Author

Topic: BTCSYN reports a $12k (1,852 BTC) theft (Read 3903 times)

sr. member
Activity: 336
Merit: 250
July 17, 2012, 04:20:16 PM
#31
I hold a few shares of BTCSYN, was looking at the old motions and then wondering at the recent buy/sell activity. Funnily, I wasn't too happy with the liquidate current FPGAs motion when I read it. Turns out that is the source of the stolen funds. May I ask what the reasoning was behind that move? The Cairnsmore1 devices don't even have a full working bitstream yet.

Glasswalker continuing to work to make BTCSYN whole and also posting a copy of the police report would help reduce the fallout from this.
legendary
Activity: 892
Merit: 1002
1 BTC =1 BTC
How convenient! This has been pulled far too many times in this community.

+1
legendary
Activity: 1288
Merit: 1227
Away on an extended break
So I did a security audit on myself.

I have 108 passwords word with an average password length of 21 chrs.
I have 5 duplicate passwords, if you really want to hack my pandora play list go ahead!
I currently have 9 google auth or ubikey enabled accounts.
I have 2 weak passwords.

I've had accounts where I have to change my password every 7 days and couldn't reuse a password in the last 6 months.

I have a feeling since he reused a password with multiple banks it was stolen from a bank. I just saw like 2 weeks ago that 60-70 banks got breached.
maybe a password hash list was stolen from a bank.

I know my linkedin password was stolen because I checked via there hash database that was released.

i wonder if the same password on the linkedin account and mtgox.

Maybe i'm paranoid or I should start doing more computer security consulting lol.

and please don't take my comments about BTCSYN as negative, I think they are one of the best run assets and I tried to copy them whenever possible and I personally was a shareholder.

I know I said I wouldn't be back (and I was referring to this thread by the way, because it had turned into a witch-hunt), but this post was very well written. Thank you. (and the above audit is very similar to my situation prior to the overhaul which this incident prompted for me).

And to answer, no I didn't even have a linkedin account, (I believe there was one created for me ages ago by my employer, but I didn't even control the account, let alone set it's password).

As for the bank compromise, yes, it's a possibility. But I have yet to see verification of any of the banks I deal with being "on the list". I know most of the attackes seem to be euro-centric. But one report does say it spilled into north america as well, but didn't elaborate on what banks.

It seemed the attack was focused on stealing money specifically from high balance accounts at those banks, but I suspect stealing other valuable assets was done as well (such as passwords).

You're an asshole.

Fucking amateur - "My password was re-used on 3-4 sites only, and most of those are full financial institutions." "I now no-longer repeat ANY passwords ANYWHERE."

Losing other peoples money and lol about this at irc. Scumbag Angry
He'll just need to eat up the losses as his own, and repay the investors anyway.
legendary
Activity: 892
Merit: 1002
1 BTC =1 BTC
So I did a security audit on myself.

I have 108 passwords word with an average password length of 21 chrs.
I have 5 duplicate passwords, if you really want to hack my pandora play list go ahead!
I currently have 9 google auth or ubikey enabled accounts.
I have 2 weak passwords.

I've had accounts where I have to change my password every 7 days and couldn't reuse a password in the last 6 months.

I have a feeling since he reused a password with multiple banks it was stolen from a bank. I just saw like 2 weeks ago that 60-70 banks got breached.
maybe a password hash list was stolen from a bank.

I know my linkedin password was stolen because I checked via there hash database that was released.

i wonder if the same password on the linkedin account and mtgox.

Maybe i'm paranoid or I should start doing more computer security consulting lol.

and please don't take my comments about BTCSYN as negative, I think they are one of the best run assets and I tried to copy them whenever possible and I personally was a shareholder.

I know I said I wouldn't be back (and I was referring to this thread by the way, because it had turned into a witch-hunt), but this post was very well written. Thank you. (and the above audit is very similar to my situation prior to the overhaul which this incident prompted for me).

And to answer, no I didn't even have a linkedin account, (I believe there was one created for me ages ago by my employer, but I didn't even control the account, let alone set it's password).

As for the bank compromise, yes, it's a possibility. But I have yet to see verification of any of the banks I deal with being "on the list". I know most of the attackes seem to be euro-centric. But one report does say it spilled into north america as well, but didn't elaborate on what banks.

It seemed the attack was focused on stealing money specifically from high balance accounts at those banks, but I suspect stealing other valuable assets was done as well (such as passwords).

You're an asshole.

@#%^%$ amateur - "My password was re-used on 3-4 sites only, and most of those are full financial institutions." "I now no-longer repeat ANY passwords ANYWHERE."

