mybitcoin hack | Bitcointalksearch.org

Xephan

newbie

Activity: 42

Merit: 0

Quote from: NothinG on August 14, 2011, 08:30:24 AM

In Linux...when you move a file, you're fucked.

Their fault for not having backups.

That's not true. Depending on which filesystem they are using, it can be just the same as recovering lost files from a FAT16/32 filesystem (ext2 uses similar mechanism to "delete" files), or a bit more complex requiring parsing filesystem journals and reconstructing from meta data.

In all cases, the most critical step is to stop writing to the disk as soon as the mistake is discovered. Yanking the power is better than a "proper" shutdown in this situation Cheesy

LoneTrader

newbie

Activity: 7

Merit: 0

Quote from: Mad7Scientist on August 14, 2011, 09:36:54 AM

The wallet wasn't stolen on mybitcoin there was an attack where there were fraudulent deposits which had 1 confirmation. Then the money was withdrawn from mybitcoin using real bitcoins which weren't fraudulent before the 1 confirmation deposits were discovered to be invalid.

Oh, I see. (Sorry, hadn't read the statement on mybitcoin.com.)

In that case, what do people mean when they say the bitcoins have not been moved? Are the withdrawal transactions known?

SomeoneWeird

hero member

Activity: 700

Merit: 500

Quote from: Mad7Scientist on August 14, 2011, 09:36:54 AM

The wallet wasn't stolen on mybitcoin there was an attack where there were fraudulent deposits which had 1 confirmation. Then the money was withdrawn from mybitcoin using real bitcoins which weren't fraudulent before the 1 confirmation deposits were discovered to be invalid.

We think.

Mad7Scientist

sr. member

Activity: 373

Merit: 262

The wallet wasn't stolen on mybitcoin there was an attack where there were fraudulent deposits which had 1 confirmation. Then the money was withdrawn from mybitcoin using real bitcoins which weren't fraudulent before the 1 confirmation deposits were discovered to be invalid.

LoneTrader

newbie

Activity: 7

Merit: 0

Quote from: NothinG on August 14, 2011, 08:30:24 AM

In Linux...when you move a file, you're fucked.

Well, that depends. If it's really valuable, and the data hasn't been overwritten on the disk, you can usually find it by looking for patterns in the raw disk contents.

However, if they left the server running, or even shut it down and rebooted it after the supposed hack, I agree there is little chance the data is still there.

NothinG

hero member

Activity: 560

Merit: 500

Quote from: LoneTrader on August 14, 2011, 08:02:10 AM

One thing I don't get: If the coins were never moved (is that certain?), then wouldn't a simple backup suffice to recover them and move them to a safe place? And even if there were no backups, it's often possible to recover lost files unless the attacker made a conscious effort to overwrite them.

Also, what about adding a sort of blacklist to the client, to make sure that these coins can never be moved in the future until further action is taken?

In Windows...when you move a file, there are traces which can be recovered.
In Linux...when you move a file, you're fucked.

Their fault for not having backups.

LoneTrader

newbie

Activity: 7

Merit: 0

One thing I don't get: If the coins were never moved (is that certain?), then wouldn't a simple backup suffice to recover them and move them to a safe place? And even if there were no backups, it's often possible to recover lost files unless the attacker made a conscious effort to overwrite them.

Also, what about adding a sort of blacklist to the client, to make sure that these coins can never be moved in the future until further action is taken?

NothinG

hero member

Activity: 560

Merit: 500

Quote from: crank123 on August 14, 2011, 04:42:31 AM

I have the same problem, fill the claim with my original mybitcoin.com address....

Anyone an idea how i get my bitcoins back?

Smart...

crank123

newbie

Activity: 6

Merit: 0

I have the same problem, fill the claim with my original mybitcoin.com address....

Anyone an idea how i get my bitcoins back?

Xephan

newbie

Activity: 42

Merit: 0

Quote from: Kyt Dotson on August 13, 2011, 02:37:14 PM

Quote from: Xephan on August 13, 2011, 02:34:50 PM

Quote from: Kyt Dotson on August 13, 2011, 02:30:54 PM

Of course, they could be staling in an attempt to determine if the flaw happens to be in the engine (or fix it.)

Or to add a working flaw into an unbroken engine Wink

I sure hope not! Undecided

The suspicion that it's a scam is always going to be there since it's just too easy to claim that we lost X% of your coins due to a hack. Yet to date it seems that none of the stolen coins were moved, so it sounds like the thief is waiting for attention to die down so nobody will be paying attention when he moves them. Since Bitcoin transfers are quite anonymous, why would an unknown thief be so concerned? Maybe once the coins start moving, we'll know who actually took them?

By the same token, it would imply that there wasn't any alleged flaw in the engine to begin with and this would be quickly discovered if released unaltered to public scrutiny. So I would delay releasing the source, then either inject in a flaw if I can find a technically plausible one OR claim I fixed the problem Wink

Please try not to remember this post when I start a AllYourBitCoin service Cheesy

Stefanie Andrea

newbie

Activity: 56

Merit: 0

That's evil Angry

Kyt Dotson

member

Activity: 105

Merit: 10

Quote from: Xephan on August 13, 2011, 02:34:50 PM

Quote from: Kyt Dotson on August 13, 2011, 02:30:54 PM

Of course, they could be staling in an attempt to determine if the flaw happens to be in the engine (or fix it.)

Or to add a working flaw into an unbroken engine Wink

I sure hope not! Undecided

Xephan

newbie

Activity: 42

Merit: 0

Quote from: Kyt Dotson on August 13, 2011, 02:30:54 PM

Of course, they could be staling in an attempt to determine if the flaw happens to be in the engine (or fix it.)

Or to add a working flaw into an unbroken engine Wink

Kyt Dotson

member

Activity: 105

Merit: 10

Quote from: Lolcust on August 13, 2011, 07:11:03 AM

I'm somewhat annoyed that they will only release the engine "after the claims get processed".

Also, I am very interested as to technical details of the "hack" - because, you know, if it happened because of a vuln in the mybitcoin engine and the vulnerability isn't fixed when the engine gets released, some very rough things might happen as a thousand tiny mybitcoin wannabes rise up and get pwnt.

As for jamieshelly's specific woes, I advise going to #bitcoin-police IRC channel on freenode
They are a swell bunch o fellas.

I am surprised that they aren't going to release the code until after all the transactions are completed. It seems to me that the concept of a good will gesture happens to be to show some sort of contrition for an issue. Of course, they could be staling in an attempt to determine if the flaw happens to be in the engine (or fix it.) One of the benefits of releasing it with caveat is so that an open source community could pore over it.

Lolcust

member

Activity: 112

Merit: 11

Hillariously voracious

I'm somewhat annoyed that they will only release the engine "after the claims get processed".

Also, I am very interested as to technical details of the "hack" - because, you know, if it happened because of a vuln in the mybitcoin engine and the vulnerability isn't fixed when the engine gets released, some very rough things might happen as a thousand tiny mybitcoin wannabes rise up and get pwnt.

As for jamieshelly's specific woes, I advise going to #bitcoin-police IRC channel on freenode
They are a swell bunch o fellas.

Stefanie Andrea

newbie

Activity: 56

Merit: 0

I filed a claim.

I had 200 btc
And it told me I had .2btc

What a ripoff Sad

lenguyenphat

newbie

Activity: 5

Merit: 0

Hard to say ;ucky or not!
As the report, some data has lost!
Lucky or not is that how much btc you lost!
In case of me, i have 3 btc
mybitcoin says i have 2 btc, and return me 0.98 btc
WTF
The ratio 49% they return for you is only appears after you accept the claim!
So you must accept it!

Stefanie Andrea

newbie

Activity: 56

Merit: 0

I had about 200 btc in MyBitcoin Cry

Kyt Dotson

member

Activity: 105

Merit: 10

After the hack and fall of MyBitcoin, I'm interested in seeing what the underlying "engine" is and how the community might end up working together to make it function better.

Mad7Scientist

sr. member

Activity: 373

Merit: 262

I saw him in #bitcoin-police a few days ago but that was it.

Topic: mybitcoin hack (Read 1760 times)