|
Title: MtGox's claims seem to be correct: Bitcoins still with them Post by: relative on June 20, 2011, 12:30:51 PM I think you can confirm from blockexplorer that MtGox didn't loose a large amount of bitcoins.
This seems to be their offline address: http://blockexplorer.com/address/1KLahQtqDNAXvrjNyfvgSBtAhwco5ZxLp4 There was a transfer at 18:17, at the time MtGox noticed the attack according to this timeline: http://blog.zorinaq.com/?e=55 There were no transactions in that address before that! Some on this board claim the hacker sold and bought a large amount of coins at 0.01 to be able to withdraw 1000$ worth of coins at 0.01. if any of these 400k were affected, this would show up on this address. of course, noone knows how many coins were at MtGox above that 400k, but these 400k seem to be safe. they were transferred to multiple other addresses at aprox 22:00 in 50k chunks and are now sitting there. unless the hacker got hold of the private key of MtGox's offline deposit address, the large recorded transactions were MtGox's. Title: Re: MtGox's claims seem to be correct: Bitcoins still with them Post by: Epinnoia on June 20, 2011, 12:47:39 PM Some on this board claim the hacker sold and bought a large amount of coins at 0.01 to be able to withdraw 1000$ worth of coins at 0.01. Based on the interview last night, I think MtGox claimed that the $1000 worth of bitcoins was based on them being in the neighborhood of $5-$10 each, rather than $0.01 each. I don't much care for the explanation given about the 'auditor' being hacked. They're citing privacy reasons for not giving out the name of the auditor, when in fact it is ridiculous to have any audit performed by unnamed entities. It's the name of the auditor, and their credibility therefrom, which gives credence to the audits they perform. Not naming the auditor is extremely suspicious, in my opinion. When asked why the auditor needed access to the live database, it was claimed that the audit being performed was to ensure that MtGox wasn't manipulating quoted prices to their own benefit. That's all great, but only if the auditor is legitimate. And we have no way of knowing that the auditor is legitimate if we don't know who the auditor is. What use is an audit performed by unnamed entities? It's worthless! Title: Re: MtGox's claims seem to be correct: Bitcoins still with them Post by: relmeas on June 20, 2011, 12:53:43 PM how is it known that its that address?
i guess one could find out by making sure its the one used to transfer funds from the temporary addresses given out when adding funds to account... Title: Re: MtGox's claims seem to be correct: Bitcoins still with them Post by: relative on June 20, 2011, 12:57:09 PM how is it known that its that address? 1. there was only one large trade on this day. it originated from this address, which wasnt touched for a week before that. 2. apparently it was known before that day that this address belongs to MtGox, see for example: http://forum.bitcoin.org/index.php?topic=17897.0 Title: Re: MtGox's claims seem to be correct: Bitcoins still with them Post by: kjj on June 20, 2011, 01:04:14 PM Some on this board claim the hacker sold and bought a large amount of coins at 0.01 to be able to withdraw 1000$ worth of coins at 0.01. Based on the interview last night, I think MtGox claimed that the $1000 worth of bitcoins was based on them being in the neighborhood of $5-$10 each, rather than $0.01 each. I don't much care for the explanation given about the 'auditor' being hacked. They're citing privacy reasons for not giving out the name of the auditor, when in fact it is ridiculous to have any audit performed by unnamed entities. It's the name of the auditor, and their credibility therefrom, which gives credence to the audits they perform. Not naming the auditor is extremely suspicious, in my opinion. When asked why the auditor needed access to the live database, it was claimed that the audit being performed was to ensure that MtGox wasn't manipulating quoted prices to their own benefit. That's all great, but only if the auditor is legitimate. And we have no way of knowing that the auditor is legitimate if we don't know who the auditor is. What use is an audit performed by unnamed entities? It's worthless! I'm sure they would have been more than happy to name the auditor two days ago. But now, I can understand them keeping quiet. And at this point, do you really care what the financial auditor has to say, nameless or not? Sounds like they will be attempting to recover the losses from the auditor. Depending on how that goes, we'll probably find out their name when that is done. Title: Re: MtGox's claims seem to be correct: Bitcoins still with them Post by: Bruce Wagner on June 20, 2011, 01:30:21 PM As I said elsewhere.... There's a lot more coming out.
Today at 2pm ET we'll be interviewing LIVE.... the man behind the $5,000,000 trade.... . of Bitcoin at $0.01 each.... http://twitter.com/brucewagner/status/82786506330218497 Title: Re: MtGox's claims seem to be correct: Bitcoins still with them Post by: proudhon on June 20, 2011, 01:31:17 PM As I said elsewhere.... There's a lot more coming out. Today at 2pm ET we'll be interviewing LIVE.... the man behind the $5,000,000 trade.... . of Bitcoin at $0.01 each.... http://twitter.com/brucewagner/status/82786506330218497 WTF? Title: Re: MtGox's claims seem to be correct: Bitcoins still with them Post by: relative on June 20, 2011, 01:33:37 PM As I said elsewhere.... There's a lot more coming out. Today at 2pm ET we'll be interviewing LIVE.... the man behind the $5,000,000 trade.... . of Bitcoin at $0.01 each.... http://twitter.com/brucewagner/status/82786506330218497 that would be 500 mil. bitcoins. sensationalist? Title: Re: MtGox's claims seem to be correct: Bitcoins still with them Post by: bitclown on June 20, 2011, 01:38:16 PM As I said elsewhere.... There's a lot more coming out. You better have your microphones sorted out today... :)Today at 2pm ET we'll be interviewing LIVE.... the man behind the $5,000,000 trade.... . of Bitcoin at $0.01 each.... http://twitter.com/brucewagner/status/82786506330218497 Title: Re: MtGox's claims seem to be correct: Bitcoins still with them Post by: Clipse on June 20, 2011, 01:38:21 PM As I said elsewhere.... There's a lot more coming out. Today at 2pm ET we'll be interviewing LIVE.... the man behind the $5,000,000 trade.... . of Bitcoin at $0.01 each.... http://twitter.com/brucewagner/status/82786506330218497 GOD could you please stop injecting your own "company" at the expense of every single thread ? Its really becoming spammy. Title: Re: MtGox's claims seem to be correct: Bitcoins still with them Post by: just_someguy on June 20, 2011, 01:40:34 PM OMG Bruce, if this is true then my hat is off to you.
Title: Re: MtGox's claims seem to be correct: Bitcoins still with them Post by: F104 on June 20, 2011, 01:43:54 PM Quote It appears that someone who performs audits on our system and had read-only access to our database had their computer compromised. This allowed for someone to pull our database. The site was not compromised with a SQL injection as many are reporting, so in effect the site was not hacked. No, you weren’t hacked, you employed people with as much responsibility, professionalism, and sense of duty as you: none. It makes it OK that it was "someone else" and not Gox? Earlier, Gox blamed each victimized user even as the complaints mounted. Gox' character seems at the level of a 12 year old. Title: Re: MtGox's claims seem to be correct: Bitcoins still with them Post by: aral on June 20, 2011, 02:04:06 PM they should use some of these bitcoins to compensate the people whose money they lost through bad security
Title: Re: MtGox's claims seem to be correct: Bitcoins still with them Post by: Rob Lister on June 20, 2011, 02:10:34 PM I don't know how exchanges are regulated. I don't know what typical practices are. But this bothers me more than a little. I didn't have a gox account and I certainly don't intend to get one now.
Like I say, maybe their business practices are typical but... 1) why is the auditor unnamed? that should have been public information both before and after the incident. 2) why does an auditor have a copy of the exchange database (read-only or otherwise) on an unsecured machine? 3) why does the copy of the exchange database include the email and password columns? these are just a few questions. Title: Re: MtGox's claims seem to be correct: Bitcoins still with them Post by: airdata on June 20, 2011, 02:13:45 PM clipse : if bruce is going to get more info on this... it's not spam. Had i not seen it in this thread, i wouldn't know about it.
So Bruce : Are you saying you're going to have the guy who hacked mtgox on? Title: Re: MtGox's claims seem to be correct: Bitcoins still with them Post by: piuk on June 20, 2011, 02:14:39 PM Bit of discussion on reddit about this ttp://www.reddit.com/r/Bitcoin/comments/i4bee/follow_the_money_trail_was_the_432000_btc/ (http://www.reddit.com/r/Bitcoin/comments/i4bee/follow_the_money_trail_was_the_432000_btc/)
Title: Re: MtGox's claims seem to be correct: Bitcoins still with them Post by: Rob Lister on June 20, 2011, 05:55:49 PM I don't know how exchanges are regulated. I don't know what typical practices are. But this bothers me more than a little. I didn't have a gox account and I certainly don't intend to get one now. Like I say, maybe their business practices are typical but... 1) why is the auditor unnamed? that should have been public information both before and after the incident. 2) why does an auditor have a copy of the exchange database (read-only or otherwise) on an unsecured machine? 3) why does the copy of the exchange database include the email and password columns? these are just a few questions. have any of these questions been answered in another thread? Title: Re: MtGox's claims seem to be correct: Bitcoins still with them Post by: Chick on June 20, 2011, 05:59:37 PM ON A SIDE NOTE: 20000th THREAD HERE!
Title: Re: MtGox's claims seem to be correct: Bitcoins still with them Post by: Freakin on June 20, 2011, 06:00:43 PM I think the plan for teh hackers was to withdraw $1000 worth of BTC at $.01, but they likely expected the trade to be executed instantly.
Instead, the price steadily dropped for 10-15 minutes while everyone watched, then as soon as it was over tons of bids and asks were added and price immediately shot back up to $10-12. Adam Barr yesterday confirmed that only about 100-200 bitcoins were transferred out around the $10 mark, not hte 100,000BTC that people are speculating on. Title: Re: MtGox's claims seem to be correct: Bitcoins still with them Post by: Batouzo on June 20, 2011, 06:04:24 PM As I said elsewhere.... There's a lot more coming out. Today at 2pm ET we'll be interviewing LIVE.... the man behind the $5,000,000 trade.... . of Bitcoin at $0.01 each.... http://twitter.com/brucewagner/status/82786506330218497 Hey I seen that link before. Must you spam your websites each 5 posts in each thread each minute of each hour? Title: Re: MtGox's claims seem to be correct: Bitcoins still with them Post by: Bazil on June 20, 2011, 06:39:40 PM As I said elsewhere.... There's a lot more coming out. Today at 2pm ET we'll be interviewing LIVE.... the man behind the $5,000,000 trade.... . of Bitcoin at $0.01 each.... http://twitter.com/brucewagner/status/82786506330218497 That Kevin Day guy seems like the perpetrator to me. Should be track-able to see if he did it. |