Statement about the suspect of recent Bitcoinica hack - page 40.

Yankee (BitInstant)

legendary

Activity: 1078

Merit: 1000

Charlie 'Van Bitcoin' Shrem

Quote from: Matthew N. Wright on July 28, 2012, 10:45:48 PM

Hmm. BitInstant (whom Roger Ver is part owner of), MtGox and AurumXchange start a thread about how Zhou Tong is a hacker and a thief (advised by their attorney) which breaks all of their privacy agreements of their own companies and is basically libel.

MtGox listens to the advice of BitInstant's attorney, someone who doesn't even work for them.

They the whole boys club suddenly decides that Roger Ver, Charlie Shrem and company's attorney should be the one holding ALL customer funds for Bitcoinica with a vague condition of "until things get worked out" or something to that degree (which could be that Patrick Murck independently decides that Roger Ver should get paid out first, 100%, everyone else paid later for all we know).

It's obvious that Bitcoinica's lack of accountability and management of this issue is appalling, but come on guys-- you don't think there is any problem with this picture?

Excuse me. Please consult with me first before throwing stupid rumors across the forums.

BitInstant is not holding the funds nor has any part of this. I was consulted after it was done.

As far as I understand, the funds are being held in some kind of trust account.

Your free to speak to Patrick Murck about it yourself.

-Charlie

shockD

member

Activity: 93

Merit: 10

haha!!! Goddamn, Zhou, you really really should heed the advice of people telling you to zip your fucking trap and be quiet. You aren't helping yourself remotely.

repentance

hero member

Activity: 868

Merit: 1000

Many people have voiced the suspicion that the Rackspace intrusion was an inside job from the moment it was announced. Even if people accept at face value the extraordinary claims regarding the MtGox breach, it's not going to extinguish suspicion about the Rackspace compromise.

At this point in time, the only way that those involved with Bitcoinica are going to be freed from suspicion of having been involved in the Rackspace intrusion and/or MtGox compromise is if somebody else is identified as being responsible for those events by an independent investigation. Attributing the crimes to a third party who can't be held accountable means fuck all in the absence of actual evidence of their involvement.

Quote

The source code is the direct cause for the hack, because the LastPass master password was not redacted.

The hack happened on July 12, and the source code was released a few days before that.

You said yourself that the Rackspace intruder got all the information necessary to breach the MtGox account. The source code leak is not the only possible explanation for how it was compromised. There is no verifiable evidence of who hacked the MtGox account, only of where the funds from the intrusion were sent.

I agree with Matthew that the information which AurumXchange gathered should not have been made public.

vampire

hero member

Activity: 574

Merit: 500

Quote from: zhoutong on July 29, 2012, 12:31:49 AM

Another disclosure:

I detected two vulnerabilities in ExchB (hope you guys still remember this exchange) last year and I returned the money I "stole" from them actively after the hack.

I also wanted to test whether Mt. Gox had the same problem, so I created the account using my stevejobs email. I didn't want to use my own account for this testing. And Mt. Gox was secure enough that I failed to exploit.

So the fact is that you were actively exploiting exchanges for bugs. While of course forgetting to secure your own.

Keep adding evidence against yourself.

Rarity

full member

Activity: 182

Merit: 100

Look upon me, BitcoinTalk, for I...am...Rarity!

Quote from: vampire on July 29, 2012, 12:27:30 AM

Quote from: dree12 on July 29, 2012, 12:21:34 AM

It would also make a lot of sense if you replace aurumxchange with Zhou.

Bitcoinica was a mass-marketing ploy. They are the same identity: notice how Bitcoinica offered aurumxchange as a service. Zhou/aurumxchange decided to initiate a mass-marketing campaign, and started Bitcoinica. After bootstrapping on Intersango's fame, aurumxchange became increasingly frustrated at the Consultancy's control, preferring to further advance aurumxchange's recognition. The Rackspace "hack" was initiated to regain control over Bitcoinica, and to create commotion. After the Consultancy refused to relinquish control, Bitcoinica was written off. Aurumxchange began contemplating the best time to begin mass-marketing with the remnants of it. Zhou/aurumxchange then decided to transfer a large amount of claimed funds, claiming theft. As Zhou's identity was written off along with Bitcoinica, aurumxchange continued arguing to gain exposure.

I don't know what you've just said. I am operating on facts.

The fact is: I have no idea what aurumxchange does. Never visited the site. So far they've failed to market whatever products they want sell to me. I assume they do some kind of exchange...

If you are operating on "facts" maybe you should learn enough about this situation to know who the major players in it are before you accuse people of being thieves.

vampire

hero member

Activity: 574

Merit: 500

Quote from: zhoutong on July 29, 2012, 12:28:16 AM

]

The hacker didn't steal from me. Why should I file a police report?

I'm obviously more pissed off because of AurumXchange, and people like you, rather than the hacker or Bitcoinica.

The source code is the direct cause for the hack, because the LastPass master password was not redacted.

The hack happened on July 12, and the source code was released a few days before that.

Like me stating facts? Whoops, like a fact:

That the hacker stole your identity and used it to steal funds from your (ex-) company? That's a crime.

As I said in this forum, we had no idea about the source code leak. Where is your prove that the source code was leaked to the Chinese bitcoin community, and then that some co-worker of the hacker told him so?

Coinoisseur

sr. member

Activity: 336

Merit: 250

Because they involved your account in the crime and also, according to you (Zhou Tong) used it for credit card fraud. People file police reports for much, much smaller thefts. Insurance companies have people file reports as a sign of honesty. Lots of reasons to file a report.

Quote from: zhoutong on July 29, 2012, 12:28:16 AM

The hacker didn't steal from me. Why should I file a police report?

zhoutong

vip

Activity: 490

Merit: 502

Another disclosure:

I detected two vulnerabilities in ExchB (hope you guys still remember this exchange) last year and I returned the money I "stole" from them actively after the hack.

I also wanted to test whether Mt. Gox had the same problem, so I created the account using my stevejobs email. I didn't want to use my own account for this testing. And Mt. Gox was secure enough that I failed to exploit.

zhoutong

vip

Activity: 490

Merit: 502

Quote from: vampire on July 29, 2012, 12:24:55 AM

Quote from: zhoutong on July 29, 2012, 12:14:14 AM

That email was protected with my weakest password that I reused everywhere and even shared with some other people. I didn't have to protect that email at all because it's meant to be semi-sockpuppet anyway.

He had access to source code after genjix released it.

Chris Heaslip's Mt. Gox account was stored alongside Wendon's in the LastPass. Obviously he didn't know which one had more money so he logged in to both.

I know a lot of his personal information (especially his and his wife's bank accounts and address), and I threatened to report to police if he didn't agree to refund.

I don't know where you got all the misleading information from.

What you mean misleading, it's from YOUR post here! Mine interpretation, but the facts are yours.

The source code was leaked after the hack as far we know. No one in this forum knew about the source code prior to genjix posting it and then deleting it.
Now this hacker dude gets off easily because he sends money back? Why don't you file a police report now?

The hacker didn't steal from me. Why should I file a police report?

I'm obviously more pissed off because of AurumXchange, and people like you, rather than the hacker or Bitcoinica.

The source code is the direct cause for the hack, because the LastPass master password was not redacted.

The hack happened on July 12, and the source code was released a few days before that.

vampire

hero member

Activity: 574

Merit: 500

Quote from: dree12 on July 29, 2012, 12:21:34 AM

It would also make a lot of sense if you replace aurumxchange with Zhou.

Bitcoinica was a mass-marketing ploy. They are the same identity: notice how Bitcoinica offered aurumxchange as a service. Zhou/aurumxchange decided to initiate a mass-marketing campaign, and started Bitcoinica. After bootstrapping on Intersango's fame, aurumxchange became increasingly frustrated at the Consultancy's control, preferring to further advance aurumxchange's recognition. The Rackspace "hack" was initiated to regain control over Bitcoinica, and to create commotion. After the Consultancy refused to relinquish control, Bitcoinica was written off. Aurumxchange began contemplating the best time to begin mass-marketing with the remnants of it. Zhou/aurumxchange then decided to transfer a large amount of claimed funds, claiming theft. As Zhou's identity was written off along with Bitcoinica, aurumxchange continued arguing to gain exposure.

I don't know what you've just said. I am operating on facts.

The fact is: I have no idea what aurumxchange does. Never visited the site. So far they've failed to market whatever products they want sell to me. I assume they do some kind of exchange...

vampire

hero member

Activity: 574

Merit: 500

Quote from: zhoutong on July 29, 2012, 12:14:14 AM

That email was protected with my weakest password that I reused everywhere and even shared with some other people. I didn't have to protect that email at all because it's meant to be semi-sockpuppet anyway.

He had access to source code after genjix released it.

Chris Heaslip's Mt. Gox account was stored alongside Wendon's in the LastPass. Obviously he didn't know which one had more money so he logged in to both.

I know a lot of his personal information (especially his and his wife's bank accounts and address), and I threatened to report to police if he didn't agree to refund.

I don't know where you got all the misleading information from.

What you mean misleading, it's from YOUR post here! Mine interpretation, but the facts are yours.

The source code was leaked after the hack as far we know. No one in this forum knew about the source code prior to genjix posting it and then deleting it.
Now this hacker dude gets off easily because he sends money back? Why don't you file a police report now?

dree12

legendary

Activity: 1246

Merit: 1077

Quote from: vampire on July 29, 2012, 12:08:56 AM

This is why I don't believe Zhou.

Zhou claimed:

That his business associate stole his password when he signed up on a website.
That his business associate had access to the source code prior to anyone else.
That his business associate knew who was Chris Heaslip!
That his business associate quickly decides to return funds when confronted!

Now replace the business associate with Zhou.. And it makes a lot of sense.

He had access to the email, which he havent used in a while.
Knew the password for lastpass and the source code.
Knew all the people in bitcoinica.
And of course had access to the stolen funds.

This is the evidence just from Zhou, not aurumxchange.

It would also make a lot of sense if you replace aurumxchange with Zhou.

Bitcoinica was a mass-marketing ploy. They are the same identity: notice how Bitcoinica offered aurumxchange as a service. Zhou/aurumxchange decided to initiate a mass-marketing campaign, and started Bitcoinica. After bootstrapping on Intersango's fame, aurumxchange became increasingly frustrated at the Consultancy's control, preferring to further advance aurumxchange's recognition. The Rackspace "hack" was initiated to regain control over Bitcoinica, and to create commotion. After the Consultancy refused to relinquish control, Bitcoinica was written off. Aurumxchange began contemplating the best time to begin mass-marketing with the remnants of it. Zhou/aurumxchange then decided to transfer a large amount of claimed funds, claiming theft. As Zhou's identity was written off along with Bitcoinica, aurumxchange continued arguing to gain exposure.

zhoutong

vip

Activity: 490

Merit: 502

Quote from: vampire on July 29, 2012, 12:08:56 AM

This is why I don't believe Zhou.

Zhou claimed:

That his business associate stole his password when he signed up on a website.
That his business associate had access to the source code prior to anyone else.
That his business associate knew who was Chris Heaslip!
That his business associate quickly decides to return funds when confronted!

Now replace the business associate with Zhou.. And it makes a lot of sense.

He had access to the email, which he havent used in a while.
Knew the password for lastpass and the source code.
Knew all the people in bitcoinica.
And of course had access to the stolen funds.

This is the evidence just from Zhou, not aurumxchange.

That email was protected with my weakest password that I reused everywhere and even shared with some other people. I didn't have to protect that email at all because it's meant to be semi-sockpuppet anyway.

He had access to source code after genjix released it.

Chris Heaslip's Mt. Gox account was stored alongside Wendon's in the LastPass. Obviously he didn't know which one had more money so he logged in to both.

I know a lot of his personal information (especially his and his wife's bank accounts and address), and I threatened to report to police if he didn't agree to refund.

I don't know where you got all the misleading information from.

vampire

hero member

Activity: 574

Merit: 500

This is why I don't believe Zhou.

Zhou claimed:

That his business associate stole his password when he signed up on a website.
That his business associate had access to the source code prior to anyone else.
That his business associate knew who was Chris Heaslip!
That his business associate quickly decides to return funds when confronted!

Now replace the business associate with Zhou.. And it makes a lot of sense.

He had access to the email, which he havent used in a while.
Knew the password for lastpass and the source code.
Knew all the people in bitcoinica.
And of course had access to the stolen funds.

This is the evidence just from Zhou, not aurumxchange.

repentance

hero member

Activity: 868

Merit: 1000

Quote from: Bitcoin Oz on July 28, 2012, 11:18:04 PM

How is everyone going to get money back from bitcoinica if all the principles have quit ? Maybe they should also transfer all remaining funds to Patrick Murck

People have been suggesting that the processing of refunds be done by a third party since soon after the Rackspace hack. Nobody wanted to pay for a lawyer or accountant to oversee the process.

stochastic

hero member

Activity: 532

Merit: 500

So when is the person that stole the funds going to have criminal charges brought against them?

zhoutong

vip

Activity: 490

Merit: 502

Quote from: Bitcoin Oz on July 28, 2012, 11:18:04 PM

How is everyone going to get money back from bitcoinica if all the principles have quit ? Maybe they should also transfer all remaining funds to Patrick Murck

In my opinion this is a highly viable option.

Bitcoin Oz

hero member

Activity: 686

Merit: 500

Wat

How is everyone going to get money back from bitcoinica if all the principles have quit ? Maybe they should also transfer all remaining funds to Patrick Murck

Coinoisseur

sr. member

Activity: 336

Merit: 250

That would probably bring this whole theft into the purview of a court system. I'm sure he's quaking in his boots.

Quote from: Matthew N. Wright on July 28, 2012, 10:46:54 PM

Quote from: ?? on ??

Quote from: vampire on July 28, 2012, 10:33:44 PM

Quote from: dree12 on July 28, 2012, 10:30:52 PM

I'm still not sure why everyone seems to believe Zhou stole the funds. At this point, it's becoming increasingly obvious that he didn't.

Really? He found a hacker, talked to him and got funds back? From a multimillionaire?

If that guy was real, it would be impossible to prove that he stole money. IMPOSSIBLE. Nice story that Zhou registered his email account at that guy online website?

LOL!

dree12 and rarity are either sock puppets, or complete lunatics... Asking for a round of applause for Zhou ... LOL ... I felt like Alice going the rabbit hole reading that.

He deserves a round of applause for not suing -you- yet for breaking your privacy agreement with him when he signed up at your exchange.

zhoutong

vip

Activity: 490

Merit: 502

If was the thief, I pretty much deserved the public accusations.

But, please, for the sake of the tiniest possibility of my innocence in your rational mind, consider the hurt and pressure on a victim that is definitely not better off in this situation.

I'm working to get this sorted out and trying to get the money returned to Bitcoinica's creditors (not Bitcoinica). Can you imagine the stolen funds can be returned faster than the not-stolen funds held by a company that every single responsible person has quit?

Topic: Statement about the suspect of recent Bitcoinica hack - page 40. (Read 136139 times)