Topic: Public STATEMENT Regarding Bitcoinica account hack at MtGox - page 8. (Read 72899 times)

I'm sorry but,

• Who are you?
• Are you claiming you have evidence that LR account U9236056 is controlled by Zhou Thong? Could you really prove that?
• What do all those Chinese symbols in your post mean?

Thanks

New evidence shows that zhoutong is the hacker.

After Bitcoinica MtGox account compromised ,zhoutong sell LR in China.

日期:2012-7-12

Ryan(11853074) 20:03:18
6.2出LR，财付通付款

Ryan(11853074) 20:13:06
要多少有多少

Ryan(11853074) 20:13:12
我帮一个朋友出的

Ryan(11853074) 20:14:06
1万美元之内都没什么问题

Ryan(11853074) 20:17:18

LibertyReserve

And  zhoutong's LR account is :


zhoutong said The hacker registered a Liberty Reserve account U9236056 at Jul 12, 2012 9:42 PM.

So now everyone knows zhoutong is the hacker!!!

It would suprise me greatly if Zhou is responsible for this.
I do not have access to any first-hand evidence that would implicate Zhou.
I work on behalf of the fund that invested in Bitcoinica. I have no position of authority with Bitcoinica LP.
When it was made known to me that some suspected Zhou, my recommendation was to confront him privately for his explanation.

Speaking of that, Zhou I wanted your thoughts on the financial situation.
As you know, Bitcoinica went from cranking out 6-figure profit one month to
a flatline the next. I covered most of the deficit from the hack on the
assumption Bitcoinica profits would quickly fill in the rest. What's
happened instead is a consistent equity leak that has remained unresolved
for two months. We've gone from being short 40k to now being short 88k.

* The Liberty Reserve account used by the hacker is U9236056.
* The email address used by the hacker was [email protected].
* To my surprise, upon further examination of our order system, I found an order from Zhou Tong to sell Liberty Reserve to us for the amount of USD 40,000, requesting a wire to his bank account in Singapore. The amount for the order closely matches the total USD exchanged through us (after fees) using the MtGox USD codes stolen from the Bitcoinica account.
* This order was placed the next day the hacking attempts occurred. In addition, it should be noted that Zhou Tong has never dealt with us before as an exchange customer.
* This information was immediately sent to our two biggest trusted business partners: MtGox and Bitinstant in an effort to join forces to further investigate this situation.
* Mark Karpeles indicated that there was an account opened at MtGox using the email [email protected] sometime in 2011.
* Mark replied stating that there was activity on this account, that the account was opened using an IP address belonging to Microsoft Singapore, that Zhou Tong was known to have worked for said company at said location, that the email [email protected] have been verified, and that ALL activity on this account is linked to the MtGox account belonging to Zhou Tong.
* Mark has also indicated that the very first operation on the MtGox account opened with email [email protected] was the redeeming of a 10 BTC MtGox code generated from Zhou Tong's account.
* Charlie indicated that Erik Vorhees (a well known member of this community) has emails he exchanged with Zhou using the email address [email protected].

[email protected] was indeed my email account used for anonymous testing purpose, however I haven't been using it for a long time. I'm logging in the account to check the suspicious activity and I'll post relevant details as well.

The email account had a heavily-reused password (for the sites that I don't intend to share any private data), *at least* it was used on LinkedIn and many other websites.

So far we have only seen a lot of hype and only one flimsey connection of ZhouTong's involvement. The information was presented in order to frame ZhouTong in a suggestive manner which portrays him as a criminal. You are trying cases in the court of public opinion, this is very unprofessional even if it weren't slanderous.

Did the current owners of Bitcoinica do a security audit before they got financially involved in the company?

Is this an accurate timeline?

ZhouTong builds a valuable commodity, which transacts large quantities of pseudo-money.
Security conscious users probe the Bitcoinica system and find it vulnerable.
ZhouTong was warned about some weaknesses but defends his design decissions instead of looking to improve security.
Bitcoinica is cracked and a large amount of funds are moved out of Bitcoinica.
Dust settles then Bitcoinica's MtGox account gets cracked.
2 exchanges and 1 uninvolved company partner up and provide suggestive accusations which point at ZhouTong as the culprit.
Still, nobody mentions where the coins travel or sit.

The attack could have been carried out without ZhouTong being aware that a compromise had occurred. It's possible an attacker had unnoticed access for a long period of time in order to collect information and to plan the theft. If the attack occured without ZhouTong having been a colaberator in the heist, then a large group of people are spending a lot of time pointing a finger in his direction. So far we have only seen a lot of hype and only one flimsey connection of ZhouTong's involvement. The information was presented in order to frame ZhouTong in a suggestive manner which portrays him as a criminal. You are trying cases in the court of public opinion, this is very unprofessional even if it weren't slanderous.

Did the current owners of Bitcoinica do a security audit before they got financially involved in the company?

I was one of the first to predict that zhoutong had taken the money in an inside job.

I'm now going to predict that he'll discover his "acquaintance" took the money and it will be returned shortly.  

And I predict there will still be people that think he is innocent in all this...

I have located a suspect, his name is 陈建海(Chen Jianhai). He's NOT my friend and we have never met in person. He was one of my previous business associates because he's very familiar with credit card fraud and he advised me a lot (in terms of fraud prevention, of course) when I built my virtual goods payment processor in late 2010.

He has knowledge of my secret gmail address and I have once re-used the password in his web shop

His English is not very proficient and I'm sure that he's not reading this forum at the moment. I'm giving him a call now to persuade him to admit his wrong-doing and return the funds.

I'll post another thread soon.

I was one of the first to predict that zhoutong had taken the money in an inside job.

I'm now going to predict that he'll discover his "acquaintance" took the money and it will be returned shortly.  

And I predict there will still be people that think he is innocent in all this...

Even one of my banks has a limit of 12 character password with no symbols, and only one other bank has the option to disable email password resets.

I have located a suspect, his name is 陈建海(Chen Jianhai). He's NOT my friend and we have never met in person. He was one of my previous business associates because he's very familiar with credit card fraud and he advised me a lot (in terms of fraud prevention, of course) when I built my virtual goods payment processor in late 2010.

He has knowledge of my secret gmail address and I have once re-used the password in his web shop

His English is not very proficient and I'm sure that he's not reading this forum at the moment. I'm giving him a call now to persuade him to admit his wrong-doing and return the funds.

I'll post another thread soon.

Translated.

Yes, such a good investigation, and yet they can't prove anything and decided to release private customer information and libel against a customer in the process.

Class act.

Zhou, get a lawyer, but get one to sue these shmucks.



Instead, it's your job to libel against customers for things you have no proof of?


I'm gonna take a break from Bitcoin for a while. When I come back, I hope to see that it's returned to being Bitcoin again and not just a microversion of the US government with a bunch of hot-head businesses eager for attention.

Translated.

New evidence shows that zhoutong is the hacker.

After Bitcoinica MtGox account compromised ,zhoutong sell LR in China.

日期:2012-7-12

Ryan(11853074) 20:03:18

Selling LR funds for RMB6.2 each, to be paid through TenPay (http://www.tenpay.com)

Ryan(11853074) 20:13:06

I can sell whatever amount that you require (literal: I have unlimited funds)

Ryan(11853074) 20:13:12

I'm helping a friend to sell

Ryan(11853074) 20:14:06

Amounts below $10000 USD is okay.

Ryan(11853074) 20:17:18

LibertyReserve

And  zhoutong's LR account is :


zhoutong said The hacker registered a Liberty Reserve account U9236056 at Jul 12, 2012 9:42 PM.

So now everyone knows zhoutong is the hacker!!!

I'm sorry but,

• Who are you?
• Are you claiming you have evidence that LR account U9236056 is controlled by Zhou Thong? Could you really prove that?
• What do all those Chinese symbols in your post mean?

Thanks

I continue to be flabbergasted at the Bitcoinica clusterf*ck. How on earth any one with any sense thinks they should keep posting on a public forum when the threat of legal action hangs over their heads is beyond me.

Honestly- Zhou, why are you still writing on the forum? Just post a message: "My lawyer has advised me to give no further comment" and leave it at that (and of course, actually get a lawyer). You're insane to keep writing anything here. Everyones answer to everything at this point in time should be: "no comment".

As for AurumExchange and bitInstant, I can't see how either of you have any real right to post this information in the forums either. You obviously redacted some of it, knowing that it could be sensitive in a legal setting, but I think you really open yourselves up to some sort of legal action. Imagine if all this goes to trial, Zhou is cleared and he turns around and sues for liable? I think any court would ask first and formost, if he hasn't yet been convicted- why go public?

Anyway, this is insane that it continues. I guess part of us loves the drama, but for goodness sake stop the madness. With all the posts back and forth there is no way for none of you to have not contradicted yourselves in some technical way, and lawyers for whomever your opposing party may be will definitely pick every letter written apart to find it. Everyone go get lawyers and hush the heck up!

Post the court transcripts when ready, until then- don't work so hard at extending your potential sentences!