Pages:
Author

Topic: Someone sending out MilliBits (Read 16410 times)

sr. member
Activity: 374
Merit: 250
September 21, 2014, 10:49:04 PM
#52
mmmm id love a MILlibit!!  Grin
1Cg2eGH1mAxoP6dNK6zt5MhPKBJGm5n9hv
As much as this looks like spam at first glance, it is actually very well possible that this person would actually receive some amount of bitcoin to this address from laxo. I have google searched several "random" addresses that have had these transactions sent to and they all (that I have searched) have results that point back to this forum on the first or second result. As a result I would conclude that the addresses are being "mined" from posts on this forum
newbie
Activity: 56
Merit: 0
September 21, 2014, 11:18:28 AM
#51
Im getting a lot of trades of 0.00000001 or something from "fair cargo" or something like that . Weird
newbie
Activity: 59
Merit: 0
September 21, 2014, 10:30:15 AM
#50
mmmm id love a MILlibit!!  Grin
1Cg2eGH1mAxoP6dNK6zt5MhPKBJGm5n9hv
legendary
Activity: 2296
Merit: 1014
September 21, 2014, 08:30:41 AM
#49
that spam is annoying but well.... what to do
copper member
Activity: 686
Merit: 603
Electricity is really just organized lightning
September 21, 2014, 07:51:47 AM
#48
My address received this strange transaction lately. However, that address has not been written anywhere so the attacker had to just discover it from the block chain I suspect. Another theory is that this is some kind of bitcoin terrorism. People who have nice round balances in their cold storage get them ruined.

There are some interesting public notes there:
Public Note: Hey, give me back my 20 Bitcoin

Public Note: If you are reading this, please take some time to remember those who died 12 years ago today in the WTC attacks

Public Note: Whoever you are, you're epic.

edit:
there's some more suspicious activity, look this address: https://blockchain.info/address/1AgesqfafUHHpAWnmjj9g6TVqBGXk4ixxg

A lot of coins are sent to all possible addresses that start with 1Ag

According to Mendelejev's table, silver is Ag.

ONE MORE THEORY:
What if the attacker has targeted just one address? However, to make it less threatening it has added a bunch of other random addresses to the formula? Then people such as myself who get disturbed by this activity start making posts to this thread and are immediately connected to their address by the forum user.

and one more:
Some of the destination addresses have spent their input except this suspicious input. Maybe the attacker tries to pin point automated wallets? So if the suspicious input remains unspent but other balance is spent then there could be some automation in place which could be abused with the transaction malleability vulnerability.

All those addresses that start with 1Ag are Casascius Silver 1BTC Coins.
I own a Casascius Silver/Gold 1BTC: 1Ag5rhfvXE1KYGypZQAujxt3aL2Dy15hUN, which also has dust ( 1 satoshi... ) on it from 1Sochi... No harm publishing the address now that it has already been messed with.
I also have a Titan Tenth 0.1BTC which had 0.00006BTC sent to it just 4 days after it was funded by Titan, sent from 1Enjoy. Now don't get me wrong, free BTC is nice, but it really pisses me off that these are on physical coins, hence I have absolutely no way to remove said dust to get it back to a nice round balance again. Frustrating  Angry If it had been sent to a wallet that I actually have 'access' to, then I'd laugh and remove the dust, and send it to the miners.

Anyone know if this will somehow devalue physical coins like Casascius/Titan/Lealana etc? Or whether it doesn't really make any difference?
legendary
Activity: 2126
Merit: 1001
July 14, 2014, 10:43:27 AM
#47
Big numbers, I like.



Ente
sr. member
Activity: 250
Merit: 253
July 14, 2014, 09:44:55 AM
#46
But with bitcoin if that is done, that means the final hash (all that matters) is done from a limited set of characters of known length.

So generating a random sha256 sum and then doing repeated rinse and repeats *may* boost your odds of a collission.
2^256 is a really, really big number, though. I really doubt this constitutes a feasible attack.

Let's make up some numbers to show you what I mean: let's say that people typically repeat their hash 1 million times, and there are a million such addresses in use. 1 million * 1 million ~= 2^40. This means there are 2^40 random sha256 hashes that, if you repeatedly hash them up to 1 million times, will result in you spending someone else's money. Unfortunately, there are 2^256-2^40 (or roughly 2^256) sha256 hashes that do not result in anything useful.
legendary
Activity: 2126
Merit: 1001
July 14, 2014, 07:35:59 AM
#45
..for me, that's just another brainwallet :-)
You take some human-compatible input and create a 254bit string from it. Most will use a simple sha256() for this, but a somewhat advanced harvesting-bot would also try several sha256(), reversing the string, doubling the dtring and hashing again, etc.
Regular brute-force alteration.

The lesson should be: "you only have as many bits in your final result as the complexity of the input and the algorithm". Just because the final string is 256bit long, doesn't mean much.

Ente
full member
Activity: 168
Merit: 100
July 13, 2014, 03:48:15 PM
#44
3) It is completely senseless to "mine" for random addresses. It makes more sense to hunt for weak brainwallets.

Maybe.

I have a theory that a lot of private addresses are created by taking sha256 sum repeatedly without additional salts.
I've seen that tactic used a lot with website password hashes - they salt the initial hash but then do X additional hashes without salting.
That's probably fine for passwords, because brute forcing the last hash to be hashed doesn't get you the password.

But with bitcoin if that is done, that means the final hash (all that matters) is done from a limited set of characters of known length.

So generating a random sha256 sum and then doing repeated rinse and repeats *may* boost your odds of a collission.

And while finding a weak brain-wallet might still be higher odds, weak brain-wallet is not likely to have much coins because there are lots of people constantly looking for them to empty. So a lot of the collisions will have 0 balance when you check.
full member
Activity: 224
Merit: 100
VocalPlatform.com
July 13, 2014, 03:36:33 PM
#43
This is mysterious.  Shocked

And what stuff about Bitcoin isn't so mysterious ? Boom prices speculation oh yes...
legendary
Activity: 2126
Merit: 1001
jr. member
Activity: 34
Merit: 10
July 13, 2014, 12:47:01 PM
#41
topic is closed ?
legendary
Activity: 1049
Merit: 1006
July 13, 2014, 07:06:35 AM
#40
I wonder why they're giving to random addresses like this.
I'd like to get some more millibits Grin

Totally agree. Man up and send me a few whole bitcoins already! Cheesy
legendary
Activity: 1386
Merit: 1053
Please do not PM me loan requests!
July 12, 2014, 09:01:00 PM
#39
I wonder why they're giving to random addresses like this.
I'd like to get some more millibits Grin
newbie
Activity: 14
Merit: 0
July 12, 2014, 09:17:42 AM
#38
i'd like some more transactions from awesome addresses like 1Enjoy... and 1Sochi...
maybe something along the lines of 1Enjoy... 1Worldcup...  Cheesy
newbie
Activity: 57
Merit: 0
July 12, 2014, 09:14:28 AM
#37
Just got some on a few addresses, some even twice...has this mystery been solved yet?
legendary
Activity: 2126
Merit: 1001
June 04, 2014, 02:37:49 AM
#36
Generate as many address/key pairs as you can, continuously, using any method you think someone else might employ to generate their future wallet. Flit some coins in and out to get it's address showing up in your coind. Set up a script to watch your wallets. You'll need a farm of them. There is going to be some bumps with millions of accounts in 1 wallet. Each wallet gets a daemon to track the balance of the wallet, if it increases, withdraw the funds. Script the creation of new wallet nodes, deploy, expand. wait. Maybe you get lucky, maybe you waste a few thousand a year on hosting and electricity for generating endless keypairs. As more people create/move/transact, more addresses get used, the likelihood of success with this type of method increases as the coin becomes more adopted, which likely would increase it's value. If you hit a lucky address, it would be quite worth the effort. You probably never will, but again, with rpc calls, image deployment, cheap plug computers and botnets and ever decreasing hosted compute/cheaper arms coming along, there's very little investment in just creating endless keypairs and hoping for a rich twin one day. People bet on long shots all the time. On occasion they get lucky.

Just my random thought.

I should probably add the point of my mind exercise was not to advise you to actually do this, but to encourage not using a 'method' in building something that should provide security based on obscurity. It might also encourage more people to investigate multisig addresses.

Possible, but not be best way.
1) It would be more efficient to hunt for already used addresses, as the older addresses have more coins than the addresses in the future.
2) You don't need to actually send funds to an address to "watch" it. You generate billions of addresses, and check in the blockchain if any of those has funds on.
3) It is completely senseless to "mine" for random addresses. It makes more sense to hunt for weak brainwallets.

The address space is 256 bit. This is what that means, practically:



Ente
sr. member
Activity: 281
Merit: 250
June 04, 2014, 01:56:27 AM
#35
Most newcomers can't mine because the bar is set too high but faucets pay in MilliBits.
newbie
Activity: 5
Merit: 0
June 04, 2014, 12:40:34 AM
#34
Generate as many address/key pairs as you can, continuously, using any method you think someone else might employ to generate their future wallet. Flit some coins in and out to get it's address showing up in your coind. Set up a script to watch your wallets. You'll need a farm of them. There is going to be some bumps with millions of accounts in 1 wallet. Each wallet gets a daemon to track the balance of the wallet, if it increases, withdraw the funds. Script the creation of new wallet nodes, deploy, expand. wait. Maybe you get lucky, maybe you waste a few thousand a year on hosting and electricity for generating endless keypairs. As more people create/move/transact, more addresses get used, the likelihood of success with this type of method increases as the coin becomes more adopted, which likely would increase it's value. If you hit a lucky address, it would be quite worth the effort. You probably never will, but again, with rpc calls, image deployment, cheap plug computers and botnets and ever decreasing hosted compute/cheaper arms coming along, there's very little investment in just creating endless keypairs and hoping for a rich twin one day. People bet on long shots all the time. On occasion they get lucky.

Just my random thought.

I should probably add the point of my mind exercise was not to advise you to actually do this, but to encourage not using a 'method' in building something that should provide security based on obscurity. It might also encourage more people to investigate multisig addresses.
hero member
Activity: 728
Merit: 500
In cryptography we trust
February 18, 2014, 08:51:27 AM
#33


God bless you for understanding this, because I sure as heck don't.  I thought BTC was anonymous, and I didn't think I was putting myself and my BTC address at risk by sending BTC to another address.  If that's what you're saying, I'm nervous.

Errr... whoever told you bitcoin is anonymous was joking, because that's funny. It may be anonymous to regular folks, but it is NOT anonymous to governments with really powerful computers. Your spending patterns are as unique to you as your fingerprints. Human beings are creatures of habit. Let's say that you hypothetically enjoy delivery Chinese food with expensive liquor while watching heavyweight championship boxing. Prior to getting involved with bitcoin, your credit card transactions show that these are your preferences. Now, you are trying to stay hidden and use "anonymous" bitcoins to make your purchases instead. There is going to be a world heavyweight boxing match tonight so you run out to the local liquor store and buy a bottle of Dom Perignon, go home, and then order some delivery Chinese food, all with bitcoin. Your government's computers pick up this spending pattern on the blockchain, hack into Mr. Wok's servers and BAM! They've just located you. Most merchants have their wallets with coinbase or bitpay to isolate themselves from exchange rate risk and messy tax filings. That's how the government gets their hands on most merchant's bitcoin wallet addresses.

Or you like French food, expensive liquor, and buy a lotto ticket every Friday night at your local convenience store. All they'd have to do to catch you is wait for you at the local convenience store on Friday night.

Or... you get the picture.

If you were religious, I'd say that bitcoin is the mark of the beast!


You're funny, thx for the laugh
Pages:
Jump to: