Pages:
Author

Topic: Hackers steal data from MtGox server and release it with Mark's reddit account. - page 7. (Read 15403 times)

hero member
Activity: 531
Merit: 505
I found some 100k BTC *deposits* into MtGox in 2012-05 .. nice.
legendary
Activity: 1320
Merit: 1007
Is there any proof in these documents if these coins were stolen by Gox, or stolen by hackers?
sr. member
Activity: 347
Merit: 250
Top 10 (apparent) account balances in the leaked database dump:

711a4e9d-e183-...    44547.7 BTC
34fcda44-5832-...    43768.2 BTC
c0b24126-f199-...    19985.0 BTC
92d047e9-9f2b-...    11500.6 BTC
ff84fc35-b22a-...    11007.8 BTC
0afba433-817e-...     9819.2 BTC
19b38844-b58b-...     8752.6 BTC
945e5a15-4100-...     8000.0 BTC
4339257e-4b12-...     6051.3 BTC
0766852e-9187-...     5199.9 BTC

Ouch, I don't feel too bad now about losing single-digit quantities of BTC.  I'd assume that at least some of these accounts are Mark however (depending whether or not one believes he took the BTC himself).
hero member
Activity: 770
Merit: 500
Since the data seems to have been stolen around the time MtGox shutdown or later the question would be ... why would you keep this information on a webserver if you aren't actively using it anymore?  

My guess is the db was stolen from a business associate/employee.

left from the leaker:
Code:
donator
Activity: 1218
Merit: 1079
Gerald Davis
Since the data seems to have been stolen around the time MtGox shutdown or later the question would be ... why would you keep this information on a webserver if you aren't actively using it anymore?  
legendary
Activity: 1372
Merit: 1014
Yikes. Sure I would not want to be in M.K.'s shoes these days.  Tongue
full member
Activity: 176
Merit: 100
While these guys who released the files likely are doing it for the good of the community, there is that possibility that sensitive files are out there and you might want to assume that is the case and do all you can to protect yourself.
sr. member
Activity: 347
Merit: 250
No sensitive user data, I believe.

While true, I'm sufficiently convinced (by checking my own account and BTC balance) that it's a legit database dump, so I'm also convinced Gox was pretty thoroughly owned and it is likely that all data Gox had was compromised.  That means everyone's sensitive user data is probably out there *somewhere*, just not necessarily included in this particular set of leaked files.
sr. member
Activity: 347
Merit: 250
*To check your balance, you need your Mtgox USER ID, from your first email of registration at MtGox.

For anyone curious, here's how to find your balance.  For example, my original account creation Email from Gox looks about like this (with some numbers redacted):


Quote
Welcome to Mt.Gox!

Thank you for creating your account with us.

Your login: ZZZZZZZ

In order to enable your account, you need to enter your validation code on the Mt.Gox website.

Your confirmation code: ZZZZZZZZZZZZZZZZ

Alternatively you can click on or copy it into your browser via this url:
https://mtgox.com/signup/validate?ID=00000000-0000-0000-0000-000000000000&Code=ZZZZZZZZZZZZZZZZ


Best regards,
The Mt.Gox Team
[email protected]
https://mtgox.com/

Note the bolded portion above.  I've replaced mine with 0's in the above, but yours will have a UUID-looking string of hexadecimal groups of numbers separated by hyphens.  Cross-reference this with the "mtgox_balances" file from the leak.  Your user ID will match the "User__" column.

I can confirm my BTC balance shown there matches what it was when Gox shut down, so this is recent data and appears to be a legit database dump.
legendary
Activity: 1862
Merit: 1011
Reverse engineer from time to time
So user data is in the zip? Ugh
No sensitive user data, I believe.
legendary
Activity: 1386
Merit: 1053
Please do not PM me loan requests!
 I'll proceed to make cool visualizations with this zip.
full member
Activity: 168
Merit: 100
Brad Willman, SSCP, LTCP, MCTS,SCE,BCE
So user data is in the zip? Ugh
legendary
Activity: 1372
Merit: 1014
It seems gox were 450 000 btc short, but still had around 501 000 btc in storage. So this is getting interesting.

so hackers manage to do this piece of bookkeeping in their free time

the guys who own Gox had 365 days a year to do it, and never noticed that coins were missing?

absolutely fucking ridiculous and it stinks to the moon.
legendary
Activity: 2394
Merit: 1216
The revolution will be digital
Insane !!! How they got access to even Mark's personal blog ?
member
Activity: 76
Merit: 10
Enemy of the State
The posts keep disappearing off /r/bitcoin. this is some serious bullshit
newbie
Activity: 14
Merit: 0
UPDATE: Guys on irc confirmed that the dump is legit!!!

*To check your balance, you need your Mtgox USER ID, from your first email of registration at MtGox.

sr. member
Activity: 280
Merit: 250
Mod note: be careful with the executable, run it only on an isolated virtual machine

You can still get them from here:

http://blog.magicaltux.net/wp-content/uploads/2014/03/MtGox2014Leak.zip [1] (716MB)

http://89.248.171.30/MtGox2014Leak.zip [2]

http://pastebin.com/f7DPskc7 [3]

http://burnbit.com/download/280433/MtGox2014Leak_zip

https://mega.co.nz/#!0VliDQBA!4Ontdi2MsLD4J5dV1-sr7pAgEYTSMi8rNeEMBikEhAs

The magnetlink is:

magnet:?xt=urn:btih:b6545ecc7db8d44c8cbc4e93989edf8221af75f5&dn=MtGox2014Leak.zip&tr=udp%3A%2F%2Ftracker.openbittorrent.com%3A80&tr=udp%3A%2F%2Ftracker.openbittorrent.com%3A80&tr=udp%3A%2F%2Ftracker.ccc.de%3A80&tr=udp%3A%2F%2Ftracker.istole.it%3A80&tr=udp%3A%2F%2Ftracker.publicbt.com%3A80&ws=http%3A%2F%2Fblog.magicaltux.net%2Fwp-content%2Fuploads%2F2014%2F03%2FMtGox2014Leak.zip

hero member
Activity: 770
Merit: 500
It seems gox were 450 000 btc short, but still had around 501 000 btc in storage. So this is getting interesting.
legendary
Activity: 1974
Merit: 1030
they just removed his post.
Well that was fast.

Mod note: be careful with the executable, run it only on an isolated virtual machine

Copy: http://pastebin.com/f7DPskc7
Pages:
Jump to: