Pages:
Author

Topic: mybitcoin hack (Read 1784 times)

newbie
Activity: 42
Merit: 0
August 14, 2011, 11:59:08 AM
#24
In Linux...when you move a file, you're fucked.

Their fault for not having backups.

That's not true. Depending on which filesystem they are using, it can be just the same as recovering lost files from a FAT16/32 filesystem (ext2 uses similar mechanism to "delete" files), or a bit more complex requiring parsing filesystem journals and reconstructing from meta data.

In all cases, the most critical step is to stop writing to the disk as soon as the mistake is discovered. Yanking the power is better than a "proper" shutdown in this situation Cheesy
newbie
Activity: 7
Merit: 0
August 14, 2011, 10:36:16 AM
#23
The wallet wasn't stolen on mybitcoin there was an attack where there were fraudulent deposits which had 1 confirmation. Then the money was withdrawn from mybitcoin using real bitcoins which weren't fraudulent before the 1 confirmation deposits were discovered to be invalid.

Oh, I see. (Sorry, hadn't read the statement on mybitcoin.com.)

In that case, what do people mean when they say the bitcoins have not been moved? Are the withdrawal transactions known?
hero member
Activity: 700
Merit: 500
August 14, 2011, 09:33:35 AM
#22
The wallet wasn't stolen on mybitcoin there was an attack where there were fraudulent deposits which had 1 confirmation. Then the money was withdrawn from mybitcoin using real bitcoins which weren't fraudulent before the 1 confirmation deposits were discovered to be invalid.

We think.
sr. member
Activity: 373
Merit: 262
August 14, 2011, 08:36:54 AM
#21
The wallet wasn't stolen on mybitcoin there was an attack where there were fraudulent deposits which had 1 confirmation. Then the money was withdrawn from mybitcoin using real bitcoins which weren't fraudulent before the 1 confirmation deposits were discovered to be invalid.
newbie
Activity: 7
Merit: 0
August 14, 2011, 08:18:42 AM
#20
In Linux...when you move a file, you're fucked.

Well, that depends. If it's really valuable, and the data hasn't been overwritten on the disk, you can usually find it by looking for patterns in the raw disk contents.

However, if they left the server running, or even shut it down and rebooted it after the supposed hack, I agree there is little chance the data is still there.
hero member
Activity: 560
Merit: 500
August 14, 2011, 07:30:24 AM
#19
One thing I don't get: If the coins were never moved (is that certain?), then wouldn't a simple backup suffice to recover them and move them to a safe place? And even if there were no backups, it's often possible to recover lost files unless the attacker made a conscious effort to overwrite them.

Also, what about adding a sort of blacklist to the client, to make sure that these coins can never be moved in the future until further action is taken?
In Windows...when you move a file, there are traces which can be recovered.
In Linux...when you move a file, you're fucked.

Their fault for not having backups.
newbie
Activity: 7
Merit: 0
August 14, 2011, 07:02:10 AM
#18
One thing I don't get: If the coins were never moved (is that certain?), then wouldn't a simple backup suffice to recover them and move them to a safe place? And even if there were no backups, it's often possible to recover lost files unless the attacker made a conscious effort to overwrite them.

Also, what about adding a sort of blacklist to the client, to make sure that these coins can never be moved in the future until further action is taken?
hero member
Activity: 560
Merit: 500
August 14, 2011, 04:18:44 AM
#17
I have the same problem, fill the claim with my original mybitcoin.com address....

Anyone an idea how i get my bitcoins back?
Smart...
newbie
Activity: 6
Merit: 0
August 14, 2011, 03:42:31 AM
#16
I have the same problem, fill the claim with my original mybitcoin.com address....

Anyone an idea how i get my bitcoins back?
newbie
Activity: 42
Merit: 0
August 14, 2011, 01:25:59 AM
#15
Of course, they could be staling in an attempt to determine if the flaw happens to be in the engine (or fix it.)

Or to add a working flaw into an unbroken engine Wink


I sure hope not!  Undecided

The suspicion that it's a scam is always going to be there since it's just too easy to claim that we lost X% of your coins due to a hack. Yet to date it seems that none of the stolen coins were moved, so it sounds like the thief is waiting for attention to die down so nobody will be paying attention when he moves them. Since Bitcoin transfers are quite anonymous, why would an unknown thief be so concerned? Maybe once the coins start moving, we'll know who actually took them?

By the same token, it would imply that there wasn't any alleged flaw in the engine to begin with and this would be quickly discovered if released unaltered to public scrutiny. So I would delay releasing the source, then either inject in a flaw if I can find a technically plausible one OR claim I fixed the problem Wink

Please try not to remember this post when I start a AllYourBitCoin service Cheesy

newbie
Activity: 56
Merit: 0
August 13, 2011, 05:46:37 PM
#14
That's evil  Angry
member
Activity: 105
Merit: 10
August 13, 2011, 01:37:14 PM
#13
Of course, they could be staling in an attempt to determine if the flaw happens to be in the engine (or fix it.)

Or to add a working flaw into an unbroken engine Wink


I sure hope not!  Undecided
newbie
Activity: 42
Merit: 0
August 13, 2011, 01:34:50 PM
#12
Of course, they could be staling in an attempt to determine if the flaw happens to be in the engine (or fix it.)

Or to add a working flaw into an unbroken engine Wink
member
Activity: 105
Merit: 10
August 13, 2011, 01:30:54 PM
#11
I'm somewhat annoyed that they will only release the engine "after the claims get processed".

Also, I am very interested as to technical details of the "hack" - because, you know, if it happened because of a vuln in the mybitcoin engine and the vulnerability isn't fixed when the engine gets released, some very rough things might happen as a thousand tiny mybitcoin wannabes rise up and get pwnt.

As for jamieshelly's specific woes, I advise going to #bitcoin-police IRC channel on freenode
They are a swell bunch o fellas.

I am surprised that they aren't going to release the code until after all the transactions are completed. It seems to me that the concept of a good will gesture happens to be to show some sort of contrition for an issue. Of course, they could be staling in an attempt to determine if the flaw happens to be in the engine (or fix it.) One of the benefits of releasing it with caveat is so that an open source community could pore over it. Smiley

member
Activity: 112
Merit: 11
Hillariously voracious
August 13, 2011, 06:11:03 AM
#10
I'm somewhat annoyed that they will only release the engine "after the claims get processed".

Also, I am very interested as to technical details of the "hack" - because, you know, if it happened because of a vuln in the mybitcoin engine and the vulnerability isn't fixed when the engine gets released, some very rough things might happen as a thousand tiny mybitcoin wannabes rise up and get pwnt.

As for jamieshelly's specific woes, I advise going to #bitcoin-police IRC channel on freenode
They are a swell bunch o fellas.
newbie
Activity: 56
Merit: 0
August 13, 2011, 05:23:37 AM
#9
I filed a claim.

I had 200 btc
And it told me I had .2btc

What a ripoff  Sad
newbie
Activity: 5
Merit: 0
August 13, 2011, 04:56:51 AM
#8
Hard to say ;ucky or not!
As the report, some data has lost!
Lucky or not is that how much btc you lost!
In case of me, i have 3 btc
mybitcoin says i have 2 btc, and return me 0.98 btc
WTF
The ratio 49% they return for you is only appears after you accept the claim!
So you must accept it!
newbie
Activity: 56
Merit: 0
August 13, 2011, 04:07:47 AM
#7
I had about 200 btc in MyBitcoin  Cry
member
Activity: 105
Merit: 10
August 13, 2011, 01:22:53 AM
#6
After the hack and fall of MyBitcoin, I'm interested in seeing what the underlying "engine" is and how the community might end up working together to make it function better. Smiley
sr. member
Activity: 373
Merit: 262
August 13, 2011, 12:33:50 AM
#5
I saw him in #bitcoin-police a few days ago but that was it.
Pages:
Jump to: