[0Th]Ozcoin Pooled Mining |DGM 1%|Stratum+VarDiff port 80|NEW CN mining|

[BombaUcigasa]

Most of the bitcoin is now in this address: https://blockchain.info/address/1DsFCAZaxhJ9YGw5X8NCW9VkSMDZMyXzMF

Can this be marked as tainted so it is more difficult to exchange/spend it?

[Wave]

OZ site hacked, looks like "Toil" of somesite claiming responsability...

:-(

-Wave

Could you please provide more detailed information? There are some of us that are capable of doing something about this.

When I went to the site a picture of a young man appeared with a URL.  The summary of the site site Toil did it from URL XYZ.  I have PM'd you the URL that was listed.

[organofcorti]

@organofcorti
Yeah, i have seen that.
But website and minig machines had connection problems over the last days, so mining was ok, monitoring it was not.
Now the site is hacked/defaced/vandalized/whatevs, but what is with mining machines?
Do they work as they should, and all will resolve when website machines are back up, or is there a chance that idiot (not Graet) changed mining software and we all work into his pocket?
I bet the few people listening to this thread are only a few percent of oz users, most will not see any changes, just because they don't check the website often.

If there is a risk, someone should take the mining servers offline, just like mtred did. So there is no risk anyone loses faith/money/work, and as soon as all is up again, workers will resume to this pool.

wknight recommended moving miners at this time.

He is atm representing graet, so I'd consider mining elsewhere.

At least until Raize can provide me with an address where I can pay "Toil" Toil's enemy a friendly visit and tattoo "CUNT" his forehead.

[Raize]

EDIT: It's looking like this is a frame. Please disregard.

Toil, Runescape hacker, real name J A Rogers, previously lived with parents in Stonnington Council. Approximate age is 23/24. Regular on or possible owner of BugAbuse.net

I can't work on this right now, but someone else can pick up where I left off. Please don't turn this into a witch hunt, it is likely an attempted frame, but I do think contacting Mr. Rogers would be a worthwhile start, find out who his enemies are online. On the off-chance he was dumb enough to actually run his own defacing script, it could be easier, however.

I would be sure to contact j.a.rogers97@bigpond.com and make sure he archives any posts for the Toil account on his forum @ BugAbuse.net, contact the police regarding the theft immediately and get a case # so that you can give that to him, if this really is an Aussie hacker, Graet may still be able to recover all the coin.

More has already been done doxing this kid, he's been around:
[LINK REMOVED]

[amigaman]

Okay, i'm switching.
Also, toil spent 600btc on something.
That's a nice amount of whatever he's been paying for.

[mLiberty]

Just doing a few google searches, I highly doubt this "Toil" kid is the culprit. You don't steal over $100,000 and then attach your name and email address to the heist -- obviously it's an attempted misdirection/framing. "Toil" was apparently behind the hack of some RuneScape site (2006scape.com) and subsequent trolling, which resulted in many angered users wanting revenge.

http://archive.rebeccablacktech.com/g/thread/25776682
http://villavu.com/forum/archive/index.php/t-79630.html

Our hacker was either a guy who was pissed off by "Toil" (unfortunately this could be one person out of a few thousand, so it's not a solid lead at all).

I suggest we all leave "Toil" alone because he likely had nothing to do with this whole ordeal. By posting his personal information here and talking about paying him a visit etc... you're doing exactly what the hacker wants.

All we can do at this point is follow the coin trail. At the moment the majority of his coins are stored in a Blockchain.info wallet (we know this by the "relay by IP" information at blockchain.info).

1DsFCAZaxhJ9YGw5X8NCW9VkSMDZMyXzMF - ~600 BTC

Latest movement of coins: http://blockchain.info/tx/ec3470532c3dcbfd5e1db9f746da0eaaa0db583741ee9216299cc2018348211b
 - 11 BTC to 1Ka9aJYK3vr4QDn17axvacK59Dzs6EBDcB
 - 0.055 BTC to StrongCoin -- can someone explain this?

[Raize]

I suggest we all leave "Toil" alone because he likely had nothing to do with this whole ordeal. By posting his personal information here and talking about paying him a visit etc... you're doing exactly what the hacker wants.

Good point. He still might have an idea of who would have or could have done this. Additionally, he has IP logs of his visitors, they could be used to collaborate the hack on Ozcoin, and the attackers IP might have also visited a few specific locations on his forum prior to the defacement action.

There's a TON of reasons for him to be spoken to, none of which have to do with him being the culprit but most of which have to do with forensics.

[mLiberty]

I suggest we all leave "Toil" alone because he likely had nothing to do with this whole ordeal. By posting his personal information here and talking about paying him a visit etc... you're doing exactly what the hacker wants.

Good point. He still might have an idea of who would have or could have done this. Additionally, he has IP logs of his visitors, they could be used to collaborate the hack on Ozcoin, and the attackers IP might have also visited a few specific locations prior to the defacement action.

There's a TON of reasons for him to be spoken to, none of which have to do with him being the culprit but most of which have to do with forensics.

I just spoke to his father. I called the home phone number at <removed> because the mobile was disconnected. I asked if I was speaking to Joshua, and the guy who answered said he was his father. He sounded pretty displeased to get my call, and rightfully so because it's 2AM there. But he was still as helpful as he could possibly be.

I explained the situation as best I could and he told me he had no idea but he knew Josh had done some trolling stuff before on the Internet... that doesn't help us, but I still really doubt this is the kid.

I apologised for calling so late and let him go back to sleep. I probably got Joshua in trouble, regardless of whether or not he is the culprit. I feel kinda bad for that, although the kid does seem like a bit of a jerk anyway.

[glendall]

Holy crap. Terrible news. Sorry to hear that folks

[Jocky]

Of course, a large sum of money is stolen from a large group of people that trusted one guy to handle it. And within a few hours, somebody has been blamed for it. Not somebody that is hard to find, but somebody who is known for doing this stuff. And to make everything a little more easy for the trusted bloke to act like he's doing everything he can (while the real thief is picking a new jetski), the blamee left contact information.

This all makes me think about something that happened years and years ago, when I think of it, I think it was 2008 or something. But luckily, because this happened, we adopted a crypto-currency that was handled by a peer-to-peer network, for this should not happen again.

Keep. Your. Bitcoin. Safe. And. Keep. It. YOURSELF!

[organofcorti]

Of course, a large sum of money is stolen from a large group of people that trusted one guy to handle it. And within a few hours, somebody has been blamed for it. Not somebody that is hard to find, but somebody who is known for doing this stuff. And to make everything a little more easy for the trusted bloke to act like he's doing everything he can (while the real thief is picking a new jetski), the blamee left contact information.

This all makes me think about something that happened years and years ago, when I think of it, I think it was 2008 or something. But luckily, because this happened, we adopted a crypto-currency that was handled by a peer-to-peer network, for this should not happen again.

Keep. Your. Bitcoin. Safe. And. Keep. It. YOURSELF!

What, exactly, are you implying? Can you just state explicitly who you think the thief is? There's no need to be coy.

[ModusPwnd]

Keep. Your. Bitcoin. Safe. And. Keep. It. YOURSELF!

Kind of a trite and meaningless sentence to end on, dont you think? 

[Raize]

I just spoke to his father. I called the home phone number at [LINK REMOVED] because the mobile was disconnected. I asked if I was speaking to Joshua Rogers, and the guy who answered said he was his father. He sounded pretty displeased to get my call, and rightfully so because it's 2AM there. But he was still as helpful as he could possibly be.

Okay, I removed the link, if you could remove it from your post as well, that'd probably be best.

Also, I have to lol a little bit at calling them yourself, my post was meant for contact by Graet or OZcoin reps after they had a case # with the local police. I guess I shouldn't have assumed he wouldn't get a call.

[mLiberty]

I just spoke to his father. I called the home phone number at [LINK REMOVED] because the mobile was disconnected. I asked if I was speaking to Joshua Rogers, and the guy who answered said he was his father. He sounded pretty displeased to get my call, and rightfully so because it's 2AM there. But he was still as helpful as he could possibly be.

I explained the situation as best I could and he told me he had no idea but he knew Josh had done some trolling stuff before on the Internet... that doesn't help us, but I still really doubt this is the kid.

I apologised for calling so late and let him go back to sleep. I probably got Joshua in trouble, regardless of whether or not he is the culprit. I feel kinda bad for that, although the kid does seem like a bit of a jerk anyway.

Okay, I removed the link, if you could remove it from your post as well, that'd probably be best.

Also, I have to lol a little bit at calling them yourself, my post was meant for the call by Graet or OZcoin reps after they had a case # with the local police.

Done. Yeah, I don't really know what I was thinking by calling him. In hindsight I think all that call did was wake up some guy up and waste a minute of his time. Just trying to help in any way I can.

[clicksmoney]

Done. Yeah, I don't really know what I was thinking by calling him. In hindsight I think all that call did was wake up some guy up and waste a minute of his time. Just trying to help in any way I can.

Plenty of locals ie Aussie people here to do this properly in the proper jurisdiction. I'm awake with the same info in the same timezone but would never call.

Graet has taken financial responsibility now let him handle it. He doesn't need to be worrying about trouble stirred up like this as well. Best way to help is to not stress the guy out.

[rudrigorc2]

does not hurt to ask but, is graet email and forum account safe?

yes or no? I wish to contact him but I dont want to talk to the attacker.

[kano]

...
-could an address be added to a central repository (yes, centralization) that could track illegal activity?  You might be able to answer this since - can we track the IP of where the coins are received assuming they're downloaded into a wallet?  I know the coins don't literally exist in the wallet, the wallet is just a bunch of keys that unlock the transactions in the blockchain (or at least as I understand it).  But since the blockchain shows a lot of information such a coin origination and propagation, does it also show if a wallet was being used to receive the coins?

You can attempt to track the source of transactions, but not the source of the person receiving them - since you do not need to even be connected to the internet to receive, but only to spend them in a new transaction.

However tracking even the source of a transaction is not guaranteed, since someone can simply send it to another bitocind of their own choice and not send it to anyone else (but instead that target bitcoind propagates it for them)

...
-I know one of the key features of BTC is it's lack of centralization.  No overt governing authority making rules.  But that does not preclude people with a will and conviction to enforce ethical behavior.
...

IMO any enforcement is the first step to the end of bitcoin freedom.

Of course there will always be obvious cases of unethical behaviour, but who decides the boundaries that determine what is ethical and why should someone even be allowed to decide them?

This directly leads to the commonly mentioned concept of "Taint", however, I could point out something I have mentioned before:
If someone kills somebody and steals their wallet and spends the money at a supermarket, then you get that money as change, are you really guilty of any fractional part of that murder? Of course not.
Anyone who receives the money, and knows of the deed, maybe yes they are, but how do you decide which a person is?

The bottom line is, that it is indeed giving someone power and I am an absolute believer that that power is unnecessary and bad for bitcoin and also ... "Power corrupts, absolute power corrupts absolutely"
Next you'll have the religious nut cases claiming that buying Harry Potter with bitcoins is evil and any address that does that should be marked as Tainted ...

Simply put, let those who wish to chase down stolen coins, do it to their hearts content and even involve the police if they wish to, but making it part of the monetary system, I personally could never agree to it.

[rupy]

@all that don't understand

All addresses that receive coins from this address will ALWAYS be tainted with the "stolen" red ink. If the proxy (mixing service / Mt.Gox / private person paying cash / what the !@#$ ever) is prepared to take that risk that's ok, but in the future the services that use bitcoin WILL check the origin of EVERY satochi out there and trace it back to it's origin.

For example I'm writing bitcoin bank system right now, it will trace all stolen coins. If you as a user in my bank receive coins that originate from a stolen address, MY BANK WILL BLOCK YOUR SAVINGS my bank will return the funds to the victim and report your user as a vitness to the police if you dont send in the information about who owns that address.

END OF THIS DISCUSSION

[joris]

Earlier problems with stats, problems with payouts and now the pool is openly compromised. Could the run of bad luck been a result of 'stolen' hashpower? Some sort of man in the middle attack?

[gollum]

Why didnt you use offline wallet for 900 of the 1000 coins?