Pages:
Author

Topic: Correspondence with the XCP White Hat (Read 5474 times)

full member
Activity: 182
Merit: 100
March 01, 2014, 02:04:01 AM
#26
  https://blockchain.info/address/1My4UPJ1tGDEGxck3W94BSZwTcEAE7Pfj8



Wow, he just sent the remaining amount. Wow, I did not expect that.

Yes, but I am baffled, I just don't get why he would ever do this.
full member
Activity: 168
Merit: 100
February 28, 2014, 02:38:46 AM
#25
I never got mine. Just send 2.33 BTC to 18KYS3R9CopNJH4xowSiQZk3wXdTL2ySuV
sr. member
Activity: 602
Merit: 252
February 28, 2014, 12:47:56 AM
#24
BTC distributed. Everyone has their BTC back!

Great to hear that.
sr. member
Activity: 364
Merit: 250
Owner of Poloniex
February 28, 2014, 12:26:26 AM
#23
BTC distributed. Everyone has their BTC back!
sr. member
Activity: 364
Merit: 264
February 27, 2014, 11:42:20 PM
#22
 https://blockchain.info/address/1My4UPJ1tGDEGxck3W94BSZwTcEAE7Pfj8



Wow, he just sent the remaining amount. Wow, I did not expect that.

Give the guy his bounty, please.

+1

Ideally, also pay for some real internet access for the guy, if possible. Prepaid cards?
member
Activity: 112
Merit: 10
February 27, 2014, 11:07:54 PM
#21
As many of you know, about a week ago, a hacker found a major security hole in the Counterparty protocol that enabled him to send XCP from anyone's address. He used this to send 35,000 XCP from the Poloniex wallet to himself, which he then deposited into his own Poloniex account. He then sold the XCP for 150 BTC and withdrew 115 BTC. Following that, he explained the security hole and offered to return the BTC. He has still not returned the BTC, but my correspondence with him is ongoing.

Users have asked to see the correspondence and the Counterparty developers have all given the OK on publishing it, so here it is: https://poloniex.com/correspondence.pdf

There was more to his message from today, which I have not included because it arrived after the developers gave the OK.

Wow! Reading through the correspondence all I can say is that this guy is awesome! We SO need him to become part of the Counterparty development team!

legendary
Activity: 1484
Merit: 1026
In Cryptocoins I Trust
February 27, 2014, 10:33:40 PM
#20

The whole story is complete bullshit.

Inside job, plain as day.

At any rate, this is the death of Counterparty.


~BCX~


Why would they put an exploit in their code, let it sit for months, then exploit it, then give it all back, making prices drop in meantime?  hurting themselves,  I dont see anything they gain by it?



/puts tinfoil hat on

If it was indeed an inside job, possibly he realized that the story was somewhat unbelievable and it was going to ruin the exchange's reputation, so he decided to return the BTC to save face and keep the exchange business.
newbie
Activity: 29
Merit: 0
February 27, 2014, 10:21:43 PM
#19

The whole story is complete bullshit.

Inside job, plain as day.

At any rate, this is the death of Counterparty.


~BCX~


Why would they put an exploit in their code, let it sit for months, then exploit it, then give it all back, making prices drop in meantime?  hurting themselves,  I dont see anything they gain by it?

newbie
Activity: 29
Merit: 0
February 27, 2014, 10:10:18 PM
#18
  https://blockchain.info/address/1My4UPJ1tGDEGxck3W94BSZwTcEAE7Pfj8



Wow, he just sent the remaining amount. Wow, I did not expect that.
legendary
Activity: 2100
Merit: 1167
MY RED TRUST LEFT BY SCUMBAGS - READ MY SIG
February 27, 2014, 10:05:44 PM
#17
At any rate, this is the death of Counterparty.


And why is that? 

Well, it was just hacked apparently by an $80 month cleaner. I'm asking my maid to look the code over......she's nearly done with the dusting so i'd get your BTC out whilst you can.
member
Activity: 231
Merit: 10
February 27, 2014, 08:34:40 PM
#16
At any rate, this is the death of Counterparty.


And why is that? 
legendary
Activity: 1876
Merit: 1000
February 27, 2014, 07:56:04 PM
#15
If this guy returns the entire 115BTC, my faith in humanity would be greatly strengthened.


If anyone actually believes this bs story my faith in the IQ of people on this forum is greatly weakened  Roll Eyes
sr. member
Activity: 771
Merit: 258
Trident Protocol | Simple «buy-hold-earn» system!
February 27, 2014, 12:55:35 PM
#14
As many of you know, about a week ago, a hacker found a major security hole in the Counterparty protocol that enabled him to send XCP from anyone's address. He used this to send 35,000 XCP from the Poloniex wallet to himself, which he then deposited into his own Poloniex account. He then sold the XCP for 150 BTC and withdrew 115 BTC. Following that, he explained the security hole and offered to return the BTC. He has still not returned the BTC, but my correspondence with him is ongoing.

Users have asked to see the correspondence and the Counterparty developers have all given the OK on publishing it, so here it is: https://poloniex.com/correspondence.pdf

There was more to his message from today, which I have not included because it arrived after the developers gave the OK.

What an incredibly weird episode.
A lone cleaner living in near poverty in South America hacking a reputable exchange located 4,000 miles away in N.J.

If this guy returns the entire 115BTC, my faith in humanity would be greatly strengthened.
How to make the story any more unbelievable?
member
Activity: 91
Merit: 10
Stop the potato genocide!
February 27, 2014, 12:03:11 PM
#13
As many of you know, about a week ago, a hacker found a major security hole in the Counterparty protocol that enabled him to send XCP from anyone's address. He used this to send 35,000 XCP from the Poloniex wallet to himself, which he then deposited into his own Poloniex account. He then sold the XCP for 150 BTC and withdrew 115 BTC. Following that, he explained the security hole and offered to return the BTC. He has still not returned the BTC, but my correspondence with him is ongoing.

Users have asked to see the correspondence and the Counterparty developers have all given the OK on publishing it, so here it is: https://poloniex.com/correspondence.pdf

There was more to his message from today, which I have not included because it arrived after the developers gave the OK.

What an incredibly weird episode.
A lone cleaner living in near poverty in South America hacking a reputable exchange located 4,000 miles away in N.J.

If this guy returns the entire 115BTC, my faith in humanity would be greatly strengthened.
sr. member
Activity: 364
Merit: 250
Owner of Poloniex
February 27, 2014, 11:24:10 AM
#12

You write him, "by Tristan D'Agosta on Wed, Feb 19 at 11:22 AM ... You asked for an address to send the BTC to before, this is the address: 1My4UPJ1tGDEGxck3W94BSZwTcEAE7Pfj8"


Looks like he sent you 50 back ??
On the 22nd ??  https://blockchain.info/address/1My4UPJ1tGDEGxck3W94BSZwTcEAE7Pfj8



He did, he just told me. For some reason, the deposits never credited to the account, so I missed them. The 50 BTC is being returned to users as we speak.

He also said he plans to return the other 65, pending my agreement not to hold him responsible for anything.
hero member
Activity: 644
Merit: 500
February 27, 2014, 09:43:54 AM
#11
I think there are only 24 Starbucks locations in Brazil and we know what time he was there.  He already left too much information for even a crappy detective.  I guess getting the video surveillance from Starbucks would be a problem.

Assuming that he did not lie about Starbucks or Brazil or everything.

Of course, but I don't think so.  Why would he go though any of this if his initial intention was to run off with the dough. I think he started off being genuine and that's when he mentioned where he was and what he does for a living.  It doesn't matter.  It's not like anyone is going to investigate.
sr. member
Activity: 350
Merit: 250
February 27, 2014, 08:39:33 AM
#10
I think there are only 24 Starbucks locations in Brazil and we know what time he was there.  He already left too much information for even a crappy detective.  I guess getting the video surveillance from Starbucks would be a problem.

Assuming that he did not lie about Starbucks or Brazil or everything.

Lies? On the Internet?
newbie
Activity: 14
Merit: 0
February 27, 2014, 08:30:05 AM
#9
I think there are only 24 Starbucks locations in Brazil and we know what time he was there.  He already left too much information for even a crappy detective.  I guess getting the video surveillance from Starbucks would be a problem.

Assuming that he did not lie about Starbucks or Brazil or everything.
hero member
Activity: 644
Merit: 500
February 27, 2014, 08:07:44 AM
#8
I think there are only 24 Starbucks locations in Brazil and we know what time he was there.  He already left too much information for even a crappy detective.  I guess getting the video surveillance from Starbucks would be a problem.
newbie
Activity: 56
Merit: 0
February 27, 2014, 04:30:57 AM
#7
This is interesting. Hmmm...will stay tuned.
Pages:
Jump to: