Maybe you should update the title of the thread, ....so that people don't freak out when they see it in the list of topics.
Thanks for the hands-up! 
Topic: [SOLVED]: possible compromise at bitdaytrade.com (Read 2074 times)
Bottom line: seems to be a false alarm, Problem solved
Maybe you should update the title of the thread, to use something like "[SOLVED] Discrepancies in withdrawals listing" so that people don't freak out when they see it in the list of topics.
...it was simply showing withdrawals not pertaining to the logged in account and gave the impression of an account compromission. We fixed all the issues at the moment of writing. Apologizes for all the troubles caused.
Agreed, the spurious withdrawal entries in the history are gone.
There are some additional details only exchanged in PM with Bitdaytrade. Especially I didn't mention on this public forum thread is that I didn't receive any confirmation mail for those withdrawals. This would line up with the explanation that these where just withdrawals belonging to another account.
Bottom line: seems to be a false alarm, Problem solved
The issue was caused by a bug in the Withdrawal history panel, it was simply showing withdrawals not pertaining to the logged in account and gave the impression of an account compromission. We fixed all the issues at the moment of writing. Apologizes for all the troubles caused.
BDT
BDT
ah hai grammar nazi, tell me.
kthxbye
kthxbye
Alberto has found and is fixing an issue that could be related to what Ichthyo is seeing.
You alas Ichthyo alas possible bitdaytrade shill. 
You keep using that word. I do not think it means what you think it means.
Wouldn't surprise me, makes sense from a controlled opposition perspective.
...possible bitdaytrade shill.
hey, come on. Would a shill point out possible technical problems as I did in the past? Doesn't make any sense for me.
...possible bitdaytrade shill.
hey, come on. Would a shill point out possible technical problems as I did in the past? Doesn't make any sense for me.
You alas Ichthyo alas possible bitdaytrade shill.
You have been warned that would happen.
Whom do you mean with "you"?
As far as I am concerned, I am rather relaxed, but want to find out if indeed, and in case where the weak spot would be on my side.
You have been warned that would happen.
- Bitdaytrade support was very responsive and helpful
- They didn't approve those suspicious withdrawals at first place, which indeed protected my BTC for now. Thanks!
- I didn't find any obvious signs of suspicios activity on my system (processes, logins, sudo). But need to have a more close look
Btw, if someone captured my password, this trojan must have hooked into my X server and capture the X clipboard, since I never type in those passwords. Does anyone know if this is a likely / typical / probable attack vector? How would an attacker correlate the contents of the clipboard with the specific website I'm accessing? Any thoughts?
Keylogger? Just an idea. Dont blast me... I am just trying to help 
of course anything is possible. Investigating my system right now.
Must have been an rather skillful and dedicated attempt. I won't claim that I'm running a high security system, but its for sure not the "average windows box"
Keylogger? Just an idea. Dont blast me... I am just trying to help
With this message, I want to put up a warning to everyone participating in the beta test of Bitdaytrade.com
Please excuse me in case I am overreacting --
it is not clear yet, if bitdaytrade.com had a breach, is just malfunctioning, or if just my account got hacked.
Anyway, when logging into the site right now, I've found that earlier this day 3 withdrawals had been initiated (now in processing state), which would result in removing all of the BTC in my underlying currency account. I've allerted the Bitdaytrade support, requesting to halt these transfers, if possible (they manually approve withdrawals).
The withdrawals where initiated at
2012-08-02 11:44:10
2012-08-02 09:15:56
2012-08-02 03:16:57
I am absolutely sure these weren't initiated by me. My PC was off during that time. I'm using secure passwords, access from a linux box, and changed my password just yesterday.
I'll follow up if I find out any new information
Update
Further investigation uncovered a bug in the display of withdrawals at Bitdaytrade.com
So these withdrawals turned out to belong to another customer, and just summed up to the size of my currency account by coincidence.
Please excuse me in case I am overreacting --
it is not clear yet, if bitdaytrade.com had a breach, is just malfunctioning, or if just my account got hacked.
Anyway, when logging into the site right now, I've found that earlier this day 3 withdrawals had been initiated (now in processing state), which would result in removing all of the BTC in my underlying currency account. I've allerted the Bitdaytrade support, requesting to halt these transfers, if possible (they manually approve withdrawals).
The withdrawals where initiated at
2012-08-02 11:44:10
2012-08-02 09:15:56
2012-08-02 03:16:57
I am absolutely sure these weren't initiated by me. My PC was off during that time. I'm using secure passwords, access from a linux box, and changed my password just yesterday.
I'll follow up if I find out any new information
Update
Further investigation uncovered a bug in the display of withdrawals at Bitdaytrade.com
So these withdrawals turned out to belong to another customer, and just summed up to the size of my currency account by coincidence.
Jump to: