And your point is?
What difference does it make whether the account belongs to MtGox or Elmer Fudd..
Topic: Hacked Account Owner: is a Buddhist Monk - page 3. (Read 5877 times)
I seriously believe that the only account being compromised is Mt.Gox's.
See the psychological side here:
ANYONE LOSING 500,000 BTC (more or less worth $8,500,000 USD) WOULD BE GOING APESHIT INSANE.
Anyone would be twitting about it, shouting about it, ranting about it, talking to the press, talking shit about Mt.Gox, and cursing God, the Devil, the Archangels and his own mother.
This is the critical factor I consider since I am a psychology major I am way more attentive on behavioral cues.
It is totally abnormal this silence from the account owner.
Either this user doesn't exist or he is a Buddhist monk with the lowest neuroticism level in the history of mankind.
According to Mt.Gox 500,000 BTC were stolen from ONE account, and that not only that such accumulation of wealth in a eWallet account is highly implausible, but observing the calmness of that supposed owner I am inclined to believe that that owner is non-existent.
The only one going bananas is Mt.Gox. Obviously you can claim Mt. Gox is simply protecting the credibility of his exchange site, but what is really interesting is that he insists on reverting back when actually there are other options.
Why would an exchange protect the interests of only ONE user? When accounts got hacked in the past, MtGox took the bullet and reimbursed partially to the hacked user, but never reverted back a whole history of transactions.
Also why is MtGox so adamant in defending this single affected user?
If that doesn't make sense then, we have three options left:
1) The REAL Account Owner: The hacked account "single user" account are Mt.Gox's or it belongs to someone closely related to Mt.Gox.
2) The PWNAGE Cover Up:The "single user account" is a cover story to hide the fact that actually the site got compromised much deeper than they are willing to admit. (loss of credibility would be the death of Mt.Gox)
If the auditor/attacker got access to the passwd file, he could have cracked hundred of accounts in hours.
I am currently testing that idea out, I've been trying to crack the hashes for 3 hours and I neared 600 accounts cracked, all of them from salted hashes and weak passwords. A simple script could have siphoned all the bitcoins out when the attack wasn't yet detected (maybe salami sliced, that's why nobody really noticed any thievery).
The worst case scenario is that the attacker has been in control of the site from a long time and he actually didn't need to crack any password, he simply got them all in plaintext.
3) The STOOPID Cover Up: We can never leave out the most stupid causes, since stupid mistakes happens everytime, maybe it was a typing mistake, a new employee, a girlfriend playing with the admin panel, etc...
These three possibilities makes Mt.Gox's claims understandable, it would be humilliating and his credibility would be completely stained forever. He wouldn't be able to admit such stupid mistakes.
But one thing is definitive: The argument about a single user being hacked makes NO SENSE AT ALL.
See the psychological side here:
ANYONE LOSING 500,000 BTC (more or less worth $8,500,000 USD) WOULD BE GOING APESHIT INSANE.
Anyone would be twitting about it, shouting about it, ranting about it, talking to the press, talking shit about Mt.Gox, and cursing God, the Devil, the Archangels and his own mother.
This is the critical factor I consider since I am a psychology major I am way more attentive on behavioral cues.
It is totally abnormal this silence from the account owner.
Either this user doesn't exist or he is a Buddhist monk with the lowest neuroticism level in the history of mankind.
According to Mt.Gox 500,000 BTC were stolen from ONE account, and that not only that such accumulation of wealth in a eWallet account is highly implausible, but observing the calmness of that supposed owner I am inclined to believe that that owner is non-existent.
The only one going bananas is Mt.Gox. Obviously you can claim Mt. Gox is simply protecting the credibility of his exchange site, but what is really interesting is that he insists on reverting back when actually there are other options.
Why would an exchange protect the interests of only ONE user? When accounts got hacked in the past, MtGox took the bullet and reimbursed partially to the hacked user, but never reverted back a whole history of transactions.
Also why is MtGox so adamant in defending this single affected user?
If that doesn't make sense then, we have three options left:
1) The REAL Account Owner: The hacked account "single user" account are Mt.Gox's or it belongs to someone closely related to Mt.Gox.
2) The PWNAGE Cover Up:The "single user account" is a cover story to hide the fact that actually the site got compromised much deeper than they are willing to admit. (loss of credibility would be the death of Mt.Gox)
If the auditor/attacker got access to the passwd file, he could have cracked hundred of accounts in hours.
I am currently testing that idea out, I've been trying to crack the hashes for 3 hours and I neared 600 accounts cracked, all of them from salted hashes and weak passwords. A simple script could have siphoned all the bitcoins out when the attack wasn't yet detected (maybe salami sliced, that's why nobody really noticed any thievery).
The worst case scenario is that the attacker has been in control of the site from a long time and he actually didn't need to crack any password, he simply got them all in plaintext.
3) The STOOPID Cover Up: We can never leave out the most stupid causes, since stupid mistakes happens everytime, maybe it was a typing mistake, a new employee, a girlfriend playing with the admin panel, etc...
These three possibilities makes Mt.Gox's claims understandable, it would be humilliating and his credibility would be completely stained forever. He wouldn't be able to admit such stupid mistakes.
But one thing is definitive: The argument about a single user being hacked makes NO SENSE AT ALL.
Jump to: