Pages:
Author

Topic: PAY FOR INFORMATION - 600 BTC REWARD FOR IDENTITY OF HACKER (Read 8925 times)

hero member
Activity: 899
Merit: 1002
Your plan of action can only be to feed the keylogger into IDA Pro, and like above determine where the stolen wallets are going. Now jack that email address and steal from the stealer or flood it with false information, or flood it with your own trojans, or call the FBI and have them do nothing cuz Russia doesn't care.
full member
Activity: 140
Merit: 100
Troll of the Fourth Reich.
We already have his ip

If it were me, I would reverse engineer the original binary that contained the keylogger. There is software that does this. The keylogger has to send the key events somewhere for him to receive them. Maybe they are sent directly to his computer. Another option would be to run the keylogger in a virtual machine and catch him in the act or even just run netstat -o to see where it's connecting to.

A long shot... You could install your own trojan in the virtual machine so that if he downloads the files and browses them he would be infected.
member
Activity: 68
Merit: 10
If it were me, I would reverse engineer the original binary that contained the keylogger. There is software that does this. The keylogger has to send the key events somewhere for him to receive them. Maybe they are sent directly to his computer. Another option would be to run the keylogger in a virtual machine and catch him in the act or even just run netstat -o to see where it's connecting to.

A long shot... You could install your own trojan in the virtual machine so that if he downloads the files and browses them he would be infected.
sr. member
Activity: 271
Merit: 250
no, it was from the official website. I simply did the mistake and combined windows with pirate copies
full member
Activity: 140
Merit: 100
Troll of the Fourth Reich.
Where did you download your bitcoin client from? It might have been a binded file

dear all,
i have received NEW important information in this issue


the hacker also owns the key 1AFs9GrQyPQpN5W73RzizcEap1CQ7whPZT and his "real" email address is [email protected]
he used IP address 97.106.160.84
on 2012-10-05 at 20:51:51

he used to mine on deepbit, but they do not hand out any info about their users and do not answer to my mails.


Maybe one of your guys are smart enough to get any useful information about this case


the 600 BTC reward are still available
legendary
Activity: 1358
Merit: 1000
considering 1 us could very easily jump to 1 satoshi with global acceptance

i reckon op dosn't quite realize the size of the target they really are maybe this will help





legendary
Activity: 1512
Merit: 1049
Death to enemies!
What if thief turns himself in, will he receive additional 600 BTC?

And two factor authentication will bring more disasters and total coin loss than trojan horses on computer. Mobile phones are very susceptible to total data loss due to misplacing and water damage, accidental resets, hardware failures. Mobile phones are inherently anti-privacy devices, with remote data wiping features on some models.

If You cannot keep the computer secure like 90% of derps out there, then only way to go is using offline wallets with Armory. Run Armory on computer that have no network connection and create watching only copy on your primary computer. Sign large transactions on offline computer.
full member
Activity: 196
Merit: 100

it is flawed, I have atleast one address with multiple transactions that do not even show up.....
sr. member
Activity: 271
Merit: 250
thanks starsoccer for offering your help;-)

and also thanks for your clarification. Indeed the 600 btc is meant as total reward in case several hints in combination would lead to catch the guy.  It does NOT mean that when i receive 4 "small" hints that i pay 4 times 600 BTC = 2400 btc. Also, i do not pay the reward bitcions beforehand and especially not before i can see the information, like you proposed. Also not to an escrow service, It has to prove as useful first to catch the guy. But it is independent from the question if he later can actually pay back the stolen coins or not.

I have received really valuable hints so far from the admin from bitmarket.eu, from danny for the detailed block chain analysis with his tool(s) and also for personal info for the email address in this forum and i really hope these hints will help me further in this issue. But unless it is some totally new trace that gives me the hackers identity from A to Z the mentioned persons would get a good share of the reward.

