Topic: Public STATEMENT Regarding Bitcoinica account hack at MtGox - page 18. (Read 72856 times)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Bitcoinica Hacker,

I am owed 24841 BTC by Bitcoinica,
So far I have received 1549.3209 back from Zhou Tong and 1 BTC from an anonymous donor.

Please return the remaining 23,290.6791 BTC to 16HMoS4TryH7wWsAv2PtvxiHX8QGXMGczi

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJQEOIqAAoJEClapCtxKMpSZIIQAIQdd+cJtQTqzWMwGQY4gr3o
Z58XHXvsuancxrZPfPTive66oAle30zUpbZnMEcOjRKGAcQAItFHrcnBKxkr0Cic
32frmzVBJvnx2c7zmNrc4mYSk0kwnuJ8gE3vuK6RL0OaarH7v7tewhwqfDF1zRn/
v9TLSpU97vo1qXp5AuGjzeVuZNfznx/a9ozazwzDXaRVrPIHO1Fu6bWKPLlZfiGU
EKRKTA+95hccvS7SyNu/W+pSQXNMfv81ZsPb2Y9JLGrqNMnArCNzbUZgpH+zPo2n
SCo4cw5Texjm1tiruRCBfDT74SdhO1GxiJOmkGkph4i4+aBA3FolNCJcc22le/lp
Q9lYaqbTJ9WxTxfi8K9PSD01xV/BhNFGbmqKjuE1j9OnoCfQq1g3VprDSaGMjBoD
9hG5eq52pWsCwpYvm0/kjeiNQBCfnM4V15MUHrQI47RlUC5k1UYXHlX/hZWiKfIs
0hF3vcnrcghY+r7QYU7c2y2FxmuJ4P8S3GAMXBZgEH4iBiuns7H1jblqZwp4/DQj
YcZQznpcw7VYEixdv41X/qyiz9rGkeH7taPmRDfiYsLbASCiGMwxhTfgYJRHXFXp
oHjwjpgDLIF1yNisDSXYEwS50LjMRKCJv194jalsci91xUNz00Nf5JVwFHepZqrD
AldwR2KFkeMV2g2hA9x4
=cq/J
-----END PGP SIGNATURE-----

Good advice, the community could change in a good way too.

It's sometime impressive the things peoples think getting away with. (with a legal slap on the hand)

Such is the aberrant behavior promoted and supported by the distorted values of a monetary system.

Here is the link to the official Singapore Government Website http://statutes.agc.gov.sg/ There are many offenses for which caning is part of the punishment.

I feel compelled to write, that people should be very careful about their words and actions.

The amounts of money involved here -- people are murdered over these sorts of things every day.

The Bitcoin community needs to get its act together on security. Censorship-resistant is good, but it's not enough.

All it will take is one Bitcoin-related murder, and things will change in our community forever.

Even though many are murdered for dollars every day.

Thanks for this useful post.

No, none of the hacks was performed by me.

Does all the Bitcoinica drama actually boil down to "I gave some BTC to some guy in China, and he won't give them back!" ??

Interpol is just a clearing house which co-ordinates co-operation between the law enforcement agencies of different nations.  Jurisdiction would belong to the nation from which the crime is deemed to have been committed or to have taken place (where there are multiple jurisdictions involved, one place can cede jurisdiction to another).

Jurisdiction doesn't become an issue until a criminal investigation has been conducted.  Mt Gox is the only party so far which acknowledges having filed a police report.  I suspect that the release of this information will prompt people to file reports with the appropriate computer crime units in their own countries (I know one person had already reported the Bitcoinica hacks to the DoJ in the US).  It's those law enforcement agencies who'll determine if any charges are laid and where.

It would certainly be wise for Zhou to retain a lawyer at this point.

I use my own Liberty Reserve account for all my own transactions, including those on behalf of my friend.

I placed the order from my own LR to send to my own bank account, and it's a genuine transaction unrelated to the hack.

The hacker has attempted to withdraw money from the SJ email to his bank account or another bank account that he controls. I have posted the detailed information in the statement.

My email [email protected] was last accessed from 62.113.219.5 on July 13. The password has not been changed by the hacker (but I have changed just now).

There was an auto-forwarding to [email protected] (which is another email address of mine). However it has been changed to [email protected] (which is the email that was used to send the "Bitcoinica is done" email to [email protected]). Of course I couldn't be notified about any email since the change.

The email account had a heavily-reused password (for the sites that I don't intend to share any private data), *at least* it was used on LinkedIn and many other websites.

I have several email communications between stevejobs807@gmail and other email accounts controlled by me, including a testing ticket for Bitcoinica's ZenDesk trial. The email address has never been publicised.

Important discovery in recent emails (all times are in UTC+8):

The hacker registered a Liberty Reserve account U9236056 at Jul 12, 2012 9:42 PM.

There was several emails from Liberty Reserve mentioning "Verification PIN". It can be seen that the liberty reserve account was accessed by at least: 78.108.63.44, 212.84.206.250 and 31.172.30.1.

There were many transactions done at F1ex.com, possibly used to launder Bitcoin. (I checked just now, F1ex.com provides anonymous fixed-rate BTC exchange service.)

The hacker signed up for OKPAY, with IP 31.172.30.1.

The hacker requested a sell-order on AurumXchange, totalling $5000, using the suspicious Liberty Reserve account mentioned by OP. A Chinese bank account was used (Account name: LIU HAIPENG, Account number: 6222020903006086032, Bank: INDUSTRIAL AND COMMERCIAL BANK OF CHINA).

Order link: https://www.aurumxchange.com/order/view/34011/e5b466248e041ebdf2ae793181a840dc

The hacker has also opened a ticket under his own name: https://www.aurumxchange.com/help/ticket.php?track=NLY-9AG-E468&Refresh=24195

He mentioned that I sold him the Mt. Gox codes at half price, which is absolutely not true. It seems that the hacker was trying to relate this event to me as an individual, and this possibly explains the reason that he wanted to "hijack" the email account. All my other email accounts did not have any suspicious access records and their passwords are all secure and different.

This is my *own* genuine transaction at AurumXchange: https://www.aurumxchange.com/order/view/33100/3c05a9a572379bf91620302cc9dd7d22

And my ticket to question the funds: https://www.aurumxchange.com/help/ticket.php?track=J6W-EY3-ZY2U&Refresh=47091

It's important to note that the first time I gained any knowledge about the email being misused is through this thread. Neither AurumXchange nor Mt. Gox has provided me any specific information about the suspicion. Otherwise I could have checked that email account earlier.

I'm willing to co-operate with any ongoing investigation and obviously I'm not trying to run away from this. I have already provided Mt. Gox with my certified copy of passport in an attempt to unlock my account with some Bitcoin balance.

Everybody have the right to a trial and due process of law, no matter how douchebag or guilty a person is.

Wikipedia article doesn't contains the word "embezzlement".

I believe it can be a fine, imprisonment or caning. http://en.wikipedia.org/wiki/Caning_in_Singapore

Agree, he better stay in China if he does not want to be extradited.

Its hard to say which jurisdiction will handle this . Interpol?

Stunned that anybody can suspend dis-belief in this matter to even type the words that Zhou might be innocent in this. Scammer Boy just got caught red-handed, time for some biblical justice to get served up.

Zhou 5k giveaway was very very suspicious of me,  He basicaly sent BTCs to anyone, affected or not.   Oh and BTW he didn't sent me shit.

I am thinking this could be a setup job by Zhou's 'friend'. Based on previous history, Zhou shows lot of integrity but not much "wise judgement".

But without evidence to back it up, it is a baseless speculation and we're relying on Zhou's word that it's a "friend". I hope a proper investigation will reveal more.

So are you saying that you used a different email when you sold the LR for your friend?

How would a hacker benefit from using the SJ email to have a wire sent to your bank account?


Judge me is intended to operate as a mediation service in civil matters.  It's not intended to handle criminal matters such as embezzlement.