PAY FOR INFORMATION - 600 BTC REWARD FOR IDENTITY OF HACKER

[mralbi]

yes, the bitcoin world is small.... and despite of all the mess i am in with my losses on bitmarket and with the hack, this is still from some point of view funny....

[1714077137]

1714077137

[1714077137]

1714077137

[1714077137]

1714077137

[DannyHamilton]

mralbi,

I've finished my program that scans the blockchain and uses the inputs from transactions to link addresses to a single entity that controls the list of addresses.  A person can keep addresses from being tied together by being careful to keep their bitcoins in separate wallets or using raw transactions for coin-control to avoid connecting addresses together in inputs, so the program will not be able to report those addresses that are carefully segregated.

Running the program, I find 901 addresses that can all be said to have been used in inputs by someone who has the private key to 1AFs9GrQyPQpN5W73RzizcEap1CQ7whPZT.

I've emailed the list to you.

[DannyHamilton]

Just discovered this website:
http://blockviewer.com/#1AFs9GrQyPQpN5W73RzizcEap1CQ7whPZT

Looks like my program missed a few addresses (the website reports 954 addresses controlled by the controller of 1AFs9GrQyPQpN5W73RzizcEap1CQ7whPZT).

It also shows a list of who they've sent transactions to and who they've received transactions from.  If you can positively identify any of the people who have engaged in transactions, they might be able to assist you in identifying.

[Herodes]

Just discovered this website:
http://blockviewer.com/#1AFs9GrQyPQpN5W73RzizcEap1CQ7whPZT

Looks like my program missed a few addresses (the website reports 954 addresses controlled by the controller of 1AFs9GrQyPQpN5W73RzizcEap1CQ7whPZT).

It also shows a list of who they've sent transactions to and who they've received transactions from.  If you can positively identify any of the people who have engaged in transactions, they might be able to assist you in identifying.

Would love for the first btc thief to be caught. It's a longshot, but not impossible, if the thief fucked up somewhere, there may be some leads back to him.

[hackjealousy]

The IP address corresponding to the owner of a Bitcoin address can be determined if the owner has bitcoind or bitcoin-qt listening on a publicly-available Internet address.

https://bitcointalk.org/index.php?topic=135856.msg1447232

[Anon136]

if you do track him down, please break an extra knee/elbow just for me.

[starsoccer9]

I would just like to claify the following things for a few people, the 600 btc reward isnt a 1 person reward it is a multi person reward given to the most helpful hints. The 600 BTC are also not given to anyone until the scammer is taken to court and looses. Weather he pays or not does not affect the reward. As far as the most helpful hints go, currently as per my talk with mralbi, danny and maceij(yes the bitmarket owner who stole/lost users bitcoins). Also As far as escrow goes it is not an option. i would recommend it as after speaking with mralbi his story changed multiple times but this seems the be the final view of how everything will go.

This isnt meant to rip mralbi just clarify what he conveniently seems to leave out as after i contacted him willing to provide him with info and link the people and he basically quickly changed how the reward went multiple times.

[mralbi]

thanks starsoccer for offering your help;-)

and also thanks for your clarification. Indeed the 600 btc is meant as total reward in case several hints in combination would lead to catch the guy.  It does NOT mean that when i receive 4 "small" hints that i pay 4 times 600 BTC = 2400 btc. Also, i do not pay the reward bitcions beforehand and especially not before i can see the information, like you proposed. Also not to an escrow service, It has to prove as useful first to catch the guy. But it is independent from the question if he later can actually pay back the stolen coins or not.

I have received really valuable hints so far from the admin from bitmarket.eu, from danny for the detailed block chain analysis with his tool(s) and also for personal info for the email address in this forum and i really hope these hints will help me further in this issue. But unless it is some totally new trace that gives me the hackers identity from A to Z the mentioned persons would get a good share of the reward.

An exception regarding pre-payment is of course when expenses are concerned. I am glad to pay for any expenses that search for information would cause (like data base access fees or whatever)

[hardcore-fs]

Just discovered this website:
http://blockviewer.com/#1AFs9GrQyPQpN5W73RzizcEap1CQ7whPZT

it is flawed, I have atleast one address with multiple transactions that do not even show up.....

[MysteryMiner]

What if thief turns himself in, will he receive additional 600 BTC?

And two factor authentication will bring more disasters and total coin loss than trojan horses on computer. Mobile phones are very susceptible to total data loss due to misplacing and water damage, accidental resets, hardware failures. Mobile phones are inherently anti-privacy devices, with remote data wiping features on some models.

If You cannot keep the computer secure like 90% of derps out there, then only way to go is using offline wallets with Armory. Run Armory on computer that have no network connection and create watching only copy on your primary computer. Sign large transactions on offline computer.

[Bitcoinpro]

considering 1 us could very easily jump to 1 satoshi with global acceptance

i reckon op dosn't quite realize the size of the target they really are maybe this will help

[ironcross360]

Where did you download your bitcoin client from? It might have been a binded file

dear all,
i have received NEW important information in this issue


the hacker also owns the key 1AFs9GrQyPQpN5W73RzizcEap1CQ7whPZT and his "real" email address is sam.rankin@me.com
he used IP address 97.106.160.84
on 2012-10-05 at 20:51:51

he used to mine on deepbit, but they do not hand out any info about their users and do not answer to my mails.


Maybe one of your guys are smart enough to get any useful information about this case


the 600 BTC reward are still available

[mralbi]

no, it was from the official website. I simply did the mistake and combined windows with pirate copies

[jargoman]

If it were me, I would reverse engineer the original binary that contained the keylogger. There is software that does this. The keylogger has to send the key events somewhere for him to receive them. Maybe they are sent directly to his computer. Another option would be to run the keylogger in a virtual machine and catch him in the act or even just run netstat -o to see where it's connecting to.

A long shot... You could install your own trojan in the virtual machine so that if he downloads the files and browses them he would be infected.

[ironcross360]

We already have his ip

If it were me, I would reverse engineer the original binary that contained the keylogger. There is software that does this. The keylogger has to send the key events somewhere for him to receive them. Maybe they are sent directly to his computer. Another option would be to run the keylogger in a virtual machine and catch him in the act or even just run netstat -o to see where it's connecting to.

A long shot... You could install your own trojan in the virtual machine so that if he downloads the files and browses them he would be infected.

[moni3z]

Your plan of action can only be to feed the keylogger into IDA Pro, and like above determine where the stolen wallets are going. Now jack that email address and steal from the stealer or flood it with false information, or flood it with your own trojans, or call the FBI and have them do nothing cuz Russia doesn't care.