mybitcoin down or just me?

[julz]

I think the site got hit big time after the Mt. gox hack and the guy quit after that.

Probably the most likely explanation. MyBitcoin may have reacted too slowly after the MtGox hack, and a number of their wallets were subsequently hacked with the usernames / passwords from the MtGox user list. They knew they couldn't refund those wallets, so they decided to just make a run.

Makes perfect sense to me.

While any decent business should move fast to protect it's customers in such a situation... would mybitcoin technically be liable for this?
Using the same password on multiple sites would often violate the terms of service - and put the fault for any loss squarely on the user.

In such a situation the operator could just refuse to take responsibility. They could also do something like agree to pay half back over time out of future profits if they wanted to try to claw back some good will from those affected.


edit: It doesn't make perfect sense to me.  The operator could have taken a hard-nosed attitude and kept mybitcoins running.
For a catastrophic hack for which mybitcoins is obviously at fault, it would make sense that a certain type of operator might just run.. but not just because a few users had compromised passwords due to a completely external issue.

[1713883135]

1713883135

[1713883135]

1713883135

[crazy987]

Help!! Anyone from Holland around here?!

here here

[qwk]

I think the site got hit big time after the Mt. gox hack and the guy quit after that.

Probably the most likely explanation. MyBitcoin may have reacted too slowly after the MtGox hack, and a number of their wallets were subsequently hacked with the usernames / passwords from the MtGox user list. They knew they couldn't refund those wallets, so they decided to just make a run.

While any decent business should move fast to protect it's customers in such a situation... would mybitcoin technically be liable for this?
Using the same password on multiple sites would often violate the terms of service - and put the fault for any loss squarely on the user.

In such a situation the operator could just refuse to take responsibility. They could also do something like agree to pay half back over time out of future profits if they wanted to try to claw back some good will from those affected.

Legally, they might be have been able to just sit back and relax, they wouldn't necessarily have been held liable for the damage. But do you think they would want to go through the investigations including the usual authorities? Did they pay their taxes? Do you think they really did everything the way they should have? I mean, look at it, they did a lot to cover their identity and catered to a community of Tor users, they obviously never wanted to deal with authorities in the first place.

They faced two alternatives:
a) painstakingly explaining what happened, why they didn't prevent it from happening, why they didn't run their business the way you should "normally" run it
b) wave a "bite my shiny metal a**" good bye to the crowd, Bender style 

This is all just wild speculation on my part, though, and the real story may have been completely different. I honestly don't know.

[NothinG]

I think the site got hit big time after the Mt. gox hack and the guy quit after that.

Probably the most likely explanation. MyBitcoin may have reacted too slowly after the MtGox hack, and a number of their wallets were subsequently hacked with the usernames / passwords from the MtGox user list. They knew they couldn't refund those wallets, so they decided to just make a run.

While any decent business should move fast to protect it's customers in such a situation... would mybitcoin technically be liable for this?
Using the same password on multiple sites would often violate the terms of service - and put the fault for any loss squarely on the user.

In such a situation the operator could just refuse to take responsibility. They could also do something like agree to pay half back over time out of future profits if they wanted to try to claw back some good will from those affected.

Legally, they might be have been able to just sit back and relax, they wouldn't necessarily have been held liable for the damage. But do you think they would want to go through the investigations including the usual authorities? Did they pay their taxes? Do you think they really did everything the way they should have? I mean, look at it, they did a lot to cover their identity and catered to a community of Tor users, they obviously never wanted to deal with authorities in the first place.

They faced two alternatives:
a) painstakingly explaining what happened, why they didn't prevent it from happening, why they didn't run their business the way you should "normally" run it
b) wave a "bite my shiny metal a**" good bye to the crowd, Bender style 

This is all just wild speculation on my part, though, and the real story may have been completely different. I honestly don't know.

I'm going with

[repentance]

Legally, they might be have been able to just sit back and relax, they wouldn't necessarily have been held liable for the damage. But do you think they would want to go through the investigations including the usual authorities? Did they pay their taxes? Do you think they really did everything the way they should have? I mean, look at it, they did a lot to cover their identity and catered to a community of Tor users, they obviously never wanted to deal with authorities in the first place.

They faced two alternatives:
a) painstakingly explaining what happened, why they didn't prevent it from happening, why they didn't run their business the way you should "normally" run it
b) wave a "bite my shiny metal a**" good bye to the crowd, Bender style 

This is all just wild speculation on my part, though, and the real story may have been completely different. I honestly don't know.

Exactly what authorities did they need to worry about?  Certainly not those in Nevis.  It's an off-shore haven which doesn't even require the identities of the owners to be disclosed when an LLC is formed, and any lawsuits against a Nevis LLC pretty much require a Nevis court to grant a lien against the company's assets.  There is no requirement that the owners of a Nevis LLC reside in Nevis.  And there are no local taxes payable on money earned outside of Nevis. Intentionally or otherwise, they've chosen to incorporate somewhere which makes pursuing any claims against them difficult

[NothinG]

*cough* I just realized why they didn't want someone like me selling them a Dedi to help host one of their sites (MemCached, look it up...).

[qwk]

Exactly what authorities did they need to worry about?

Whatever authorities are applicable where they conduct business. For example, here in Germany, it simply doesn't matter if your webserver and /or your company mailbox is located in Tuvalu, Nigeria, the Caymans, or on Sealand. You'll have to explain what you did to local authorities if you were offering a service to a local person.
I don't know where the guy(s) behind mybitcoin live, but the same may apply for them, depending on their local jurisdiction.

they've chosen to incorporate somewhere which makes pursuing any claims against them difficult

Absolutely.

[repentance]

Exactly what authorities did they need to worry about?

Whatever authorities are applicable where they conduct business. For example, here in Germany, it simply doesn't matter if your webserver and /or your company mailbox is located in Tuvalu, Nigeria, the Caymans, or on Sealand. You'll have to explain what you did to local authorities if you were offering a service to a local person.
I don't know where the guy(s) behind mybitcoin live, but the same may apply for them, depending on their local jurisdiction.

they've chosen to incorporate somewhere which makes pursuing any claims against them difficult

Absolutely.

The thing is that we don't really know who "they" are, much less where they're actually located.  There's no reason to believe that they've registered the LLC in the name of the actual owners, and it's unlikely that their agent is going to disclose the identities of the owners - no foreign authorities have the jurisdiction to compel them to do so, and Nevis authorities are going to be totally uninterested unless they've committed actual offences under Nevis law.  It's possible that they have no assets located in Nevis either.

Realistically, even if someone who has lost Bitcoins can get their local authorities involved, there's a strong likelihood that any investigation will reach a dead end.

[kjj]

http://who.is/dns/mybitcoin.com/

Anyone else notice there is no MX record?  How was email to domain addresses supposed to be delivered?

MX records are not necessary for mail delivery.  They are only needed in complex domains, or when backup servers are desired.

[NothinG]

nothing

Yes?

[NothinG]

nothing

Yes?

Sorry, this comes from sifting through pages and pages of newbies posting "MyBItcoin is a scam!" threads. I realize that discussion is the first step, but as no one seems to be taking any action, it is pretty obvious that these forums not organized enough to actually get involved in an investigation without someone making the first step.

Forgive me if I came across bossy and generalizing too much.

It was a joke. You quoted my name xD

[papa_snurf]

If only we had some kind of currency system that would make these centralized points of failure obsolete...

Lol

[papa_snurf]

There's no reason to believe this was a one man show or that there was no support staff. Income was generated by text ads.

True, that  was my assumption, based on the cliche of a smart programmer who started a site and when it became popular and heavy duty, s/he was not prepared for that.
I never noticed the text ads. Taking the number of users/visitors into account, this could have been a source of income to cover the operation costs of the service.

And maybe it's Satoshi and Tom Williams is just another pseudonym and this is a lesson about centralizing stuff in a decentralized system. Last time someone was pointing with a finger to MtGox (for the same reason, too big, too central) and suggested a DDoS to prove his point, he suddenly became very unpopular and when a DDoS happened, he was forced out of business. If not forced, at leas he earned lot of hate speech. I dont believe Tom and Satoshi are the same collective but wouldn't it be ironic?

Satoshi could have mined 100's of bitcoins in 2010 if he wanted, and maybe he did. No point in running a scam worth a few hundreds of btc.

[Atheros]

EDIT:

Mybitcoin.com DO NOT have a MX-record, so the "abuse@mybitcoin.com"-email is bogus.

jine@srv:~$ host -tANY mybitcoin.com
mybitcoin.com has SOA record ns1.systemdns.com. hostmaster.systemdns.com. 8675317 10800 3600 1209600 3600
mybitcoin.com has address 83.149.112.133
mybitcoin.com name server ns3.systemdns.com.
mybitcoin.com name server ns2.systemdns.com.
mybitcoin.com name server ns1.systemdns.com.

jine@srv:~$ host -tMX mybitcoin.com
mybitcoin.com has no MX record

I would suggest contacting http://domainhelp.opensrs.net/ as well, and explain the situation.

That is incorrect. An MX record is not necessary to receive mail. When an MX record is not present, the A record is used. The only reason to set up an MX record, other than complying with simple standards of protocol politeness, is when setting up multiple servers with priorities.

[julz]

EDIT:

Mybitcoin.com DO NOT have a MX-record, so the "abuse@mybitcoin.com"-email is bogus.

jine@srv:~$ host -tANY mybitcoin.com
mybitcoin.com has SOA record ns1.systemdns.com. hostmaster.systemdns.com. 8675317 10800 3600 1209600 3600
mybitcoin.com has address 83.149.112.133
mybitcoin.com name server ns3.systemdns.com.
mybitcoin.com name server ns2.systemdns.com.
mybitcoin.com name server ns1.systemdns.com.

jine@srv:~$ host -tMX mybitcoin.com
mybitcoin.com has no MX record

I would suggest contacting http://domainhelp.opensrs.net/ as well, and explain the situation.

That is incorrect. An MX record is not necessary to receive mail. When an MX record is not present, the A record is used. The only reason to set up an MX record, other than complying with simple standards of protocol politeness, is when setting up multiple servers with priorities.

The server isn't listening on port 25 - so the statement the 'email is bogus' isn't quite warranted - but it is certainly invalid/inactive at the moment.
Nobody can send email to any address under the mybitcoin.com domain.

[superpc]

Ugh.  As soon as their site comes back up, I'm getting all of my BTC out of this service.  I have BitCoins in their service and now I'm totally pissed off.  I sure hope they're not going to run away with all of our BTC.  I didn't have too much in there but I did have some.

[superpc]

Now my address appears to be invalid.

http://dl.dropbox.com/u/11621891/Screenshots/00j.png

[julz]

Looks like just a broken URL.

Try typing the last part of it by hand (get rid of the %5's in there)

[kjj]

Works for me.

[superpc]

Still weird.  Does anyone know why MyBitCoin is still down? Argh.