Pages:
Author

Topic: Silk Road 2.0 hacked through malleability, ~4000 BTC STOLEN - page 8. (Read 28439 times)

member
Activity: 150
Merit: 10
It's going down because bitcoin is now vulnerable to hackers.

Is this why the BTC price is rocketing downwards atm? Because the thief is dumping all the stolen coins?
legendary
Activity: 1137
Merit: 1035
Bitcoin accepted here
legendary
Activity: 1310
Merit: 1000
4000 BTC is a lot.  hopefully we'll have free withdrawals next Silk Road 3.0 runaround

4000 BTC isn't a lot when the potential to make 2x that monthly in profit is available..
member
Activity: 70
Merit: 10
Someone needs to make a movie about Bitcoin.
member
Activity: 84
Merit: 10
4000 BTC is a lot.  hopefully we'll have free withdrawals next Silk Road 3.0 runaround
member
Activity: 112
Merit: 10
Quote
Any coins to which you don't have the private key are not yours, they are a ledger entry, so don't store coins anywhere except your wallet (cold storage is best), unless you absolutely have to.

Does Coinbase fall in this category?  I create the address using Coinbase, where is my private key??


Curious about this same question as to does Coinbase fall under this? 
vqp
newbie
Activity: 57
Merit: 0
Can anyone explain how this transaction malleability bug can be exploited to steal coins from a Bitcoin address? I thought it can only happen if you are an exchange, like Gox or Stamp, and people are making withdrawals.

loop:
deposit btc
withdraw btc
generate a new txid for the same transaction
get the new tx mined before the original
hope SR system has a bug and keep your balance intact if the original tx is not mined
go loop
hero member
Activity: 546
Merit: 500
Just a rumors from what i see
sr. member
Activity: 280
Merit: 250
Who cares?
The SR leaders are filthy filthy rich already.  They're not about to steal a few million and forgo billions in future earnings.


Would you rather rip some people off for a few million?

Or sit back collecting a fat daily paycheck that amounts to billions of dollars after several years.

Run with few million now, or  sit back and wait for feds to bust down your door while you make a bigger paycheck.

I'll take the few million now

This, and also +1
legendary
Activity: 1310
Merit: 1000
Release the source code and prove the bug is real and exploitable.



Hmm... billion dollar source code.. free... hmm... no

Seeing as 1.0 made the owner over 125k bitcoin in little to no time, I'm doubting the guy who owns 2.0 stole the coins, unless... the value is extremely high. Do the math, ruining your business for $2M when it can make you 100M in 2 years, if he needed money all he had to do was remove coins from the server that he cant back up if everyone at once wanted to withdrawal.

Now if there was like $50m on the server, yeah, I see it.

The SR leaders are filthy filthy rich already.  They're not about to steal a few million and forgo billions in future earnings.


Would you rather rip some people off for a few million?

Or sit back collecting a fat daily paycheck that amounts to billions of dollars after several years.

Run with few million now, or  sit back and wait for feds to bust down your door while you make a bigger paycheck.

I'll take the few million now

This only makes sense if
1. They're located somewhere the government cares.
2. They made the same foolish mistakes 1.0 did, such as use the same usernames on a website linked to your name, and your drug site at the same time.
3. 2.0 shuts down.
legendary
Activity: 3066
Merit: 1147
The revolution will be monetized!

allow me to translate:

"i took your coinz lol!"
That cracked me up.  Cheesy
hero member
Activity: 750
Merit: 601
Release the source code and prove the bug is real and exploitable.
hero member
Activity: 574
Merit: 500
Quote
Any coins to which you don't have the private key are not yours, they are a ledger entry, so don't store coins anywhere except your wallet (cold storage is best), unless you absolutely have to.

Does Coinbase fall in this category?  I create the address using Coinbase, where is my private key??
legendary
Activity: 2072
Merit: 1001
The SR leaders are filthy filthy rich already.  It would not make economic sense for them to steal a few million and forgo billions in future earnings.


Would you rather rip some people off for a few million and have them switch over to competing sites?

Or sit back collecting a fat daily paycheck that amounts to billions of dollars after several years?

How about getting a big fat paycheck before getting caught? And eventually they would.
newbie
Activity: 28
Merit: 0
The SR leaders are filthy filthy rich already.  They're not about to steal a few million and forgo billions in future earnings.


Would you rather rip some people off for a few million?

Or sit back collecting a fat daily paycheck that amounts to billions of dollars after several years.

Run with few million now, or  sit back and wait for feds to bust down your door while you make a bigger paycheck.

I'll take the few million now
legendary
Activity: 4256
Merit: 1313
Can anyone explain how this transaction malleability bug can be exploited to steal coins from a Bitcoin address? I thought it can only happen if you are an exchange, like Gox or Stamp, and people are making withdrawals.

I can't explain it to you, because it cannot happen.  This is a blatant lie, the OP stole everyone's coins and, as the other poster said, anyone stupid enough to leave coins on a hosted site dedicated to selling illegal products deserves to have their bitcoins stolen.

It can happen if withdrawals are automatic, requests for re-tries are automatic, and SR 2 used a transaction ID to confirm withdrawals were successful.  E.g.
1. A withdraws 10 BTC, tx ID 1
2. A successfully changes tx ID 1 to tx ID 1a (malleability)
3. A tells SR 2 that tx ID 1 never arrived
4. SR 2 checks and sees tx ID 1 is not in the block chain so reissues it.  (At least MtGox had a human at this step, but they fell for it too).
5. Goto step 1 until the wallet is drained.

Very poor programming since nothing is final until it is confirmed (including the tx id), and this should not have been automated.

Did this happen or did they take it?  Don't know.

Any coins to which you don't have the private key are not yours, they are a ledger entry, so don't store coins anywhere except your wallet (cold storage is best), unless you absolutely have to.

member
Activity: 84
Merit: 10
maybe we need a better system, where we send the dealer the bitcoins directly

or open a Medical Marijuana Clinic in florida



i need it for Depression/Anxiety/Insomnia

sr. member
Activity: 294
Merit: 250
тσ ¢σιи σя иσт тσ ¢σιи?
Also for what it is worth, there are far better markets out there if you are into that sorta thing.

Then again anyone who is smart enough already knows this. Wink
sr. member
Activity: 294
Merit: 250
тσ ¢σιи σя иσт тσ ¢σιи?
Bullshit story. The admins took it.



Bullshit.  The admins aren't dumb enough to damage a multi-billion dollar brand over a relatively small amount of money.



lol, just lol.


full member
Activity: 392
Merit: 116
Worlds Simplest Cryptocurrency Wallet
Sounds like someone took the coins and is blaming it on a "transaction malleability" hack...
Pages:
Jump to: