Pages:
Author

Topic: klee's hacked 1170 btc, Part II (Read 10876 times)

legendary
Activity: 812
Merit: 1002
July 19, 2014, 02:04:19 PM
As per klee's request in PM and in here, I've locked the thread. We don't need 2 concurrent ones running anyways since he has unlocked the other one.
legendary
Activity: 1498
Merit: 1000
July 19, 2014, 03:27:37 AM
@haploid23 lock this thread please, I will open a new self moderated one!
hero member
Activity: 518
Merit: 500
July 19, 2014, 03:09:05 AM
You have been reported troll  Wink

Can't you see the IP address of the person who accessed your Dropbox? If not, you could probably email support asking that question too.
full member
Activity: 157
Merit: 100
July 19, 2014, 03:01:23 AM
Hacker definitely scared; asking for thread to be closed.  Go get him.
hero member
Activity: 518
Merit: 500
July 17, 2014, 11:04:27 PM
I need that bounty, so I will help search for this ish.
newbie
Activity: 44
Merit: 0
July 17, 2014, 04:26:56 AM
Sad to see that amount stolen, I feel sorry for klee.
legendary
Activity: 1498
Merit: 1000
July 17, 2014, 01:32:12 AM
You have been reported troll  Wink
legendary
Activity: 1498
Merit: 1000
July 17, 2014, 12:31:55 AM
Probably a dropbox employee, lol.

Why would he give anything back?  Unless he was giving the whole amount back minus the bounty, which would actually make some sense..  re; you offered this reward, i am giving it all back now minus the reward, be more careful in the future, best of luck, thanks for all the chips

Dropbox had nothing to do with it.  There were multiple thieves involved but Klee knows one of the thieves personally.  She is a small, thin woman with dark hair in her thirties.

So why dont he make his moves outside and get this woman as fast as possible so people here can stop making maps on the blockchain.
He is a troll ignore him..
sr. member
Activity: 266
Merit: 250
July 16, 2014, 11:33:47 PM
The fear of being caught is definitely there for the thief. A HUGE amount of btc was stolen, so morals are out the window. The 462 btc being returned is not out of good faith but rather the fear being caught. Otherwise, one of the condition wouldn't have been to lock the original thread. He probably already knows of the evidence that has been left behind.
I doubt the hacker knew just how much he was going to be able to get away with when he got the credentials to klees wallet, I think he really just got lucky and is probably not very good a "covering his tracks"

I think that the hacker really doesn't know how much evidence was left behind and decided to return part of the coins to be a little more certain that he would not be caught.

The hacker is a noob one and probably stupid, he just got lucky, the groups of hackers who hack exchanges dont "negotiate".

So we have an advantage here
Well there is potentially an upside to negotiating as even if you cannot trace the bitcoin from point A to point B, it would still be possible to watch for large transactions from known bitmixer addresses that happened after the hack took place to try to determine where the hacker's mixed bitcoin are. This is much more advanced that what is available on blockchain.info and would only be possible with large amounts.

Since the max delay that can be used with bitmixer is 12 hours and we know the ~time the coins were sent to bitmixer we could look at all the output addresses from known bitmixer addresses and look for combinations of outputs that equal to the amount of the stolen coins +-5%. I don't know how much business that bitmixer does per day, but I doubt that it is thousands of bitcoin per day.
sr. member
Activity: 462
Merit: 250
July 16, 2014, 11:22:48 PM
Probably a dropbox employee, lol.

Why would he give anything back?  Unless he was giving the whole amount back minus the bounty, which would actually make some sense..  re; you offered this reward, i am giving it all back now minus the reward, be more careful in the future, best of luck, thanks for all the chips

Dropbox had nothing to do with it.  There were multiple thieves involved but Klee knows one of the thieves personally.  She is a small, thin woman with dark hair in her thirties.

So why dont he make his moves outside and get this woman as fast as possible so people here can stop making maps on the blockchain.
hero member
Activity: 686
Merit: 500
July 16, 2014, 10:37:13 PM
I'm hearing a lot about Dropbox associated with compromised data. Is there any central place where this is being discussed? Is there anything credible that points to employees compromising accounts?
zvs
legendary
Activity: 1680
Merit: 1000
https://web.archive.org/web/*/nogleg.com
July 16, 2014, 10:31:33 PM
The fear of being caught is definitely there for the thief. A HUGE amount of btc was stolen, so morals are out the window. The 462 btc being returned is not out of good faith but rather the fear being caught. Otherwise, one of the condition wouldn't have been to lock the original thread. He probably already knows of the evidence that has been left behind.
I doubt the hacker knew just how much he was going to be able to get away with when he got the credentials to klees wallet, I think he really just got lucky and is probably not very good a "covering his tracks"

I think that the hacker really doesn't know how much evidence was left behind and decided to return part of the coins to be a little more certain that he would not be caught.

The hacker is a noob one and probably stupid, he just got lucky, the groups of hackers who hack exchanges dont "negotiate".

So we have an advantage here
Probably a dropbox employee, lol.

Why would he give anything back?  Unless he was giving the whole amount back minus the bounty, which would actually make some sense..  re; you offered this reward, i am giving it all back now minus the reward, be more careful in the future, best of luck, thanks for all the chips
hero member
Activity: 686
Merit: 500
July 16, 2014, 10:31:07 PM
How can we merge the two threads?

PM a mod to do it. I'm a mod on an SMF forum and I have this ability, so they likely do as well. I would PM malevolent or one of the global mods. Seems better than locking one.
sr. member
Activity: 462
Merit: 250
July 16, 2014, 10:15:27 PM
The fear of being caught is definitely there for the thief. A HUGE amount of btc was stolen, so morals are out the window. The 462 btc being returned is not out of good faith but rather the fear being caught. Otherwise, one of the condition wouldn't have been to lock the original thread. He probably already knows of the evidence that has been left behind.
I doubt the hacker knew just how much he was going to be able to get away with when he got the credentials to klees wallet, I think he really just got lucky and is probably not very good a "covering his tracks"

I think that the hacker really doesn't know how much evidence was left behind and decided to return part of the coins to be a little more certain that he would not be caught.

The hacker is a noob one and probably stupid, he just got lucky, the groups of hackers who hack exchanges dont "negotiate".

So we have an advantage here
sr. member
Activity: 280
Merit: 250
Make Love Not War
July 16, 2014, 10:06:30 PM
1170 BTC is very very huge amount..
sr. member
Activity: 266
Merit: 250
July 16, 2014, 09:43:18 PM
The fear of being caught is definitely there for the thief. A HUGE amount of btc was stolen, so morals are out the window. The 462 btc being returned is not out of good faith but rather the fear being caught. Otherwise, one of the condition wouldn't have been to lock the original thread. He probably already knows of the evidence that has been left behind.
I doubt the hacker knew just how much he was going to be able to get away with when he got the credentials to klees wallet, I think he really just got lucky and is probably not very good a "covering his tracks"

I think that the hacker really doesn't know how much evidence was left behind and decided to return part of the coins to be a little more certain that he would not be caught.
legendary
Activity: 966
Merit: 1000
July 16, 2014, 08:57:16 AM
How can we merge the two threads?

maybe lock one of them with a link post to the active thread in the locked one?
Im not sure that is what you want...
Probably the best soulution, just make sure that your post is last and it forwards to another thread.
sr. member
Activity: 476
Merit: 250
July 16, 2014, 08:41:30 AM
In another thread kee said that GoDaddy domain is irellevant Sad
I agree with full forensic inspection and to find an attack vector hacker used.
I guess that plaintex file on db had other passwords too among the wallet pass.
hero member
Activity: 546
Merit: 500
July 16, 2014, 08:29:34 AM
How can we merge the two threads?

Just read the updates,  did the hacker actually send the 462 back, also kudos to RocketSingh for locating the guy.

Just a suggestion once you do find out the actual hacker get Roger Ver to tweet about it again, just like the first time.  

Get some more media coverage on this, it may very well be the first time a hacker has been caught with a theft of this magnitude in Bitcoin


hero member
Activity: 715
Merit: 500
July 16, 2014, 08:27:43 AM
How can we merge the two threads?

maybe lock one of them with a link post to the active thread in the locked one?
Im not sure that is what you want...
Pages:
Jump to: