Topic: crypsty hacked over 1.5 yrs ago. 13000 BTCs and 300,000 ltc - page 3. (Read 6166 times)

The claimed way the attack was supposedly done makes no sense, even without using virtual machines no coin daemon running as one user would be able to access another running as another user unless someone deliberately forced passwords into the ps or top type readouts by putting them on commandlines, so even incompetents could hardly be expected to make the proposed attack method workable unless they really went out of their way to ensure such an attack would work, such as by running untrustable shitcoins as the same user as a real valuable coin, and on the same machine, or by deliberately passing passwords on the commandline so other users could see them on top and ps and such.

Basically you'd have to deliberately go out of your way to circumvent all the usual procedures everyone is always instructed to use even for just small personal wallets.

Such deliberate setting up of a situation intended to enable some pathetic excuse like "oh one daemon had a trojan in it" is surely at best criminal negligence and far more likely conspiracy to defraud and steal?

It is a pity really that there are so many regulations around this kind of app because all the perceived/expected additional expense imposed by red tape kind of makes the whole idea of running an exchange at all look way too expensive to the kinds of folks who might be competent to run one, whereas script-kiddies just wanting to set up a nice hackable environment so they can claim they were hacked can do so much cheaper / easier...

...Also come to think of it an IRC command-and-control on a cold-wallet machine would never be able to be commanded and controlled because cold means not on the net, right? Hmm...

-MarkM-

Guys, just let's be honest.
If Cryptsy was your exchange and you got hacked and lost a lot of coins.
If you were struggling to keep the exchange open and notice a lot of traders are leaving the exchange.
Would you start a Prepaid Debit Card Program?
Personally I can't believe this. Even if you know it's a sinking ship, keeping the exchange open isn't a criminal offense. It could be seen as damage control.
But actually selling a product of which you know you can't deliver... IMO that's a crime. Why would they risk this?
Hence, I personally doubt about their explaination (and ofcourse added the fact they say they didn't inform the authorities).
Let's see where it ends.  

It really feels as if there was really no hack and vern just pocketed the coins. If they really had happened then the steps that were taken after it really make no sense. Delaying withdrawals, closing the office and moving out months before they announced what happened.
Was Mintsy a try to make back the money they "lost" or a way to make more before they got out ?

Surely the limited liability shield is void in the face of so much totally criminal activity, lying etc?

This talk of a company going bankrupt seems off the mark, since a company is just a fiction that counts for nothing against criminal negligence malfeasance fraud theft and so on?

-MarkM-

Me I got NMC out but put it back because the loss was too big, 10-15% of value or more can't remember. Anyway, that was my decision and it was stupid.

I hope now, that if Vern or the employees didn't steal the coins, the hacker will put the BTC back into the accounts and take up on the promise that he will get 1000BTC and will walk away. Otherwise, in his feet I would take those 1000BTC, hire hackers to find her/him/them and hire some nice guys to pay him/her/them a last visit. But that's all wishful thinking since I lost 3.5BTC in that shithole.

This is a poor move by cryptsy. For over 1.5 years, they have kept it secretly. They would have suspended their operations immediately once they realize the missing coins from their wallets. They wouldn't have lost when they did it like that. Silence is the killing factor for cryptsy for now. If they did suspended their operations earlier, many people would have got the original value of the coins back. For the past months, people tried to convert btc to other altcoins for much loss to withdraw. This is isn't acceptable.

cryptsy hacked themselfs over 1.5 yrs ago,  ••• missing 10M $

Because they are funding paycoin super stakers 2.0 with Josh Garza.

So the paycoin scam with Mr. Garza wasn't enough to recover funds stolen LONG before your hack? You ran on fractional reserve and allowed people to entrust their money to you without informing them. Then joined Garza with his scam, then milked what you could for a few months and finally walk away with your coins and tell the community to eat shit and die...that sounds perfectly legal and a reasonable excuse for stealing from your customers.

The alts were drained by customers using them to tunnel out of Cryptsy.

Didn't you notice all the recent 'you can still buy and withdraw AltcoinX from Cryptsy' 'yah but I'll lose Y% BOO HOO' posts?

The well is now dry, hence BigFraud's sudden, yet late, admission they got spear phished by one of their beloved shitcoins.

Even if Cryptsy still had alts, they are the property of the bankruptcy trustee, and thus cannot be distributed to creditors until the process advances to its final phase.

when was that?

BTC-e is pretty big and has been around before shitsy.

Doesn't look too good for Cryptsy. I remember the good old days when Cryptsy was the biggest altcoin exchange now they are just a shadow of the past.

Hahahahaha!  Make a meme with his pic.

Yup.  And that PPC/NU thing too...

Because either:

1. They want to see if they can get away with keeping it.

2. They don't think they are at fault for the hack and so their users need to bear the burden of their losses.

3. 

Was reported earlier here: https://bitcointalksearch.org/topic/beware-of-increasingly-sophisticated-malware-infection-attempts-935898

Cryptsy has failed to explain why they aren't returning the millions of alts still stored in its cold-storage coffers.

Why not return those coins to the rightful owners?

Also there is an issue reporting the backdoor in Lucky7 in March.

https://github.com/alerj78/lucky7coin/issues/1

And no mention of it anywhere else I can see.
That's simply getting ridiculous.

Anybody can tell if there are currently running nodes ?

Winner

This is a load of bullshit ^

"were unsure who exactly we should be contacting"

"did not want to cause panic "

The problem with their shitty excuses is that as an exchange they had a RESPONSIBILITY to inform their customers/users the moment money got stolen.

But of course I don't believe they actually lost any money. I believe this is a whole charade to misdirect blame to the PHANTOM HACKER.

The new phrase to be coined is "You got VERNED!"