An exception regarding pre-payment is of course when expenses are concerned. I am glad to pay for any expenses that search for information would cause (like data base access fees or whatever)
legendary
Activity: 1630
Merit: 1000
I would just like to claify the following things for a few people, the 600 btc reward isnt a 1 person reward it is a multi person reward given to the most helpful hints. The 600 BTC are also not given to anyone until the scammer is taken to court and looses. Weather he pays or not does not affect the reward. As far as the most helpful hints go, currently as per my talk with mralbi, danny and maceij(yes the bitmarket owner who stole/lost users bitcoins). Also As far as escrow goes it is not an option. i would recommend it as after speaking with mralbi his story changed multiple times but this seems the be the final view of how everything will go.

This isnt meant to rip mralbi just clarify what he conveniently seems to leave out as after i contacted him willing to provide him with info and link the people and he basically quickly changed how the reward went multiple times.
legendary
Activity: 1722
Merit: 1217
if you do track him down, please break an extra knee/elbow just for me.
newbie
Activity: 53
Merit: 0
The IP address corresponding to the owner of a Bitcoin address can be determined if the owner has bitcoind or bitcoin-qt listening on a publicly-available Internet address.

https://bitcointalksearch.org/topic/m.1447232
hero member
Activity: 868
Merit: 1000
Just discovered this website:
http://blockviewer.com/#1AFs9GrQyPQpN5W73RzizcEap1CQ7whPZT

Looks like my program missed a few addresses (the website reports 954 addresses controlled by the controller of 1AFs9GrQyPQpN5W73RzizcEap1CQ7whPZT).

It also shows a list of who they've sent transactions to and who they've received transactions from.  If you can positively identify any of the people who have engaged in transactions, they might be able to assist you in identifying.

Would love for the first btc thief to be caught. It's a longshot, but not impossible, if the thief fucked up somewhere, there may be some leads back to him.
legendary
Activity: 3472
Merit: 4801
Just discovered this website:
http://blockviewer.com/#1AFs9GrQyPQpN5W73RzizcEap1CQ7whPZT

Looks like my program missed a few addresses (the website reports 954 addresses controlled by the controller of 1AFs9GrQyPQpN5W73RzizcEap1CQ7whPZT).

It also shows a list of who they've sent transactions to and who they've received transactions from.  If you can positively identify any of the people who have engaged in transactions, they might be able to assist you in identifying.
legendary
Activity: 3472
Merit: 4801
mralbi,

I've finished my program that scans the blockchain and uses the inputs from transactions to link addresses to a single entity that controls the list of addresses.  A person can keep addresses from being tied together by being careful to keep their bitcoins in separate wallets or using raw transactions for coin-control to avoid connecting addresses together in inputs, so the program will not be able to report those addresses that are carefully segregated.

Running the program, I find 901 addresses that can all be said to have been used in inputs by someone who has the private key to 1AFs9GrQyPQpN5W73RzizcEap1CQ7whPZT.

I've emailed the list to you.
sr. member
Activity: 271
Merit: 250
yes, the bitcoin world is small.... and despite of all the mess i am in with my losses on bitmarket and with the hack, this is still from some point of view funny....
foo
sr. member
Activity: 409
Merit: 250
The connection between the keys came from bitmarket.eu data which should be sufficiently acceptable as proof before court.
Interesting... So the thief funneled some of the money stolen from mralbi through bitmarket.eu, but didn't count on mralbi buying BitMarket and getting access to the database. Grin
legendary
Activity: 1652
Merit: 2301
Chief Scientist
Isn't two-factor something that's already been implemented, or already worked on ? Ie. you want to send coins, and then you have to use two devices to do it ?

It is very high on the priority list, yes. Miners already support it, but there are still a couple of steps to go before you can create a wallet split between Bitcoin-Qt running on your desktop computer and an app running on your iPhone.
member
Activity: 112
Merit: 16
the email address (and the IP) i got also from the bitmarket.eu database of users. Of course first idea i had was write an email to this address and ask directly, but of course he did not get an answer.

Ok thanks a lot, i will check this guy asap

Good luck!
sr. member
Activity: 271
Merit: 250
the email address (and the IP) i got also from the bitmarket.eu database of users. Of course first idea i had was write an email to this address and ask directly, but of course he did not get an answer.

Ok thanks a lot, i will check this guy asap
Pages:
Jump to: