Topic: Hackers steal data from MtGox server and release it with Mark's reddit account. - page 7. (Read 15312 times)
March 09, 2014, 02:36:26 PM
I found some 100k BTC *deposits* into MtGox in 2012-05 .. nice.
March 09, 2014, 02:36:03 PM
Is there any proof in these documents if these coins were stolen by Gox, or stolen by hackers?
March 09, 2014, 02:31:34 PM
Top 10 (apparent) account balances in the leaked database dump:
711a4e9d-e183-... 44547.7 BTC
34fcda44-5832-... 43768.2 BTC
c0b24126-f199-... 19985.0 BTC
92d047e9-9f2b-... 11500.6 BTC
ff84fc35-b22a-... 11007.8 BTC
0afba433-817e-... 9819.2 BTC
19b38844-b58b-... 8752.6 BTC
945e5a15-4100-... 8000.0 BTC
4339257e-4b12-... 6051.3 BTC
0766852e-9187-... 5199.9 BTC
Ouch, I don't feel too bad now about losing single-digit quantities of BTC. I'd assume that at least some of these accounts are Mark however (depending whether or not one believes he took the BTC himself).
711a4e9d-e183-... 44547.7 BTC
34fcda44-5832-... 43768.2 BTC
c0b24126-f199-... 19985.0 BTC
92d047e9-9f2b-... 11500.6 BTC
ff84fc35-b22a-... 11007.8 BTC
0afba433-817e-... 9819.2 BTC
19b38844-b58b-... 8752.6 BTC
945e5a15-4100-... 8000.0 BTC
4339257e-4b12-... 6051.3 BTC
0766852e-9187-... 5199.9 BTC
Ouch, I don't feel too bad now about losing single-digit quantities of BTC. I'd assume that at least some of these accounts are Mark however (depending whether or not one believes he took the BTC himself).
March 09, 2014, 02:31:27 PM
Since the data seems to have been stolen around the time MtGox shutdown or later the question would be ... why would you keep this information on a webserver if you aren't actively using it anymore?
My guess is the db was stolen from a business associate/employee.
left from the leaker:
Code:
March 09, 2014, 02:27:19 PM
Since the data seems to have been stolen around the time MtGox shutdown or later the question would be ... why would you keep this information on a webserver if you aren't actively using it anymore?
March 09, 2014, 02:26:54 PM
Yikes. Sure I would not want to be in M.K.'s shoes these days. 
March 09, 2014, 02:25:29 PM
While these guys who released the files likely are doing it for the good of the community, there is that possibility that sensitive files are out there and you might want to assume that is the case and do all you can to protect yourself.
March 09, 2014, 02:17:58 PM
No sensitive user data, I believe.
While true, I'm sufficiently convinced (by checking my own account and BTC balance) that it's a legit database dump, so I'm also convinced Gox was pretty thoroughly owned and it is likely that all data Gox had was compromised. That means everyone's sensitive user data is probably out there *somewhere*, just not necessarily included in this particular set of leaked files.
March 09, 2014, 02:14:24 PM
*To check your balance, you need your Mtgox USER ID, from your first email of registration at MtGox.
For anyone curious, here's how to find your balance. For example, my original account creation Email from Gox looks about like this (with some numbers redacted):
Quote
Welcome to Mt.Gox!
Thank you for creating your account with us.
Your login: ZZZZZZZ
In order to enable your account, you need to enter your validation code on the Mt.Gox website.
Your confirmation code: ZZZZZZZZZZZZZZZZ
Alternatively you can click on or copy it into your browser via this url:
https://mtgox.com/signup/validate?ID=00000000-0000-0000-0000-000000000000&Code=ZZZZZZZZZZZZZZZZ
Best regards,
The Mt.Gox Team
[email protected]
https://mtgox.com/
Thank you for creating your account with us.
Your login: ZZZZZZZ
In order to enable your account, you need to enter your validation code on the Mt.Gox website.
Your confirmation code: ZZZZZZZZZZZZZZZZ
Alternatively you can click on or copy it into your browser via this url:
https://mtgox.com/signup/validate?ID=00000000-0000-0000-0000-000000000000&Code=ZZZZZZZZZZZZZZZZ
Best regards,
The Mt.Gox Team
[email protected]
https://mtgox.com/
Note the bolded portion above. I've replaced mine with 0's in the above, but yours will have a UUID-looking string of hexadecimal groups of numbers separated by hyphens. Cross-reference this with the "mtgox_balances" file from the leak. Your user ID will match the "User__" column.
I can confirm my BTC balance shown there matches what it was when Gox shut down, so this is recent data and appears to be a legit database dump.
legendary
Activity: 1862
Merit: 1011
Reverse engineer from time to time
March 09, 2014, 02:13:34 PM
So user data is in the zip? Ugh
No sensitive user data, I believe. 
March 09, 2014, 02:12:32 PM
I'll proceed to make cool visualizations with this zip.
March 09, 2014, 02:08:47 PM
So user data is in the zip? Ugh
March 09, 2014, 02:05:12 PM
It seems gox were 450 000 btc short, but still had around 501 000 btc in storage. So this is getting interesting.
so hackers manage to do this piece of bookkeeping in their free time
the guys who own Gox had 365 days a year to do it, and never noticed that coins were missing?
absolutely fucking ridiculous and it stinks to the moon.
March 09, 2014, 02:00:14 PM
Insane !!! How they got access to even Mark's personal blog ?
March 09, 2014, 01:59:49 PM
The posts keep disappearing off /r/bitcoin. this is some serious bullshit
March 09, 2014, 01:36:42 PM
UPDATE: Guys on irc confirmed that the dump is legit!!!
*To check your balance, you need your Mtgox USER ID, from your first email of registration at MtGox.
*To check your balance, you need your Mtgox USER ID, from your first email of registration at MtGox.
March 09, 2014, 01:32:05 PM
Mod note: be careful with the executable, run it only on an isolated virtual machine
You can still get them from here:
http://blog.magicaltux.net/wp-content/uploads/2014/03/MtGox2014Leak.zip [1] (716MB)
http://89.248.171.30/MtGox2014Leak.zip [2]
http://pastebin.com/f7DPskc7 [3]
http://burnbit.com/download/280433/MtGox2014Leak_zip
https://mega.co.nz/#!0VliDQBA!4Ontdi2MsLD4J5dV1-sr7pAgEYTSMi8rNeEMBikEhAs
The magnetlink is:
magnet:?xt=urn:btih:b6545ecc7db8d44c8cbc4e93989edf8221af75f5&dn=MtGox2014Leak.zip&tr=udp%3A%2F%2Ftracker.openbittorrent.com%3A80&tr=udp%3A%2F%2Ftracker.openbittorrent.com%3A80&tr=udp%3A%2F%2Ftracker.ccc.de%3A80&tr=udp%3A%2F%2Ftracker.istole.it%3A80&tr=udp%3A%2F%2Ftracker.publicbt.com%3A80&ws=http%3A%2F%2Fblog.magicaltux.net%2Fwp-content%2Fuploads%2F2014%2F03%2FMtGox2014Leak.zip
You can still get them from here:
http://blog.magicaltux.net/wp-content/uploads/2014/03/MtGox2014Leak.zip [1] (716MB)
http://89.248.171.30/MtGox2014Leak.zip [2]
http://pastebin.com/f7DPskc7 [3]
http://burnbit.com/download/280433/MtGox2014Leak_zip
https://mega.co.nz/#!0VliDQBA!4Ontdi2MsLD4J5dV1-sr7pAgEYTSMi8rNeEMBikEhAs
The magnetlink is:
magnet:?xt=urn:btih:b6545ecc7db8d44c8cbc4e93989edf8221af75f5&dn=MtGox2014Leak.zip&tr=udp%3A%2F%2Ftracker.openbittorrent.com%3A80&tr=udp%3A%2F%2Ftracker.openbittorrent.com%3A80&tr=udp%3A%2F%2Ftracker.ccc.de%3A80&tr=udp%3A%2F%2Ftracker.istole.it%3A80&tr=udp%3A%2F%2Ftracker.publicbt.com%3A80&ws=http%3A%2F%2Fblog.magicaltux.net%2Fwp-content%2Fuploads%2F2014%2F03%2FMtGox2014Leak.zip
March 09, 2014, 01:30:33 PM
It seems gox were 450 000 btc short, but still had around 501 000 btc in storage. So this is getting interesting.
March 09, 2014, 01:27:43 PM
Mod note: be careful with the executable, run it only on an isolated virtual machine
Copy: http://pastebin.com/f7DPskc7
Jump to: