Topic: I just got hacked - any help is welcome! (25,000 BTC stolen) - page 2. (Read 381810 times)

Hum, no. In fact, the moment you send stolen coins to an exchange is the moment you can get caught and linked to a personal identity. In the method I described, stolen coins would be tracked by the Bitcoin client, including the clients used by exchanges/merchants to receive payments.

You're definitely right, the nature of bitcoin makes it easy to launder funds. I'd certainly like to demo your tracker program Good luck with it!

Closed-source browser? Interesting choice

Re: I just got hacked - any help is welcome! (25,000 BTC stolen)
$5 flash drive w/ multiple wallets in non-default locations
Windows 7, third party browser like Opera, and AV
Even more serious? Bitlocker or Truecrypt
Not loosing 25,000 BTC priceless
Makes a lot more sense than tracking everyone's BTC transactions.

I don't see much profit in it.  There's no way that such a company could recover the funds, even if they were labeled as stolen.  And all someone would have to do is some quick laundering if they noticed some of the coins they had were on the list.  Sending them to a couple of exchanges, then back to themselves would suffice.

That said, I would like to build a tracker program with some reasonable statistical analysis.  People would be able to outsmart it, but for the most part, you would be able to see what addresses/coins are associated with a particular address.  It would be a fascinating analysis for sure.

Honestly anything is better than what we have now - which is NOTHING. Nobody is going to take BTC seriously if the currency is seen as being super risky - in the sense that there is no recourse against theft.

What you described can be useful as long as the reputation and rating system is robust and secure.

To be honest I'm surprised nobody has created any such service. It would be fine for me if it was for profit. I for one would gladly pay a percentage of the funds recovered if I can have them back. There could be a LOT of money in it for any company/organization who sets this up.

Another thing that could be useful would be a website that does in a more professional, detailed and graphical manner the same thing my C program does - track bitcoins. Once again I and no doubt many people would pay for this service. So my point is that there is a lot of opportunity for bitcoin security entrepreneurs. But sadly I get the impression that those who are intimately familiar with computer security and far more busy figuring out ways to STEAL bitcoins instead of how to legitimately EARN them. I could be over-reacting here and may be wrong on this wide generalization, but anyways, thanks for sharing your ideas mrb!

It would be nice if there was a centralized database/website where people like allinvain could report fraudulent transactions with as much details as possible ("theft of 25k BTC", link to forum thread), and if the Bitcoin client could check this database and would instantly alert its user when receiving coins that are linked to these fraudulent transactions. The receiver of the coins could report, on the website, as much info as possible about the sender of the coins, who could, in turn, be contacted, and so on, to trace the transactions backward up to the original thief. Think about this as an open platform for voluntarily de-anonymizing Bitcoin transactions.

Of course, some problems need to be addressed. One of them being that malicious users would attempt to pollute the centralized database by reporting many "fraudulent transactions". A rating system could be implemented to allow the community to rate the plausibility of each theft. The Bitcoin client would only alert its user if a certain level of plausibility is met. By default only the most well-known thefts that have been largely publicized would be tracked by the client. (For example most people recognize that the theft of allinvain's money is real, given how much energy/time he has spent on the forums tracking it and communicating about it.)

Another problem is that the original thief would most likely transfer the coins to a few addresses, and create a fake persona X pretending to have received them from Y, and them would spend the coin while pretending to be X. The voluntary de-anonymizer platform would be able to trace the thief at least up to persona "X" but would have no way to distinguish if X is the thief, or Y, etc. It would have successfully traced back to the thief, but its identity would be unknown, so... would that make it useful or not?

I'd also like to say that if any of you can come up with an improved version of that C program I shared please by all means feel free to do so. I'd also like to thank a guy that goes by the IRC handle of vegard for creating this program. I am sure he would have no problems with modifications to his program. But I'd kindly ask that if you improve it/modify it that you'd share it with the bitcoin community in the same spirit that I/vegard have done.

Take care everyone!

Yep, sadly no. The bitcoin community has been plagued by thieves lately but I sincerely hope this only makes us stronger/smarter/more secure.

+1

Just want to say allinvain, that you arent alone anymore.

Just for shitz'n'giggles I updated the btc tracking data. Everything including the program I used to track the coins can be found at the link below (hope you find it useful somehow):

http://allinvain.4shared.com

Jesus, let this zombie thread DIE already.

Yeah  Not sure what else I can really say.

Best of luck with your mining!

Blimey! just finished reading every single post on this thread....*rubs eyes*

beens that at my current hashing rate i will generate (if the difficulty never goes up) 25,000 coins in approximatly 1712 years i really feel for you allinvain

I don't think that is related to the theft, but I read on that thread you opened that it wasn't 20K but more like 10K.

I don't. Word just came through IRC that there was a big selloff on MtGox just a bit ago. Maybe we'll get more info soon?

20,000 BTC sold though. How many folks would sell it all in one big chunk like that?

I'm able to track it to a certain degree, but the tool that I'm using needs to be ran on a regular basis and I haven't ran it recently (kind of given up on this thing). The problem for me is that I do not have the coding skills necessary to properly track the coins. I can run this tool that was built for me, but then again all that does is spew up a ton of addresses and transaction, but does not provide any other info.

Do you know the address of where some of the coins came from?

Allinvain, was it possibly your 20K in coins that just got cashed out on MtGox?

Just curious if you've been able to track it.

I agree. There are numerous key infrastructures that btc does not have which almost every other standard currency does. As it stands BTC  = wild west of currencies. This is not to say that it won't change; I'm hoping it does.

My biggest regret (besides me not moving the coins to a linux box) is not having the wallet.dat encrypted by default. I am almost 99% sure that the coins would not have been stolen had the file been encrypted.