Losing other peoples money and lol about this at irc. ****bag Angry


After 24 hours I regret calling you an asshole, scumbag an fucking amature. Sorry for that, I was upset and angry.

and I guess I just need to learn to stay away from investments that use the word SIN or SYN Tongue
sr. member
Activity: 407
Merit: 250
So I did a security audit on myself.

I have 108 passwords word with an average password length of 21 chrs.
I have 5 duplicate passwords, if you really want to hack my pandora play list go ahead!
I currently have 9 google auth or ubikey enabled accounts.
I have 2 weak passwords.

I've had accounts where I have to change my password every 7 days and couldn't reuse a password in the last 6 months.

I have a feeling since he reused a password with multiple banks it was stolen from a bank. I just saw like 2 weeks ago that 60-70 banks got breached.
maybe a password hash list was stolen from a bank.

I know my linkedin password was stolen because I checked via there hash database that was released.

i wonder if the same password on the linkedin account and mtgox.

Maybe i'm paranoid or I should start doing more computer security consulting lol.

and please don't take my comments about BTCSYN as negative, I think they are one of the best run assets and I tried to copy them whenever possible and I personally was a shareholder.

I know I said I wouldn't be back (and I was referring to this thread by the way, because it had turned into a witch-hunt), but this post was very well written. Thank you. (and the above audit is very similar to my situation prior to the overhaul which this incident prompted for me).

And to answer, no I didn't even have a linkedin account, (I believe there was one created for me ages ago by my employer, but I didn't even control the account, let alone set it's password).

As for the bank compromise, yes, it's a possibility. But I have yet to see verification of any of the banks I deal with being "on the list". I know most of the attackes seem to be euro-centric. But one report does say it spilled into north america as well, but didn't elaborate on what banks.

It seemed the attack was focused on stealing money specifically from high balance accounts at those banks, but I suspect stealing other valuable assets was done as well (such as passwords).
legendary
Activity: 1834
Merit: 1019
Everyone should take time to do the above Smiley
hero member
Activity: 826
Merit: 500
So I did a security audit on myself.

I have 108 passwords word with an average password length of 21 chrs.
I have 5 duplicate passwords, if you really want to hack my pandora play list go ahead!
I currently have 9 google auth or ubikey enabled accounts.
I have 2 weak passwords.

I've had accounts where I have to change my password every 7 days and couldn't reuse a password in the last 6 months.

I have a feeling since he reused a password with multiple banks it was stolen from a bank. I just saw like 2 weeks ago that 60-70 banks got breached.
maybe a password hash list was stolen from a bank.

I know my linkedin password was stolen because I checked via there hash database that was released.

i wonder if the same password on the linkedin account and mtgox.

Maybe i'm paranoid or I should start doing more computer security consulting lol.

and please don't take my comments about BTCSYN as negative, I think they are one of the best run assets and I tried to copy them whenever possible and I personally was a shareholder.
rjk
sr. member
Activity: 448
Merit: 250
1ngldh
So has anyone poked around on 130.83.54.115 yet? I haven't done much looking other than to see whether it is a Tor node (it isn't).
hero member
Activity: 686
Merit: 500
Wat
"I won't be back."

Didn't see that.  Wow.  Pretty obvious what happened here now.

Yep
legendary
Activity: 826
Merit: 1001
rippleFanatic
I thougt there was a 400 btc per 24 hr withdrawal limit (by default)...

There is but you can have it raised if verified.  I think it is 4,000 BTC for lvl2 and 40,000 BTC for lvl3.

Seems unlikely to go through the effort of getting verifid without also getting a yubikey. Glasswalker never mentions being verified either. Although his suspicions that it was an insider are interesting..

I think that too many of these mtgox thefts are due to rather simple keyloggers/botnets. Mtgox logins are by now standard targets for any botnet operator. But users always insist they are safe because they run an Anti-Virus program. Even the mining-botnet operator in the reddit AMA explained that he uses a fully-undetectable trojan that AV programs dont detect.
donator
Activity: 1218
Merit: 1079
Gerald Davis
I thougt there was a 400 btc per 24 hr withdrawal limit (by default)...

There is but you can have it raised if verified.  I think it is 4,000 BTC for lvl2 and 40,000 BTC for lvl3.
hero member
Activity: 770
Merit: 502
*sigh* Well, if it had been stolen, he/she just bought 12k worth of knowledge that I could have gave for free.
legendary
Activity: 826
Merit: 1001
rippleFanatic
I thougt there was a 400 btc per 24 hr withdrawal limit (by default)...
hero member
Activity: 504
Merit: 502
Oh my now it makes alot more sense why Glaswalker could throw in , "LOL's" during his claim for theft on #mtgox channel.

I couldnt understand at the time why he would at all use LOL inbetween his supposed anger towards losing his 5 figure sum, now I see its money that didnt belong to him, convenient indeed.

At the time it didnt seem like he thought of it as alot of money so surely he can cover it since its his fault and not that of his investors. Passing the duffel bag is more than a crime, its a pure shakaru move.
sr. member
Activity: 322
Merit: 250
"I won't be back."

Didn't see that.  Wow.  Pretty obvious what happened here now.
hero member
Activity: 686
Merit: 500
Wat
I do hope you took a pic of that police report or have some way to prove you actually went to the cops...if it was me I would have taken a pic of it on my phone Smiley
sr. member
Activity: 322
Merit: 250
they were a very far cry from being grossly negligent.


Yes they are negligent.

Also, if you've done nothing wrong then allow trading to resume and let people "cash out".

hero member
Activity: 574
Merit: 500
To speak up here and to bring a bit more info into this thread:

- While I know re-using passwords and not using 2 factor is not best-practice. It's hardly industry standard behavior. I've worked in computer security for 15 years, and many seasoned professionals do take the route of "good enough" for a balance of convenience. I've now learned from that mistake and all accounts that support it are 2 factor and randomly generated extremely strong (32char+ random upper/lower/numeric/special) passwords, with zero repeats. While many might like to claim this was shocking and horrible, keep in mind that account is usually used to shift money through quickly, and it was a strong password, only re-used at a few other high security large banks (fiat banks). Also 2 factor is far from standard, I've answered that comment in our own forums. I'm not disputing those things would have (likely) helped in this case, but I'm saying they were a very far cry from being grossly negligent.

- I've already got a formal case opened with local police. Which filing a false police report is a crime here. So if I had done it myself do you think I would have initiated a full investigation into the incident which could result in finding me responsible, and not only result in fraud charges, but charges for false police report? (extending the likely jail time I would serve). No... I'm doing my best to resolve this.

- I've also reported it to mtgox, and glbse right away, I've had MagicalTux and Nefario involved from early on, and I have both of their support in continuing the investigation (and they will be cooperating fully with law enforcement).

- I have documentation of everything that can be documented at this point.

- I'm doing everything I can to work through this. If there is anything else I can do to prove to anyone that I am not the criminal here, Let me know what it is, but unfortunately due to the nature of bitcoin, it's going to be difficult.

Why is it this community automatically assumes that if someone was robbed, they did it to themselves as a scam? I've got a lot of time, energy and my own money involved in trying to make the syndicate a success, and this is hitting me as hard as everyone else for that reason alone. Add to the fact that I'm the one who has to deal with it, investigate, document, and work with police. I'm also the one who has to come up with a plan of action to resolve it, and then add to that everyone else slinging accusations at me. If you think you're pissed about the circumstances, how do you think I feel?

Anyway, I'm going to refrain from getting further involved in this thread, I'm glad someone made a seperate announcement to bring attention to it, but it's quickly devolving into a lynch mob, so I won't be back... I'll try my best to answer questions in the main forum thread at btcsyn, and on the main thread for btcsyn here.

Thanks.

Few points:

I don't work in the security field, but most of these so called security experts are morons. And you are right - they are lazy, if it isn't inconvenient for them they wouldn't do a thing. My fiat bank has two factor authentication for the last 8 years.

Stealing money is a crime too, filing the report doesn't clear you of anything - specifically negligence.

sr. member
Activity: 407
Merit: 250
To speak up here and to bring a bit more info into this thread:

- While I know re-using passwords and not using 2 factor is not best-practice. It's hardly industry standard behavior. I've worked in computer security for 15 years, and many seasoned professionals do take the route of "good enough" for a balance of convenience. I've now learned from that mistake and all accounts that support it are 2 factor and randomly generated extremely strong (32char+ random upper/lower/numeric/special) passwords, with zero repeats. While many might like to claim this was shocking and horrible, keep in mind that account is usually used to shift money through quickly, and it was a strong password, only re-used at a few other high security large banks (fiat banks). Also 2 factor is far from standard, I've answered that comment in our own forums. I'm not disputing those things would have (likely) helped in this case, but I'm saying they were a very far cry from being grossly negligent.

- I've already got a formal case opened with local police. Which filing a false police report is a crime here. So if I had done it myself do you think I would have initiated a full investigation into the incident which could result in finding me responsible, and not only result in fraud charges, but charges for false police report? (extending the likely jail time I would serve). No... I'm doing my best to resolve this.

- I've also reported it to mtgox, and glbse right away, I've had MagicalTux and Nefario involved from early on, and I have both of their support in continuing the investigation (and they will be cooperating fully with law enforcement).

- I have documentation of everything that can be documented at this point.

- I'm doing everything I can to work through this. If there is anything else I can do to prove to anyone that I am not the criminal here, Let me know what it is, but unfortunately due to the nature of bitcoin, it's going to be difficult.

Why is it this community automatically assumes that if someone was robbed, they did it to themselves as a scam? I've got a lot of time, energy and my own money involved in trying to make the syndicate a success, and this is hitting me as hard as everyone else for that reason alone. Add to the fact that I'm the one who has to deal with it, investigate, document, and work with police. I'm also the one who has to come up with a plan of action to resolve it, and then add to that everyone else slinging accusations at me. If you think you're pissed about the circumstances, how do you think I feel?

Anyway, I'm going to refrain from getting further involved in this thread, I'm glad someone made a seperate announcement to bring attention to it, but it's quickly devolving into a lynch mob, so I won't be back... I'll try my best to answer questions in the main forum thread at btcsyn, and on the main thread for btcsyn here.

Thanks.
donator
Activity: 308
Merit: 250
How convenient! This has been pulled far too many times in this community.

Feel the same.  If you don't protect/change your passwords and don't have a 2 step auth in place.  I'm not investing with you.  You aren't responsible enough to have my bitcoin.  Period.

The only surprising thing for me is that their bond price hasn't tanked.
I don't think you understand what he's implying.

It is indistinguishable whether the owner has transferred the funds out or they have actually been stolen by someone else. Standard procedure would be to just ignore the news and demand the funds back regardless -- and that's where it gets uncomfortable.
Spot on! Thank you for clarifying.
hero member
Activity: 686
Merit: 500
Wat
This is complete bullshit.

hero member
Activity: 574
Merit: 500
July 07, 2012, 06:09:21 PM
#9
It's too convenient.
hero member
Activity: 991
Merit: 500
July 07, 2012, 05:39:49 PM
#8
I also got ~60$ in BTC stolen from me on Mt.Gox. I regrettably used a common password between my websites, do any of you think that bitcointalk is being SQLi'd?
legendary
Activity: 1036
Merit: 1002
July 07, 2012, 04:58:11 PM
#7
How convenient! This has been pulled far too many times in this community.

Feel the same.  If you don't protect/change your passwords and don't have a 2 step auth in place.  I'm not investing with you.  You aren't responsible enough to have my bitcoin.  Period.

The only surprising thing for me is that their bond price hasn't tanked.

I don't think you understand what he's implying.

It is indistinguishable whether the owner has transferred the funds out or they have actually been stolen by someone else. Standard procedure would be to just ignore the news and demand the funds back regardless -- and that's where it gets uncomfortable.
hero member
Activity: 826
Merit: 500
July 07, 2012, 04:16:39 PM
#6

The only surprising thing for me is that their bond price hasn't tanked.

I think trading has stopped on GLBSE for it, because people were getting errors trying to sell/buy before they made the posting about the loss.
sr. member
Activity: 322
Merit: 250
July 07, 2012, 04:13:54 PM
#5
How convenient! This has been pulled far too many times in this community.

Feel the same.  If you don't protect/change your passwords and don't have a 2 step auth in place.  I'm not investing with you.  You aren't responsible enough to have my bitcoin.  Period.

The only surprising thing for me is that their bond price hasn't tanked.
full member
Activity: 139
Merit: 100
July 07, 2012, 03:38:42 PM
#4
password It was re-used on 3-4 sites only, and most of those are full financial institutions.

thing that got me was reusing passwords and no google auth or yubikey

+1

The coins are sitting at 13HLqK2p7xwcxRQomKUyzXzsS2PCm1eAde  if anyone wants to watch for them.
donator
Activity: 308
Merit: 250
July 07, 2012, 03:35:10 PM
#3
How convenient! This has been pulled far too many times in this community.
hero member
Activity: 826
Merit: 500
July 07, 2012, 03:30:40 PM
#2
I just saw it.

password It was re-used on 3-4 sites only, and most of those are full financial institutions.

thing that got me was reusing passwords and no google auth or yubikey
full member
Activity: 139
Merit: 100
July 07, 2012, 03:23:46 PM
#1
If there are any BTCSYN investors that haven't seen the announcement of the theft on their forums, please see: http://forum.btcsyn.com/viewtopic.php?f=6&t=84

In summary, $12189 USD was sitting on the founder's MtGox account waiting for a mining hardware purchase and was transferred to BTC and withdrawn in the night. At the moment the symbol is frozen on GLBSE.
Jump to: