Bitcoin Forum
December 04, 2016, 04:19:12 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 5 6 7 8 [9]  All
  Print  
Author Topic: If your Mt. Gox account has been compromised, PLEASE READ.  (Read 33025 times)
stubeans
Newbie
*
Offline Offline

Activity: 7


View Profile
June 22, 2011, 05:10:27 AM
 #161

Because every (semi-)private channel on the internet is Lulzsec.
and how did you get in that channel to begin with? why do you appear so close to lulzsec members such that you're allowed to freely enter and chat as old friends? with your litany of VPN logins? why so many VPN logins, anyhow? guilty by association? probably? moo? i like question marks?

Quote
Because I totally did not encourage users to change their passwords to something stronger and completely unlike their current password.
You pretend to be a friend, then exploit the info you gather. Isn't that what SE and intel gathering in general is all about?

Quote
Because I am totally a completely evil person whose only mission in life is to gather statistics on passwords that are not used anymore, to throw them into my magical hat and magically get all new passwords and usernames of everyone in the universe!
You may or may not be evil, but you do seem to associate with those online that have less than stellar characters. why?

Quote
Because trying to spread fear has worked the past few times something like this happened.
fear? i'm giving people food for thought. it's obvious that some here need that type of nourishment, no?

Quote
Go do something constructive instead of accusing people of things they have no involvement with.
considering that i'd otherwise be sleeping on a mattress of the highest quality, i think my time this morning has been quite productive!
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480825152
Hero Member
*
Offline Offline

Posts: 1480825152

View Profile Personal Message (Offline)

Ignore
1480825152
Reply with quote  #2

1480825152
Report to moderator
1480825152
Hero Member
*
Offline Offline

Posts: 1480825152

View Profile Personal Message (Offline)

Ignore
1480825152
Reply with quote  #2

1480825152
Report to moderator
osborn_20
Newbie
*
Offline Offline

Activity: 12


View Profile
June 22, 2011, 05:19:41 AM
 #162

Last 2 days I receive tons of email like this

Quote
Dear Mt.Gox user,

Our database has been compromised, including your email...

The joke about, I've never registered to Mt. Gox. Is Mt. Gox in colaboration with this forum? Or any officiel Bitcoin site?
If playing world of warcraft taught me anything is that you cant trust any link coming from an Email anymore.

Every email address can be faked, the only way to be sure is to read the headers.

Am starting to hate being paranoid to everything online Sad.

Only way to find some rest is with linux.
MrAnderson
Member
**
Offline Offline

Activity: 81



View Profile
June 22, 2011, 07:54:49 AM
 #163

Now that mtgox closed their exchange, how can I tell if I got hacked?

I have read people mention that they checked the "dump" and found their info in it with their email changed (or not changed). Where is this dump?

EDIT: Google Mail just asked me to verify myself due to suspicious activity.  I did use the same 9 char. password as my email on mtgox.

I'm scared.

Yes, you are on the list, along with your gmail address, number 3419 out of 61,016 users listed at MtGox.

Understand that the passwords are not directly readable, and must be run through some fairly intense computational power to crack. Very similar to the way BitCoins are mined, actually. Takes a *long* time...

However, I had a 20 character password, using both letters and numbers, and exclusive to MtGox. Looks like my email address was changed in my account and I can't log into my account. I have to assume it lost.

Just change all your passwords that are similar and associated with that address.

Is this the 61k email logins leaked by Lulzsec?

>>> 1BcfL1QAZsxtpd92YYsbvDyih45mwA9xSo << Willing to endure the cringe-worthy Australian stereotypes for donations.

I'll wrestle a crocodile, show you my knife, throw shrimp on the BBQ, F**k your wife. Tongue
stubeans
Newbie
*
Offline Offline

Activity: 7


View Profile
June 22, 2011, 10:52:54 AM
 #164

I consider myself a purveyor of only the finest newspapers throughout the land. So lo and behold when I launch the Guardian today and see this article on my iPad - http://www.guardian.co.uk/technology/2011/jun/21/lulzsec-hacker-group-who-belongs

Quote
The group is small – less than 10 or so. (This is confirmed separately by security researcher Rik Ferguson of Trend Micro, who comments that "it seems to be a tight-knit group – it only needs to be a few people, since all they need is a Twitter account and a web page. There's no evidence that they're a particularly sophisticated group.)

The members, according to Imperva:

• "Sabu" – HBgary hacker. Seems to be the leader.

• "Nakomis" – Coder, rumoured to be one of coders of the PHPBB bulletin board.

• "Topiary" – handles finance, such as donations and payment for services (eg botnets)

• "Tflow" – Hacker. (Rumoured.)

• "Kayla" – Hacker. Owns a big botnet.

• "Joepie91" – Website admin.

• "Avunit" - No more detail.

From hacker discussion forums, it seems they might get arrested as soon as many "real world" details on their identities get revealed, suggests Tal Be'ery.
I'm outraged they capitalized Joepie's handle, when clearly it isn't. This will be resolved, I swear!
jeanjean
Newbie
*
Offline Offline

Activity: 3


View Profile
June 22, 2011, 11:38:43 AM
 #165

Ahah so it seems that after having my www.mybitcoin.com harvested from 0.5 BTC, I fell for social engineering from joepie91... O_o

Thanks stubeans. Great investigation !
Octavian
Newbie
*
Offline Offline

Activity: 25



View Profile
June 22, 2011, 12:54:03 PM
 #166

Thank you for sharing this information.

As I myself thought previously it's a spin-off of Anonymous collective,
this idea is affirmed, alas still no proof.

For Donations: 186rn8UANAARsnAQp9dDoGThK983B8p41A
joepie91
Sr. Member
****
Offline Offline

Activity: 294


View Profile
June 22, 2011, 01:47:07 PM
 #167

Because every (semi-)private channel on the internet is Lulzsec.
and how did you get in that channel to begin with? why do you appear so close to lulzsec members such that you're allowed to freely enter and chat as old friends?
Because I was invited to that channel by a few friends, as is usually the case when someone gets into a "private" channel.
Quote
with your litany of VPN logins? why so many VPN logins, anyhow? guilty by association? probably? moo? i like question marks?
VPN logins? I have only used two VPNs, to avoid my connection getting (D)DoSed to shit every time I connect to an IRC network that doesn't offer masking.
Quote
Quote
Because I totally did not encourage users to change their passwords to something stronger and completely unlike their current password.
You pretend to be a friend, then exploit the info you gather. Isn't that what SE and intel gathering in general is all about?
How can I possibly exploit that information?
Quote
Quote
Because I am totally a completely evil person whose only mission in life is to gather statistics on passwords that are not used anymore, to throw them into my magical hat and magically get all new passwords and usernames of everyone in the universe!
You may or may not be evil, but you do seem to associate with those online that have less than stellar characters. why?
Because that's life? People I know (from Anonymous) just happened to be involved with Lulzsec, that is not something I have control over.
Quote
Quote
Because trying to spread fear has worked the past few times something like this happened.
fear? i'm giving people food for thought. it's obvious that some here need that type of nourishment, no?
You are doing the exact same thing that people like @fakegregghoush have been doing for the past few months - making remarks implying you know more about me than other people do, trying to scare me off. It's getting old.

I consider myself a purveyor of only the finest newspapers throughout the land. So lo and behold when I launch the Guardian today and see this article on my iPad - http://www.guardian.co.uk/technology/2011/jun/21/lulzsec-hacker-group-who-belongs

Quote
The group is small – less than 10 or so. (This is confirmed separately by security researcher Rik Ferguson of Trend Micro, who comments that "it seems to be a tight-knit group – it only needs to be a few people, since all they need is a Twitter account and a web page. There's no evidence that they're a particularly sophisticated group.)

The members, according to Imperva:

• "Sabu" – HBgary hacker. Seems to be the leader.

• "Nakomis" – Coder, rumoured to be one of coders of the PHPBB bulletin board.

• "Topiary" – handles finance, such as donations and payment for services (eg botnets)

• "Tflow" – Hacker. (Rumoured.)

• "Kayla" – Hacker. Owns a big botnet.

• "Joepie91" – Website admin.

• "Avunit" - No more detail.

From hacker discussion forums, it seems they might get arrested as soon as many "real world" details on their identities get revealed, suggests Tal Be'ery.
I'm outraged they capitalized Joepie's handle, when clearly it isn't. This will be resolved, I swear!

And surprise surprise! The Guardian article is based on the Imperva article, which in turn is based on the same leaked IRC logs that were claimed to be from Lulzsec but were not.

I suggest you actually respond to some of the things I said before, instead of throwing allegation after allegation.

Like my post(s)? 12TSXLa5Tu6ag4PNYCwKKSiZsaSCpAjzpu Smiley
Quote from: hawks5999
I just can't wait for fall/winter. My furnace never generated money for me before. I'll keep mining until my furnace is more profitable.
stubeans
Newbie
*
Offline Offline

Activity: 7


View Profile
June 22, 2011, 02:14:21 PM
 #168

http://blog.imperva.com/2011/06/lulzsec-profile-who-are-they.html

doesn't seem like Imperva is using that log at all? is it SOP to obfuscate the allegations by claiming they all come from a single discredited source?

Quote
Joepie is a current member of Anonymous, and operates a number of websites used by the group.  He feels he is operating legally in his participation in the group, as long as he is only offering material support.  Logs show him to be a full participant with access to private irc rooms, but he appears to feel he is committing no crimes as long as he personally abstains from accessing websites, a position he also took during the HBGary intrusion.
Joepie is a bitcoin supporter/enthusiast, and seems to have encouraged its use by the group.

the profile written about you seems to fit you to a T. you don't deny the veracity of the logs, nor being an active member of the(se) chat room(s), nor having them as your friends. but the tone of the conversation indicates you're there for a slightly higher purpose than mere socialization. i haven't a clue as to whether you're the webmaster/designer, but if that's the depth of your work for Lulzsec then congratulations, i suppose? Bin Laden's driver was given 66 months in Guantanamo, a miscarriage of justice that I hope doesn't befall you.

for everyone reading this - accept my apology on how i've mislead you. it's obvious you should trust an individual with links to hacker groups asking publicly for the composition of your old passwords and whether they were reused on other sites with the same user name.
joepie91
Sr. Member
****
Offline Offline

Activity: 294


View Profile
June 22, 2011, 02:49:26 PM
 #169

http://blog.imperva.com/2011/06/lulzsec-profile-who-are-they.html

doesn't seem like Imperva is using that log at all? is it SOP to obfuscate the allegations by claiming they all come from a single discredited source?

Quote
Joepie is a current member of Anonymous, and operates a number of websites used by the group.  He feels he is operating legally in his participation in the group, as long as he is only offering material support.  Logs show him to be a full participant with access to private irc rooms, but he appears to feel he is committing no crimes as long as he personally abstains from accessing websites, a position he also took during the HBGary intrusion.
Joepie is a bitcoin supporter/enthusiast, and seems to have encouraged its use by the group.

the profile written about you seems to fit you to a T. you don't deny the veracity of the logs, nor being an active member of the(se) chat room(s), nor having them as your friends. but the tone of the conversation indicates you're there for a slightly higher purpose than mere socialization. i haven't a clue as to whether you're the webmaster/designer, but if that's the depth of your work for Lulzsec then congratulations, i suppose? Bin Laden's driver was given 66 months in Guantanamo, a miscarriage of justice that I hope doesn't befall you.

for everyone reading this - accept my apology on how i've mislead you. it's obvious you should trust an individual with links to hacker groups asking publicly for the composition of your old passwords and whether they were reused on other sites with the same user name.
http://blog.imperva.com/2011/06/lulzsec-profile-who-are-they.html
Based on http://lulzsecexposed.blogspot.com (which has some juicy false assumptions mixed in)
Which was in turn based on the already mentioned http://pastebin.com/QZXBCBYt

Like my post(s)? 12TSXLa5Tu6ag4PNYCwKKSiZsaSCpAjzpu Smiley
Quote from: hawks5999
I just can't wait for fall/winter. My furnace never generated money for me before. I'll keep mining until my furnace is more profitable.
HappyFunnyFoo
Full Member
***
Offline Offline

Activity: 125


View Profile
June 22, 2011, 03:36:06 PM
 #170

Anyone that continues to do business on the MtGox exchange after this debacle is both totally nuts and totally stupid.  For that matter, anyone doing business on ANY of the bitcoin exchanges is nuts and stupid.  Get what little assets you had in the account out and run asap...
Nagle
Legendary
*
Offline Offline

Activity: 1204


View Profile WWW
June 22, 2011, 04:31:08 PM
 #171

Anyone that continues to do business on the MtGox exchange after this debacle is both totally nuts and totally stupid.  For that matter, anyone doing business on ANY of the bitcoin exchanges is nuts and stupid.  Get what little assets you had in the account out and run asap...
I'd agree that keeping funds on any of the Bitcoin exchanges is foolish. The problem with Mt. Gox, and some of the other exchanges, is that they're not just an exchange.  They're banks, too. They hold customer funds as deposits.

None of the major Bitcoin "exchanges" is solid enough as an institution to act as a bank. They're not even at the level of some small-town independent bank in terms of organization, security, regulation, or financial strength. Mt. Gox, before the crash, was handling more money than some small town banks. But they had only two people, and no clue about security of a financial institution. Real banks and exchanges have insurance bonds on their employees, errors and omissions insurance, and real auditors. Not these guys.

If you use an exchange, sweep all your funds out of it at least once a day.
BitterTea
Sr. Member
****
Offline Offline

Activity: 294



View Profile
June 22, 2011, 04:45:46 PM
 #172

The problem with Mt. Gox, and some of the other exchanges, is that they're not just an exchange.  They're banks, too. They hold customer funds as deposits.

What is commonly considered a bank today is more strictly defined as a commercial bank: "A commercial bank accepts deposits and pools those funds to provide credit, either directly by lending, or indirectly by investing through the capital markets."

So, MtGox and the other exchanges are not banks in the same sense as Bank of America or even your local credit unions.
Nagle
Legendary
*
Offline Offline

Activity: 1204


View Profile WWW
June 22, 2011, 05:12:21 PM
 #173

So, MtGox and the other exchanges are not banks in the same sense as Bank of America or even your local credit unions.
In a strict sense, they're "non-bank depository institutions". But I felt that was too advanced a term for this forum.

For background on that subject, see this paper from the Kansas City Fed: "Recent developments at banks and nonbank depository institutions". That was written in 1983, near the beginning of US financial deregulation, as the types of financial institutions started to proliferate. It used to be that the same institutions accepted deposits and made retail loans. The job can be split, though, with one institution accepting deposits and another making loans. Non-bank depository institutions have to put their money somewhere, and if they put it in a bank, they are lending it to the bank. 

Bank regulation exists to protect depositor's funds.  Generally, banking regulation is applied to depository institutions, regardless of whether they make loans. On the other hand, businesses which lend their own money but do not hold deposits (like payday-loan companies) are not regulated as banks.

So an "exchange" like Mt. Gox would be subject to banking regulation in some jurisdictions. PayPal is regulated as a bank in the European Union, and as a money transfer service in the US and Japan. As of April 1, 2010, money transfer services in Japan must be licensed. Does Mt. Gox have a license?

mahun
Newbie
*
Offline Offline

Activity: 17


View Profile
June 22, 2011, 09:52:27 PM
 #174

Does it registered in Japan at all =)) It could be pure virtual company which will disappear at some point.
TigolBitteez
Newbie
*
Offline Offline

Activity: 15


View Profile
June 23, 2011, 04:41:22 AM
 #175

How can anyone even know at the moment. This is some Newb Garbage.
Big Time Coin
Sr. Member
****
Offline Offline

Activity: 332



View Profile
June 24, 2011, 05:10:41 AM
 #176

Anyone that continues to do business on the MtGox exchange after this debacle is both totally nuts and totally stupid.  For that matter, anyone doing business on ANY of the bitcoin exchanges is nuts and stupid.  Get what little assets you had in the account out and run asap...
I'd agree that keeping funds on any of the Bitcoin exchanges is foolish. The problem with Mt. Gox, and some of the other exchanges, is that they're not just an exchange.  They're banks, too. They hold customer funds as deposits.

None of the major Bitcoin "exchanges" is solid enough as an institution to act as a bank. They're not even at the level of some small-town independent bank in terms of organization, security, regulation, or financial strength. Mt. Gox, before the crash, was handling more money than some small town banks. But they had only two people, and no clue about security of a financial institution. Real banks and exchanges have insurance bonds on their employees, errors and omissions insurance, and real auditors. Not these guys.

If you use an exchange, sweep all your funds out of it at least once a day.

qft

Big time, I'm on my way I'm making it, big time, oh yes
- Peter Gabriel
Joise
Jr. Member
*
Offline Offline

Activity: 30


View Profile
June 24, 2011, 01:42:49 PM
 #177

Mt Gox and other Bitcoin markets ought to enable and encourage the use of some form of multi-factor authentication.  I use a Yubikey in conjunction with my Lastpass account (Lastpass generates very strong, unique passwords for every site so I'm not concerned about my Mt Gox password providing access to anything else), and it's a fantastic and open source authentication system.  Since Bitcoin is growing exponentially in usage and legitimacy, trading services should be growing with it and hardening their systems both on the code side, and on the user interaction side.  Many banks offer or require multi-factor authentication, why shouldn't Bitcoin services?

I still think that a scheme based on GnuPG, smart card and mTAN would be pretty secure and accessible.

It would work that way: When creating an account one would generate a GnuPG key pair. One would enter the public key together with user name and password at the trading site.

This key can now be used to verify re-authentication in case of a lost password, and this would be MUCH safer than re-authentication by e-mail. It can also be used to certify certain critical transactions. This can be done the way that the trading site generates a authentication token, mails it to the user, and he has to sign it with is private key and return it. Alternatively, the offered token can be displayed in a web form and the user replaces it by the signed token.

One important point is that this authentication can be used to set up a cell phone number for an mTAN scheme (mobile transaction authentication number). With this, when a transaction is done, the system sends a number to the phone which contains the important items of the transaction and an alphanumerical code. The transaction is accepted only when the code is entered in the web page. This is not a perfect system, but works very effectively against key loggers, and it is widely used in many countries.

Among the good things about GnuPG is that it is available on most operation systems (even the ones you shouldn't use) and that it can be used with a smart card. In this case, the private key is moved to the smart card and can't be read from there again. Processing of signatures is done on the smart card itself when one enters a PIN. Thus, it is not possible to steal the private key any more. This type of smart cards is available from many places, see here:

http://www.privacyfoundation.de/crypto_stick/crypto_stick_english/
http://www.gnupg.org/howtos/card-howto/en/ch02s02.html

The device from privacy fundation is an open source project, which means enhanced transparency and security against governmental backdoors.

With the scheme described, you need your account password, and your phone to make an transaction. You need your smart card, your mail account password OR your account password and your smart card PIN to change the account password or the phone number.

There are certainly other solutions (Yubikey and SSL client certificates with hardware tokens have been named, and I don't know them well enough to discuss them) but I believe this one is a cost-effective and safe variant. I think that at least two-factor authentication is a must, otherwise stealing of coins becomes so easy that a real and widespread theft business will emerge within months.

And for the same reason, I think, it should not be charged for at all. This is just fulfilling basic requirements.

And of course, mTAN can be hacked, if someone gets a SIM card for my number. But that's considerably more difficult than keylogging.
joepie91
Sr. Member
****
Offline Offline

Activity: 294


View Profile
June 25, 2011, 01:57:25 AM
 #178

Mt Gox and other Bitcoin markets ought to enable and encourage the use of some form of multi-factor authentication.  I use a Yubikey in conjunction with my Lastpass account (Lastpass generates very strong, unique passwords for every site so I'm not concerned about my Mt Gox password providing access to anything else), and it's a fantastic and open source authentication system.  Since Bitcoin is growing exponentially in usage and legitimacy, trading services should be growing with it and hardening their systems both on the code side, and on the user interaction side.  Many banks offer or require multi-factor authentication, why shouldn't Bitcoin services?

I still think that a scheme based on GnuPG, smart card and mTAN would be pretty secure and accessible.

It would work that way: When creating an account one would generate a GnuPG key pair. One would enter the public key together with user name and password at the trading site.

This key can now be used to verify re-authentication in case of a lost password, and this would be MUCH safer than re-authentication by e-mail. It can also be used to certify certain critical transactions. This can be done the way that the trading site generates a authentication token, mails it to the user, and he has to sign it with is private key and return it. Alternatively, the offered token can be displayed in a web form and the user replaces it by the signed token.

One important point is that this authentication can be used to set up a cell phone number for an mTAN scheme (mobile transaction authentication number). With this, when a transaction is done, the system sends a number to the phone which contains the important items of the transaction and an alphanumerical code. The transaction is accepted only when the code is entered in the web page. This is not a perfect system, but works very effectively against key loggers, and it is widely used in many countries.

Among the good things about GnuPG is that it is available on most operation systems (even the ones you shouldn't use) and that it can be used with a smart card. In this case, the private key is moved to the smart card and can't be read from there again. Processing of signatures is done on the smart card itself when one enters a PIN. Thus, it is not possible to steal the private key any more. This type of smart cards is available from many places, see here:

http://www.privacyfoundation.de/crypto_stick/crypto_stick_english/
http://www.gnupg.org/howtos/card-howto/en/ch02s02.html

The device from privacy fundation is an open source project, which means enhanced transparency and security against governmental backdoors.

With the scheme described, you need your account password, and your phone to make an transaction. You need your smart card, your mail account password OR your account password and your smart card PIN to change the account password or the phone number.

There are certainly other solutions (Yubikey and SSL client certificates with hardware tokens have been named, and I don't know them well enough to discuss them) but I believe this one is a cost-effective and safe variant. I think that at least two-factor authentication is a must, otherwise stealing of coins becomes so easy that a real and widespread theft business will emerge within months weeks.

And for the same reason, I think, it should not be charged for at all. This is just fulfilling basic requirements.

And of course, mTAN can be hacked, if someone gets a SIM card for my number. But that's considerably more difficult than keylogging.

Fixed it for you.

Anyway, that is a VERY good suggestion, the only important thing to take care of, is making sure that it is all very userfriendly. Users should never have to ask themselves "what do I do now?", or there will be issues with the system (and that may scare people away, towards less secure systems).

Like my post(s)? 12TSXLa5Tu6ag4PNYCwKKSiZsaSCpAjzpu Smiley
Quote from: hawks5999
I just can't wait for fall/winter. My furnace never generated money for me before. I'll keep mining until my furnace is more profitable.
kabo
Newbie
*
Offline Offline

Activity: 7


View Profile
June 26, 2011, 12:52:56 PM
 #179

* How much funds did you lose?
30.53 BTC
* To what address were your stolen funds sent?
1HQBh6QHduRHgLr9kCx5jd9qpJw7e7LUAD
* What OS are you using (Windows, Linux, Mac OSX ...)?
Mac OS X 10.6.7, Safari
* How long was your old password?
10 chars
* Was your old password random?
nope
* Was your username the same on Mt. Gox as on the forum?
yup
* Did you use your Mt. Gox password somewhere else?
yup, but not anymore
* Did your old password contain lowercase letters, uppercase letters, special characters and numbers?
nope, just smallcaps
* Have you used any Bitcoin-related software, and if yes, what software? Think about things like miners, wallet managers, etc.
nope

I'm guessing I'm pretty much screwed here.

But I checked the mtgox logs here https://claim.mtgox.com/status.html

Code:
money withdrawn:
Thu 16 Jun 2011 06:04:15 AM GMT out 1HQBh6QHduRHgLr9kCx5jd9qpJw7e7LUAD 30.53000000 ฿TC

06:45:15 a.m. Thursday June 16, 2011 in GMT converts to 03:45:15 p.m. Thursday June 16, 2011 in JST

Logins by IP-addresses that are not mine:
MTGOX_LOGIN Successful login on Mt.Gox Sat 18 Jun 2011 12:22:44 AM JST 184.105.220.24
MTGOX_LOGIN Successful login on Mt.Gox Thu 16 Jun 2011 03:03:51 PM JST 213.112.199.142 <-- likely logged on and withdrew money
MTGOX_LOGIN Successful login on Mt.Gox Thu 16 Jun 2011 01:14:03 PM JST 76.10.214.89
MTGOX_LOGIN Successful login on Mt.Gox Wed 15 Jun 2011 06:38:29 PM JST 46.166.129.61

The IP 213.112.199.142 seems to reside in Sweden and doesn't seem to run TOR. It could be part of a bot-net though.
Visa
Newbie
*
Offline Offline

Activity: 3



View Profile
June 26, 2011, 12:58:02 PM
 #180

I see a class action against Mt Gox is in order
Pages: « 1 2 3 4 5 6 7 8 [9]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!