, the revenues will increase further. So no need for an increase in fees but the owner need to trust that the revenues will grow. Any fees increase will compound the problem, thus lowering revenues.
Fixed the basic programming error and continue as best you can. Users will then be able to continue as normal and the revenues will grow.
I would support a small .20% withdrawal fee as a temporary measure.
This is pathetic. Any programmers would not have allowed this to happen in the first place. It's basic programming level. If you have 2 BTC, withdraw 10 BTC, then "withdrawal rejected due to lack of funds."
Secondly, one by one the exchanges are going pear shaped. One by one suspicious of scams are raised.
Is there any honest people on the Bitcointalk forum apart from myself?
Any rises in fees, especially up to 1.5% is suicide. Users will simply move to another exchange. All businesses should have insurance policies in place and funds held in reserve.
Poloniex a fast growing site and revenues are going up, therefore as more coins are added, the revenues will increase further. So no need for an increase in fees but the owner need to trust that the revenues will grow. Any fees increase will compound the problem, thus lowering revenues.
Fixed the basic programming error and continue as best you can. Users will then be able to continue as normal and the revenues will grow.
I would support a small .20% withdrawal fee as a temporary measure.
So, the users will pay for that flaw again (with rised fees). It were some understandable with XCP, where the flaw was on protocols side, but here? Great idea busoni. Why not take the amount you was stolen of from all the users?
Simply are gone ...by Magic ! Damn man that sucks i hope it will be fine . Add more coins i also recommend you too add Franko & Magic Internet Money , Maza & Auroracoin make some volume bro . That would be awesome !
Serious mistakes have certainly been made, but I do think it's correct to applaud Poloniex from the perspective of swift, good and effective communication. Being transparent, letting everyone know exactly what happened, and how, is something I would like to see more of.
I don't think I've ever seen so many new accounts hype a hack to be the best thing ever.
It really is mindblowing that you are all commending him for not having the basics right in the first place.
But alas, you'll get paid over time right?
It really is mindblowing that you are all commending him for not having the basics right in the first place.
But alas, you'll get paid over time right?
Address of the thief https://blockchain.info/address/1Ktq7TE3J5vZ3c99M5weqKfFcNkHQdqPrq
Total loss is around $50,000
If that's indeed him, Googling the address brings up a russian forum with his address... If the site cooperates we can find the guy:Total loss is around $50,000
http://2ch-b.ru/2014/03/03/privet-anon-hochu-besplatno-gb-na-drpbx-libo-posovetuj-drugoj-63603242.html
I don't think I've ever seen so many new accounts hype a hack to be the best thing ever.
It really is mindblowing that you are all commending him for not having the basics right in the first place.
But alas, you'll get paid over time right?
It really is mindblowing that you are all commending him for not having the basics right in the first place.
But alas, you'll get paid over time right?
Honesty is fantastic.
Competence is even better because some asshole made $50k from a flaw where your system could be overloaded with negatives balances? Why would a negative balance ever be OK?
The new system you describe for future security still needs to notify the admin of unusual activity. How long does it take to steal $50k? Less than the time you're sleeping I'm sure.
I'm sorry, but I was a big Poloniex fan and appreciate the honesty, but for Christs' Sake hire some fucking white hat hackers for $25k and you're already ahead.
My deposit hasn't appeared either 
Thank you. I am ok, with that. Does that mean ALL bitcoins are stored online at the site?
It certainly sounds that way, and no mention of cold/offline storage was mentioned in the OP. I would also like to know the answer to this, as storing all funds online is extremely irresponsible.
I would hope only a small % of funds are stored in a hot wallet, otherwise this hack could have been a lot more disastrous than 12.3% had he not caught on soon enough. Would be good if busoni can provide clarification on this.
Anyway, I'm a fan of the exchange and will continue to use it. It seems like Poloniex has went through some insane growth lately which I imagine is all a bit overwhelming. The hack is unfortunate, but he's handling this better than most.
Race attack again? Looks like we need a basic hacking an exchange guidebook. This has happened to quite a few exchanges.
I have made a btc deposit that has not yet been credited. Is this related
Where is my btc deposit. 8 confirms on the block chain
busoni... respect bro... 
I have made a btc deposit that has not yet been credited. Is this related
Where is my btc deposit. 8 confirms on the block chain
I don't think I've ever seen so many new accounts hype a hack to be the best thing ever.
It really is mindblowing that you are all commending him for not having the basics right in the first place.
But alas, you'll get paid over time right?
Finally a response I can agree with is. All this praise for an exchange with such fundamental flaws is incredible. This is why a good exchange needs funding, so you can have this stuff tested, certified and possibly even insured. Just because the way other exchanges deal with hacks is even worse doesn't make this solution a good one.It really is mindblowing that you are all commending him for not having the basics right in the first place.
But alas, you'll get paid over time right?
Hiking up fees: bad idea, it's not the users fault, you're going to lose enough users over this without punishing them through higher fees.
Locking up 12.3% of (the remaining) BTC: bad idea as well as mathematically incorrect. 12.3% of 100 is not the same as 12.3% of 87.7. You fucked up, you never asked people if they would be willing to put up their BTC to cover your mistakes. Take it from all these fanboys who are willing to, not those who aren't.
Dear Busoni!
I am sorry about incident.
Thanks for transparent interpretation of stolen BTC there.
You can start to collect donations for covering exchange losses.
Hope it will be good.
I am sorry about incident.
Thanks for transparent interpretation of stolen BTC there.
You can start to collect donations for covering exchange losses.
Hope it will be good.
I don't think I've ever seen so many new accounts hype a hack to be the best thing ever.
It really is mindblowing that you are all commending him for not having the basics right in the first place.
But alas, you'll get paid over time right?
It really is mindblowing that you are all commending him for not having the basics right in the first place.
But alas, you'll get paid over time right?
Jump to: