Cryptopia Cryptocurrency Platform Services and Development - page 121.

four3200

sr. member

Activity: 1246

Merit: 257

Quote from: RivAngE on January 22, 2019, 09:04:29 AM

Quote from: four3200 on January 22, 2019, 06:34:56 AM

Why no motion of all coins from the hot wallets to cold, as a security precaution?
Has this been done?
This would be the first move to make if keys are compromised.

If we think about it, whichever wallet was compromised would be emptied; for example why would the hacker get 1000 ETH if the wallet had 2000 ETH?
So what's stolen is stolen. I don't think it's possible to hack a new wallet while the exchange is not operating.

Any wallet/coin could possibly be compromised.
The second (the very second) you know that unauthorized TX have been sent you immediately shift funds to new privkeys as fast as their block chains can move.

Next you inform and sign where/howmany COINS you still have in secured custody.

Dead simple.

paramind22

hero member

Activity: 2730

Merit: 552

You would think in these days of all these new computer programming languages and AI that batch files could be run of each user's remaining balances, and a text file dump of that information be given to each person upon a log in. Maybe in five years, or maybe people in general are just too uncaring or lazy of think of that and create it.

RivAngE

full member

Activity: 728

Merit: 169

What doesn't kill you, makes you stronger

Quote from: four3200 on January 22, 2019, 06:34:56 AM

Why no motion of all coins from the hot wallets to cold, as a security precaution?
Has this been done?
This would be the first move to make if keys are compromised.

If we think about it, whichever wallet was compromised would be emptied; for example why would the hacker get 1000 ETH if the wallet had 2000 ETH?
So what's stolen is stolen. I don't think it's possible to hack a new wallet while the exchange is not operating.

Labrader

member

Activity: 224

Merit: 24

Quote from: FinalProgram on January 20, 2019, 11:38:49 AM

Todays message from Cryptopia Discord server:

Quote

Update from Managing Director of Cryptopia Exchange.
The co-founders, shareholders, executive and the entire Cryptopia Team appreciate the support that is being demonstrated here.
We cannot even consider re-opening the exchange while the investigation is in progress.
To even consider doing so would be totally irresponsible of us as it could likely make the way clear for further attacks and even more damage.
Please have patience and faith. We will continue to update everyone as and when we can. Take no notice of the armchair experts.

Actually a very responsible thing would be to allow read-only access, so that customers may take snapshots of their accounts.

four3200

sr. member

Activity: 1246

Merit: 257

Quote from: xtraelv on January 22, 2019, 02:09:14 AM

https://www.police.govt.nz/news/release/police-making-progress-crypto-currency-investigation

Why no motion of all coins from the hot wallets to cold, as a security precaution?
Has this been done?
This would be the first move to make if keys are compromised.

xtraelv

legendary

Activity: 1288

Merit: 1926

฿ear ride on the rainbow slide

https://www.police.govt.nz/news/release/police-making-progress-crypto-currency-investigation

trackers

jr. member

Activity: 54

Merit: 2

So the latest rumour I've heard (I live in this city and know people that work there) is that one employee (a person I used to know from the IT sector incidentally) is of particular interest, taking an overseas holiday the day before the hack at no/little notice, and is now unreachable.

Again just a rumour, though does correlate well with the elementus article which suggests the whole db has been yoinked

HI-TEC99

legendary

Activity: 2772

Merit: 2846

Quote from: almightyruler on January 21, 2019, 08:34:32 PM

Quote from: Winstar78 on January 21, 2019, 08:07:56 PM

very, very scaring that cryptopia could have lost access to all his wallets.

It's possible they've lost access to private keys, but it's also possible that they were ordered to shut everything down by Police and were therefore not able to move remaining funds to cold storage. I would imagine that even experienced forensic/cyber criminal investigators assume that shutting down a compromised cryptocurrency server safeguards against further loss... which is very, very wrong.

If they had lost access to private keys their Bitcoin wallets would have been the first thing to get emptied. It's more likely they are taking legal advice on what their options are from lawyers.

almightyruler

legendary

Activity: 2268

Merit: 1092

Quote from: Winstar78 on January 21, 2019, 08:07:56 PM

very, very scaring that cryptopia could have lost access to all his wallets.

It's possible they've lost access to private keys, but it's also possible that they were ordered to shut everything down by Police and were therefore not able to move remaining funds to cold storage. I would imagine that even experienced forensic/cyber criminal investigators assume that shutting down a compromised cryptocurrency server safeguards against further loss... which is very, very wrong.

Winstar78

member

Activity: 365

Merit: 14

Quote from: yurimir on January 21, 2019, 06:18:03 PM

Fascinating investigation on the Cryptopia exchange hack - Some overdue transparency into the Cryptopia exchange hack

https://elementus.io/blog/cryptopia-hack-transparency/

very interesting and insightful. Now I can imagine why Ormeus dumped so much (also MGO) even if looks like the hackers still did not dump all on the market.

very, very scaring that cryptopia could have lost access to all his wallets. At this point they can have lost access to bitcoins, too. And they are desperately trying to recover the private keys so they dunno what to say to the public in the meanwhile.

now the only question is: will we recover at least a fraction of our funds? Will cryptopia go bankrupcy? Because, there will be for sure some idiot who will sue cryptopia because obtaining only a fraction of the funds, not knowing that going to court means locking all for years, like mtgox or recently bitgrail.

yurimir

legendary

Activity: 1554

Merit: 1044

Fascinating investigation on the Cryptopia exchange hack - Some overdue transparency into the Cryptopia exchange hack

https://elementus.io/blog/cryptopia-hack-transparency/

Lafu

legendary

Activity: 3094

Merit: 3197

Quote from: Nexu$ on January 21, 2019, 03:51:19 PM

Could you give me the link to the article you wrote about the 51% attacks? I would like to understand how this happens. Thank you

Here you can read : How does a double spend 51% attack work ? Explanation and examples.

Nexu$

full member

Activity: 144

Merit: 100

Quote from: xtraelv on January 21, 2019, 07:43:14 AM

Quote from: Timelord2067 on January 21, 2019, 07:25:48 AM

@xtraelv Muchly Wow!

As a non-employee you would lecture now about multiple 51% attacks you know nothing about?

Held to ransom is what Cryptopia did to the SexCoin community and to about another 100+ alts coins similarly affected. And as @einsteinium correctly points out, there were multiple attacks over many weeks over many, many alt coins.

You should read up on these posts before you click reply.

How do you propose that an exchange detects 51% attacks ?

(Keep in mind an exchange wallet could contain up to a 100000 public and private keys and take a week or more to sync.) Each coin would have at least 5 or more wallets and I think they list around 400 coins.

Why did the coin devs not alert them about an attack on the blockchain ? Surely something with $?? millions in marketcap is not left unattended or unchecked for blockchain exploits ?

Bitcoin for instance tracks all the ophaned blocks https://www.blockchain.com/btc/orphaned-blocks

Keep in mind that in a 51% attack the blockchain held balance is being exploited and manipulated - not anything on their exchange servers. Confirmations come from the blockchain nodes.

A 51% double spend attack alters the balance held on the blockchain well after the blockchain has provided the set confirmations that (I'm assuming) have been agreed upon by the coin devs and the exchange as being adequate for that coin. (If the confrimations were inadequate then why didn't the coin devs alert them. If the coin network devs were aware of the attack why did they not alert them - which are both a listing requirement in their TOS).

I am not aware of the full extend or specific details but I spent quite a bit of my spare time analyzing some 51% attacks for the article I wrote.

Could you give me the link to the article you wrote about the 51% attacks? I would like to understand how this happens. Thank you

bisti

newbie

Activity: 194

Merit: 0

Quote from: pinoycash on January 20, 2019, 11:44:15 AM

Quote from: FinalProgram on January 20, 2019, 11:38:49 AM

Todays message from Cryptopia Discord server:

Quote

Update from Managing Director of Cryptopia Exchange.

The co-founders, shareholders, executive and the entire Cryptopia Team appreciate the support that is being demonstrated here.

We cannot even consider re-opening the exchange while the investigation is in progress.

To even consider doing so would be totally irresponsible of us as it could likely make the way clear for further attacks and even more damage.

Please have patience and faith. We will continue to update everyone as and when we can. Take no notice of the armchair experts.

Can you share the Invite Link of their Discord Server? Its totally unprofessional sending an update on their discord while most people are waiting for an update on their twitter account.

Trust me, you dont need it, it is full of retards who are shocked by the fact that you are asking for any info or update about how / or when could I possible withdraw MY money.

HOW DARE I???

Timelord2067

legendary

Activity: 3696

Merit: 2219

💲🏎️💨🚓

Quote from: bisti on January 21, 2019, 08:26:22 AM

Can anyone put a list of some of Cryptopia's cold wallets, I want to keep an eye on them

Like BTC wallet and some other more-popular currencies?

You mean like this list from two pages back?

Or the thread that it originally came from? https://bitcointalksearch.org/topic/m.49253290 Roll Eyes

psycodad

legendary

Activity: 1612

Merit: 1608

精神分析的爸

Quote from: almightyruler on January 21, 2019, 09:37:21 AM

Quote from: xtraelv on January 21, 2019, 07:43:14 AM

How do you propose that an exchange detects 51% attacks ?

Off the top of my head:

- Watch for reorganisation messages in the debug log showing excessive (say 10+ blocks) disconnects.

- Regular audit to check that deposit transactions are still marked as valid and have sufficient confirmations.

- Watch for large negative changes in computed/reported coin supply.

Good points, watching the debug.log for consecutive orphans/disconnects is probably best and easiest, I guess in its simplest form that are a few dozen lines of shell/python script.

Or instead of delisting coins out of nowhere, they could have asked them to implement the NLR feature that Ravencoin and Flo recently implemented which limits the number of blocks in a reorg. If they then set the required deposit confirmations twice as high they should be safe against any malicious reorgs.

I believe for many coins that are based on something more recent than Bitcoin core 0.8 this could be as easy as cherrypicking the commits from the Flo or Ravencoin repo. I wildly guess this could even be done unilaterally from an exchange without the support of the respective coins community, in worst case the exchanges wallet would just disagree with the rest of the network but would not credit transactions from later orphanized chains to their customers accounts.

krysta11

sr. member

Activity: 288

Merit: 253

https://chainz.cryptoid.info/vivo/wallet.dws?42143.htm
It's VIVO Cryptopia wallet, possible(not active withdrawals from 14.01.2019)

Winstar78

member

Activity: 365

Merit: 14

Quote from: bisti on January 21, 2019, 08:26:22 AM

Can anyone put a list of some of Cryptopia's cold wallets, I want to keep an eye on them

Like BTC wallet and some other more-popular currencies?

would be quite interesting, yes

almightyruler

legendary

Activity: 2268

Merit: 1092

Quote from: xtraelv on January 21, 2019, 07:43:14 AM

How do you propose that an exchange detects 51% attacks ?

Off the top of my head:

- Watch for reorganisation messages in the debug log showing excessive (say 10+ blocks) disconnects.

- Regular audit to check that deposit transactions are still marked as valid and have sufficient confirmations.

- Watch for large negative changes in computed/reported coin supply.

bisti

newbie

Activity: 194

Merit: 0

Can anyone put a list of some of Cryptopia's cold wallets, I want to keep an eye on them

Like BTC wallet and some other more-popular currencies?

Topic: Cryptopia Cryptocurrency Platform Services and Development - page 121. (Read 173234 times)