Bitcoin Forum
October 17, 2017, 10:10:36 AM *
News: Latest stable version of Bitcoin Core: 0.15.0.1  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 [3]  All
  Print  
Author Topic: SOLVED: how to get BTC out of a Bitstamp account without verifying  (Read 14582 times)
tvbcof
Legendary
*
Offline Offline

Activity: 2296


View Profile
October 14, 2013, 03:09:20 AM
 #41

Got my BTC; see update to first post.

Sweet.  Congratulations and nice work!  You might think about outlining a recipe for someone who doesn't really know how to use the API and may not have used one before so that they might get some justice before the loophole is closed.


Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
eldentyrell
Donator
Legendary
*
Offline Offline

Activity: 980


felonious vagrancy, personified


View Profile WWW
October 14, 2013, 04:37:40 AM
 #42

You might think about outlining a recipe for someone who doesn't really know how to use the API

Yeah, unfortunately the software I used for this is not released and is not really releasable at this point…

I don't know what other trading software is out there, but if it supports withdrawal-via-API that should work.  Any decent arbitrage bot would have this.

Here is their API documentation:

 https://direct.bitstamp.net/api/

The API call you want is "BITCOIN WITHDRAWAL" accessed via HTTP POST to this URL:

  https://www.bitstamp.net/api/bitcoin_withdrawal/

The call is a simple POST and you add two parameters "user" and "password" (the endpoint is SSL so this is at least somewhat okay).  So something approximately close this this should work:

Code:
curl \
  --data "user=31337&password=mypass&amount=1.0&address=1PC9aZC4hNX2rmmrt7uHTfYAS3hRbph4UN" \
  https://www.bitstamp.net/api/bitcoin_withdrawal/

… where you replace "31337" with your numerical user id on bitstamp, "mypass" with your password, "1.0" with the number of BTC to withdraw and "1PC9aZC4hNX2rmmrt7uHTfYAS3hRbph4UN" with the destination address.

My account is closed now so I can't test this.

This will not work if you asked for an API key; in that case you have to use their newer API and I don't know if the loophole exists there too or not.  You also have to have the "enable old API" setting switched on in your account; mine was switched on when they created it since I had been using the API… I'm not sure what the default is for new accounts or if they'll let you switch it on if you've never used it before.  My account might have been grandfathered.

They're shutting off the old API in two weeks so my guess is they might have some bitrot in that code and are afraid to change it.

The printing press heralded the end of the Dark Ages and made the Enlightenment possible, but it took another three centuries before any country managed to put freedom of the press beyond the reach of legislators.  So it may take a while before cryptocurrencies are free of the AML-NSA-KYC surveillance plague.
bernard75
Legendary
*
Offline Offline

Activity: 1162



View Profile
October 14, 2013, 09:39:06 AM
 #43

Excellent workaround, lets hope they dont close it soon.
greyhawk
Hero Member
*****
Offline Offline

Activity: 924


View Profile
October 14, 2013, 10:14:44 AM
 #44

Got my BTC; see update to first post.

Holy crap, you really ARE Elden Tyrell.  Shocked
bernard75
Legendary
*
Offline Offline

Activity: 1162



View Profile
October 14, 2013, 11:11:08 AM
 #45


This is unbelievable.  With no warning (unless you're "facebook friends" with them) Bitstamp is refusing to let customers withdraw BTC they've deposited.  They're even refusing requests to close accounts.

Bitstamp never emailed me about this policy (even though they've sent me dozens of emails in the past to confirm trades/withdrawals).

Now they've basically stolen my money and won't give it back unless I send enough high-resolution documentation to steal my identity to some dude in Slovenia.

I've offered to let them wire the funds to my US-based bank, which has full AML documentation for me on file and who will confirm that I am the signatory for the account.

I want to stop using bitstamp and get my coins back.  They're refusing to close my account.  Scam scam scam.

Apparently they've stolen from a whole lot of people now:

Seems you missed this then:

"To be in line with financial standards, as of September 30th, 2013, bitcoin and bank transfers will only be available to verified customers."

https://www.bitstamp.net/article/bitstamp-new-verification-requirements/

This was a warning on their site prior to sep 30th, so all of a sudden they are thieves because they didn’t email you ?

Yes, they didnt inform their customers properly, i for one have never seen that well hidden page.
SquishySquish
Newbie
*
Offline Offline

Activity: 29


View Profile
October 14, 2013, 11:28:50 AM
 #46

Thanks for the tip. But you should do AML to help funding terrorists.
eldentyrell
Donator
Legendary
*
Offline Offline

Activity: 980


felonious vagrancy, personified


View Profile WWW
October 14, 2013, 12:19:52 PM
 #47

so all of a sudden they are thieves because they didn’t email you ?

No, they're thieves for refusing to give me back my coins (until I hacked their API).

The printing press heralded the end of the Dark Ages and made the Enlightenment possible, but it took another three centuries before any country managed to put freedom of the press beyond the reach of legislators.  So it may take a while before cryptocurrencies are free of the AML-NSA-KYC surveillance plague.
cbhelp
Jr. Member
*
Offline Offline

Activity: 56


View Profile
October 14, 2013, 12:43:39 PM
 #48

If they allow to change the user info on the account, ill send in my kyc docs to them to withdraw btc for people, for 1% of what's in account each.

tclo
Hero Member
*****
Offline Offline

Activity: 490



View Profile
October 14, 2013, 08:27:22 PM
 #49

Yes, they didnt inform their customers properly, i for one have never seen that well hidden page.

Yes it was absurd that they didn't email their customers about this.  I just luckily heard someone talking about it online or I wouldn't have been aware.  I didn't use my real name on my Bitstamp acct, so I quickly got my funds out of there.

However, I think you probably could just change a fake name to your real one and then send in the KYC docs and could get your funds out.  However, I don't blame you if you don't want to send all that stuff to Slovenia...there is some risk involved for sure.
tvbcof
Legendary
*
Offline Offline

Activity: 2296


View Profile
October 14, 2013, 08:34:51 PM
 #50

...
However, I think you probably could just change a fake name to your real one and then send in the KYC docs and could get your funds out.  However, I don't blame you if you don't want to send all that stuff to Slovenia...there is some risk involved for sure.

I'm still wondering what a full set of identity docs would be worth.  There must be some user here who has a quasi-criminal friend who could shed light on this.  If so, let's take the following example:

 - male, age 30's
 - lives in a major metro area in the US.
 - pulls in a six-figure salary.
 - respectable credit score.
 - credit cards with $10k-ish credit limits.

Any ideas?


eldentyrell
Donator
Legendary
*
Offline Offline

Activity: 980


felonious vagrancy, personified


View Profile WWW
October 14, 2013, 09:22:52 PM
 #51

I'm still wondering what a full set of identity docs would be worth.  There must be some user here who has a quasi-criminal friend who could shed light on this.

I'd like to know as well, mostly to shut up the people who keep bleating "just send them yer doxx".

A lot of people outside the USA underestimate how astronomically bad the identity-security situation is here, and how much stuff around here is based on the totally broken identity system.  You can't even rent a place to live without getting tangled up in it (something that foreign grad students are constantly getting screwed by).

The US is notorious for lack of information privacy laws, and that sucks, but most states have identity security laws, notably California's which makes it a crime to fail to notify customers if a business suffers a data breach that exposes identity information.  This means that we at least find out about these breaches as long as the company has at least one customer in California and one employee in the US who isn't wiling to go to jail to cover his boss' ass.

Sadly these laws are strong only because the identity-verification system is so pathetically weak.  Other countries with sensible identity-security systems don't need them.

The printing press heralded the end of the Dark Ages and made the Enlightenment possible, but it took another three centuries before any country managed to put freedom of the press beyond the reach of legislators.  So it may take a while before cryptocurrencies are free of the AML-NSA-KYC surveillance plague.
marketGuy
Newbie
*
Offline Offline

Activity: 26


View Profile
October 14, 2013, 10:30:55 PM
 #52

Thanks eldentyrell for the idea! My coins where held hostage too, and i don't trust them enough to send them my identity documents.

The good news is: the withdrawal trick with the old API still works with the new API with a newly generated API key.
Be quick if you want to withdraw. Who knows how long that is working. Details are here: https://www.bitstamp.net/api/
jago25_98
Hero Member
*****
Offline Offline

Activity: 892


Crypto Geek


View Profile
October 27, 2013, 02:58:04 PM
 #53

Next time you can register a company for £99 in the UK, verify with company documents, withdraw and then delete all

Crypto supporter!
PrintMule
Hero Member
*****
Offline Offline

Activity: 602


Hero - A Decentralized Betting Token


View Profile
October 28, 2013, 10:53:27 AM
 #54

Next time you can register a company for £99 in the UK, verify with company documents, withdraw and then delete all

Or buy some bum a bottle of vodka for £10 and use his id.


████████████
██████████
█████████████
██████████████
██████████████████
███████████████████
███████████████████
███████████████████
███████████████
██████████████████
█████████████████████
██████████████████████
███████████████████████
███████████████████████
███████████████████████
██████████████████████
█████████████████
█████████████████
█████████████████
████████████████
████████████████
████████████████
███████████████
███████████████
██████████████
██████████████
███████████
███████████
███████████
████████████

.
|
.
ANN
BOUNTY
WEBSITE
]
[/cen
Aseras
Hero Member
*****
Offline Offline

Activity: 658


View Profile
November 01, 2013, 12:16:11 PM
 #55

Quote
MODIFICATION OF TERMS
Bitstamp reserves the right to change, add or remove portions of these Terms, at any time, in an exercise of its sole discretion. You will be notified of any changes in advance through your Account. Upon such notification, it is your responsibility to review the amended Terms. Your continued use of the Site following the posting of a notice of changes to the Terms signifies that you accept and agree to the changes, and that all subsequent transactions by you will be subject to the amended Terms.
Highlighting by me, see https://en.bitstamp.net/article/bitstamp-new-verification-requirements/ as well as the notification in your account.

If you fail to look into your account for weeks and then don't want to supply KYC info, just ask the "Gigamining" people how much it helps to complain.

so if they post that now all transaction have a 50 btc fee and post it and 1 minute later enforce it against you, you are ok with that?
TheButterZone
Legendary
*
Offline Offline

Activity: 1932


Nemo me impune lacessit


View Profile WWW
November 01, 2013, 09:00:50 PM
 #56

HAHAHA!

mateo
Member
**
Offline Offline

Activity: 87



View Profile
December 08, 2013, 12:53:44 AM
 #57

It's actually strange that a company asks for people for ID documents, yet they don't provide any information about themselves on their site except a forwarding address of their shell company.
Does anybody know just where Bitstamp offices actually are and who are the people behind it?

And while KYC requirements are understable for depositing/withdrawing fiat, applying it to BTC withdrawals is an obvious attempt by them to steal some coins. I'm a verified user on Bitstamp, because a couple of months back I had to send my ID documents to somebody somewhere (in Slovenia maybe?) just to get my money out. How is this legal?

BTC to the moon!
Authentic
Member
**
Offline Offline

Activity: 112

1FRpXqj6kedknh5uNpdo8FS3U49XJPJJy1


View Profile
December 08, 2013, 01:24:08 AM
 #58

It's great that you found out they forgot to limit the API. Congratulations on getting your coins back. Hope this lasts...

Pages: « 1 2 [3]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!