NXT :: descendant of Bitcoin - Updated Information

[rickyjames]

Thefts from block:

http://87.230.14.1/nxt/nxt.cgi?action=1000&blk=17240155162180650056:

01.01.2014 12:56:54 (18,665 Nxt): http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=15182566201738727933
01.01.2014 12:58:03 (7,808 Nxt): http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=16204974692852323982 (more older thefts here)
01.01.2014 13:01:45   (18,197 Nxt): http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=9793828175536096502
01.01.2014 13:03:39 (92 Nxt): http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=6164081464868000542 (more older thefts here)

Going forward from this moment:

How can we be 100% sure someone coins are actually stolen? the victim could himself open an account and send the funds there....then after a period of time he then transfers the stolen funds to some new account and carries on happily ever after.

MOTIVATION: Those who have there funds stolen may get some sort of funding to compensate for their loss.  An greedy individual may take advantage of this.

 

Because of this reason, I think only PaulyC and newcn are eligible for some type of reimbursement/ bounties for uncovering the bogus client.

Let's keep the historical record straight here.  sparta_cuss reported this before PaulyC, and sparta_cuss was immediately blown off by CfB:

Quote from: sparta_cuss on January 01, 2014, 04:05:58 PM

Hey, looks like I just got robbed, too.
Someone please check this account: 12152013998194592943
They now have 147k+ from me.
Had a 40 char random password, capital, lower, numbers, symbols.
WTF?

Quote from CfB:

Can u prove that ur coins were stolen?
My account passphrase < 40 chars and contains 2M, why did the thief choose ur account instead of mine? Sorry, but ur case looks more like black PR attempt.

There's a clear pattern if you look at all the data:

Time   Victim   Vic Account   Thief Account   NXT
            
01.01.2014 12:56:54   plasticAiredale    8439060069775407509   15182566201738727933   18665
01.01.2014 12:58:03   PaulyC   16821029889165561706   16204974692852323982   7808
01.01.2014 13:01:45   newcn   16886318053889080545   9793828175536096502   18197
01.01.2014 13:05:06   sparta_cuss   11794318797680953099   12152013998194592943   147690

Somebody is manually stealing data at 3-4 minute intervals and Sparta_cuss was by far the most wronged.  We should check the blocks / transactions/ accounts before and after this time period.

[utopianfuture]

People ask why Nxt is not inflationary. Could anyone tell me why it's not inflationary if it's possible to issue other currencies using Asset Exchange? This increases number of "coins" owned by users, right?

Many people asking wrong questions. This kind of question is not even clear at a conceptual level. Currency inflation has to do with a decreasing purchasing power, not merely about increasing the number of currency. Gold is steady mined over centuries but I never heard anyone complain that gold is inflationary.

Everyone can issue their own tokens  but the fact of issuing does not make them valuable. People can't just issue NXT and get everyone accept it.

[Come-from-Beyond]

what i mean is if i want to download bitcoin official client i simply visit bitcoin.org
and same with litecoin.org and there are many others.

is there any official website for NXT?

There is no official website for NXT. Unlike Bitcoin and Litecoin, Nxt is supposed to be decentralized.

[landomata]

Thefts from block:

http://87.230.14.1/nxt/nxt.cgi?action=1000&blk=17240155162180650056:

01.01.2014 12:56:54 (18,665 Nxt): http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=15182566201738727933
01.01.2014 12:58:03 (7,808 Nxt): http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=16204974692852323982 (more older thefts here)
01.01.2014 13:01:45   (18,197 Nxt): http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=9793828175536096502
01.01.2014 13:03:39 (92 Nxt): http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=6164081464868000542 (more older thefts here)

Going forward from this moment:

How can we be 100% sure someone coins are actually stolen? the victim could himself open an account and send the funds there....then after a period of time he then transfers the stolen funds to some new account and carries on happily ever after.

MOTIVATION: Those who have there funds stolen may get some sort of funding to compensate for their loss.  An greedy individual may take advantage of this.

 

Because of this reason, I think only PaulyC and newcn are eligible for some type of reimbursement/ bounties for uncovering the bogus client.

Let's keep the historical record straight here.  sparta_cuss reported this before PaulyC, and sparta_cuss was immediately blown off by CfB:

Quote from: sparta_cuss on January 01, 2014, 04:05:58 PM

Hey, looks like I just got robbed, too.
Someone please check this account: 12152013998194592943
They now have 147k+ from me.
Had a 40 char random password, capital, lower, numbers, symbols.
WTF?

Quote from CfB:

Can u prove that ur coins were stolen?
My account passphrase < 40 chars and contains 2M, why did the thief choose ur account instead of mine? Sorry, but ur case looks more like black PR attempt.

There's a clear pattern if you look at all the data:

Time   Victim   Vic Account   Thief Account   NXT
            
01.01.2014 12:56:54   plasticAiredale    8439060069775407509   15182566201738727933   18665
01.01.2014 12:58:03   PaulyC   16821029889165561706   16204974692852323982   7808
01.01.2014 13:01:45   newcn   16886318053889080545   9793828175536096502   18197
01.01.2014 13:05:06   sparta_cuss   11794318797680953099   12152013998194592943   147690

Somebody is manually stealing data at 3-4 minute intervals and Sparta_cuss was by far the most wronged.  We should check the blocks / transactions/ accounts before and after this time period.

Yes Sparta_cuss also posted during those crazy moments.

Edit: His is by far the biggest yet

[utopianfuture]

Let's keep the historical record straight here.  sparta_cuss reported this before PaulyC, and sparta_cuss was immediately blown off by CfB:

Quote from: sparta_cuss on January 01, 2014, 04:05:58 PM

Hey, looks like I just got robbed, too.
Someone please check this account: 12152013998194592943
They now have 147k+ from me.
Had a 40 char random password, capital, lower, numbers, symbols.
WTF?

Quote from CfB:

Can u prove that ur coins were stolen?
My account passphrase < 40 chars and contains 2M, why did the thief choose ur account instead of mine? Sorry, but ur case looks more like black PR attempt.

There's a clear pattern if you look at all the data:

Time   Victim   Vic Account   Thief Account   NXT
            
01.01.2014 12:56:54   plasticAiredale    8439060069775407509   15182566201738727933   18665
01.01.2014 12:58:03   PaulyC   16821029889165561706   16204974692852323982   7808
01.01.2014 13:01:45   newcn   16886318053889080545   9793828175536096502   18197
01.01.2014 13:05:06   sparta_cuss   11794318797680953099   12152013998194592943   147690

Somebody is manually stealing data at 3-4 minute intervals and Sparta_cuss was by far the most wronged.  We should check the blocks / transactions/ accounts before and after this time period.

Don't forget Framewood, too.

https://bitcointalk.org/index.php?topic=345619.msg4172532#msg4172532

This instance was on December 27. It might be a different issue.

[rickyjames]

Let's keep the historical record straight here.  sparta_cuss reported this before PaulyC, and sparta_cuss was immediately blown off by CfB:

Quote from: sparta_cuss on January 01, 2014, 04:05:58 PM

Hey, looks like I just got robbed, too.
Someone please check this account: 12152013998194592943
They now have 147k+ from me.
Had a 40 char random password, capital, lower, numbers, symbols.
WTF?

Quote from CfB:

Can u prove that ur coins were stolen?
My account passphrase < 40 chars and contains 2M, why did the thief choose ur account instead of mine? Sorry, but ur case looks more like black PR attempt.

There's a clear pattern if you look at all the data:

Time   Victim   Vic Account   Thief Account   NXT
            
01.01.2014 12:56:54   plasticAiredale    8439060069775407509   15182566201738727933   18665
01.01.2014 12:58:03   PaulyC   16821029889165561706   16204974692852323982   7808
01.01.2014 13:01:45   newcn   16886318053889080545   9793828175536096502   18197
01.01.2014 13:05:06   sparta_cuss   11794318797680953099   12152013998194592943   147690

Somebody is manually stealing data at 3-4 minute intervals and Sparta_cuss was by far the most wronged.  We should check the blocks / transactions/ accounts before and after this time period.

Don't forget Framewood, too.

https://bitcointalk.org/index.php?topic=345619.msg4172532#msg4172532

The scary thing about Framewood:

I was using 0.4.4 client.
I'm now on 0.4.7e

HE SAYS HE WAS NOT USING THE 0.4.8 CLIENT

[utopianfuture]

The hacker might have tried it for a while, but he hit multiple targets with 0.4.8 versions.

[LiQio]

So what happened here? I see my NXT have been stolen as well. I only downloaded the client from this thread. Is there any plans to revert the blockchain? Honestly if there is no plans to somehow correct this, I am giving up on this. This is very disappointing.



Account: 8439060069775407509

The 'transfer' went to account 15182566201738727933. It's the account's only activity.

Do you remember which link in the thread the client was downloaded from?

It was somewhere in this thread, as its the only place I ever download the client from. According to my history I downloaded it from http://162.243.246.223/nxt-client-0.4.8.zip around 7:30am EDT on 12/31/1213.

I realize I got lazy and got used to not downloading the newest client from the first post, instead I just downloaded the latest from CFB whenever he posted new ones. I must have not noticed that the poster wasn't CFB. Granted I only lost 18K, but it still stings.

Thanks for the additional info, seems to point again to EpicThomas

He quoted the original message, but modified the link! And later modified it back!
Check:
https://bitcointalk.org/index.php?topic=345619.msg4237883#msg4237883
BUT in Google cache (Do not use the link found in cache!):
http://webcache.googleusercontent.com/search?q=cache:x1fHlORdUIEJ:https://bitcointalk.org/index.php%3Ftopic%3D345619.11820+&cd=1&hl=de&ct=clnk&gl=de

[rickyjames]

The hacker might have tried it for a while, but he hit multiple targets with 0.4.8 versions.

This means the forensic investigation has got to go deeper and not limit itself to 0.4.8.

Have we figured out yet just who the hell did this?

[landomata]

Ben just posted this in Forum....should this be regulated.

*LINK TO THE NEW CLIENT!

https://nextcoin.org/index.php/topic,2038.0/topicseen.html

[smartwart]

People ask why Nxt is not inflationary. Could anyone tell me why it's not inflationary if it's possible to issue other currencies using Asset Exchange? This increases number of "coins" owned by users, right?

interesting question!

at least, inflation is increase of the price.
if we substitute 1nxt by 3btc we have increased the price for one nxt by factor 3:0.0001
... hm ? ?

[utopianfuture]

The hacker might have tried it for a while, but he hit multiple targets with 0.4.8 versions.

This means the forensic investigation has got to go deeper and not limit itself to 0.4.8.

Have we figured out yet just who the hell did this?

EpicThomas. First evidence here. The bogus client was at his IP address.

https://bitcointalk.org/index.php?topic=345619.msg4263262#msg4263262

One of his thread

https://bitcointalk.org/index.php?topic=356282.msg4263313#msg4263313

[plasticAiredale]

So what happened here? I see my NXT have been stolen as well. I only downloaded the client from this thread. Is there any plans to revert the blockchain? Honestly if there is no plans to somehow correct this, I am giving up on this. This is very disappointing.



Account: 8439060069775407509

The 'transfer' went to account 15182566201738727933. It's the account's only activity.

Do you remember which link in the thread the client was downloaded from?

DO NOT DOWNLOAD FROM ANY LINKS IN THIS QUOTE!!!
It was somewhere in this thread, as its the only place I ever download the client from. According to my history I downloaded it from http://162.243.246.223/nxt-client-0.4.8.zip around 7:30am EDT on 12/31/1213.

I realize I got lazy and got used to not downloading the newest client from the first post, instead I just downloaded the latest from CFB whenever he posted new ones. I must have not noticed that the poster wasn't CFB. Granted I only lost 18K, but it still stings.

Thanks for the additional info, seems to point again to EpicThomas

He quoted the original message, but modified the link! And later modified it back!
Check:
https://bitcointalk.org/index.php?topic=345619.msg4237883#msg4237883
BUT in Google cache:
http://webcache.googleusercontent.com/search?q=cache:x1fHlORdUIEJ:https://bitcointalk.org/index.php%3Ftopic%3D345619.11820+&cd=1&hl=de&ct=clnk&gl=de

DUDE! Great research, if I had any NXT left I would tip you  

[chanc3r]

what i mean is if i want to download bitcoin official client i simply visit bitcoin.org
and same with litecoin.org and there are many others.

is there any official website for NXT?

There is no official website for NXT. Unlike Bitcoin and Litecoin, Nxt is supposed to be decentralized.

Apologies if I get some of the words wrong (as some people seem to be sensitive to terms being misused)

I think this is more about establishing and maintaining 'trust' in a decentralised environment where everyone is a peer.
The network does this for the transaction I think.
How do you extend this to the software that people use to initiate the software on the network is trusted and valid.
Cant this be done also by consensus - perhaps trusted people can test clients and submit a transaction signing the sha256 for the client
the more people sign a client the more it is trusted, the amount of trust generated relating to the stake of the signer.

I don't know if this has any legs.

Otherwise how will other clients ever get trusted after what has happened and the ease with which java can be recompiled, modified and repackaged is a concern.

In some ways its good  this has happened now (although I feel for those affected) and is driving this debate, someones greed has undone them because if this type of attack had happened later the damage could have been far worse in terms of people affected and NXTs reputation.

[S3MKi]

who is the thief?

[xyzzyx]

Don't forget Framewood, too.  Please notice the date and how little the community paid attention.

https://bitcointalk.org/index.php?topic=345619.msg4172532#msg4172532

Yes, do notice the date: December 27, 2013, 06:26:16 PM

Looks like earlier clients may have also been compromised.

Here are my hashes:

Code:

c079e79d912811d6a0f6f027e0b8872c837a2909db80ae1f80fc4ce2dacba1d1  nxt (1).zip (Dec  6 20:37)
61ed14319bf2c5d0e3fe58200d2f17d572ce8cdd3aec1549f9f8048a9e6ee6df  nxt (2).zip (Dec  9 22:47)
ea14310cd4099b03db715e76ef60e8f83dbd47d7bf50129bd8e0c270344a35d9  nxt (3).zip (Dec 11 22:15)
a8ff15b600d95ae8e280c35b14055677372fb20b2825682e9e35b6d68b8dfff3  nxt (4).zip (Dec 19 16:20)
794ec29a44f7dc2e5c00e682c06916b12e394ba43c0741c2ae748faa5baed606  nxt (5).zip (Dec 20 17:20)
5a4007e2ac28b636e6450d16ba058873ee68b619b6c0a649354708027c09c1ae  nxt (6).zip & nxt (7).zip (Dec 22 21:47 & Dec 23 17:16)
22f589980583addeafde58588b8f1daed0a38c55cd462abf260d8212f3fd884a  nxt (8).zip (Dec 24 14:20)
a15cde30abccf190535e3988eba21bb1974834651f454323e12da32807959317  nxt (9).zip (Dec 25 12:33)
ec7c30a100717e60d8abe50eedb23641952847d91ff90b9b05a74ff98d8a4cf2  nxt-client-0.4.8.zip (Dec 31 16:42) [GOOD HASH]

Assume all are bogus until otherwise confirmed not bogus.

Get latest client, check SHA256 hash to confirm ok, install, and move your NXT to a known safe account, people.

[rickyjames]

Let's keep the historical record straight here.  sparta_cuss reported this before PaulyC, and sparta_cuss was immediately blown off by CfB:

Quote from: sparta_cuss on January 01, 2014, 04:05:58 PM

Hey, looks like I just got robbed, too.
Someone please check this account: 12152013998194592943
They now have 147k+ from me.
Had a 40 char random password, capital, lower, numbers, symbols.
WTF?

Quote from CfB:

Can u prove that ur coins were stolen?
My account passphrase < 40 chars and contains 2M, why did the thief choose ur account instead of mine? Sorry, but ur case looks more like black PR attempt.

There's a clear pattern if you look at all the data:

Time   Victim   Vic Account   Thief Account   NXT
            
01.01.2014 12:56:54   plasticAiredale    8439060069775407509   15182566201738727933   18665
01.01.2014 12:58:03   PaulyC   16821029889165561706   16204974692852323982   7808
01.01.2014 13:01:45   newcn   16886318053889080545   9793828175536096502   18197
01.01.2014 13:05:06   sparta_cuss   11794318797680953099   12152013998194592943   147690

Somebody is manually stealing data at 3-4 minute intervals and Sparta_cuss was by far the most wronged.  We should check the blocks / transactions/ accounts before and after this time period.

Don't forget Framewood, too.  Please notice the date and how little the community paid attention.

https://bitcointalk.org/index.php?topic=345619.msg4172532#msg4172532

This bears repeating:

Please notice the date and how little the community paid attention. 

[utopianfuture]

People ask why Nxt is not inflationary. Could anyone tell me why it's not inflationary if it's possible to issue other currencies using Asset Exchange? This increases number of "coins" owned by users, right?

interesting question!

at least, inflation is increase of the price.
if we substitute 1nxt by 3btc we have increased the price for one nxt by factor 3:0.0001
... hm ? ?

this point has to be stressed again and again. You don't issue Bitcoin, litecoin or any other actual assets via colored coin tech. You  merely issue tokens or stickers that represent these coins . It's up to you to add a value on these tokens. They are basically IOU you issue. There would be a lot of uncertainty at the beginning of the asset market to see who can be trusted. Similar issue to the Ripple gateway currently.

[utopianfuture]

what i mean is if i want to download bitcoin official client i simply visit bitcoin.org
and same with litecoin.org and there are many others.

is there any official website for NXT?

There is no official website for NXT. Unlike Bitcoin and Litecoin, Nxt is supposed to be decentralized.

Apologies if I get some of the words wrong (as some people seem to be sensitive to terms being misused)

I think this is more about establishing and maintaining 'trust' in a decentralised environment where everyone is a peer.
The network does this for the transaction I think.
How do you extend this to the software that people use to initiate the software on the network is trusted and valid.
Cant this be done also by consensus - perhaps trusted people can test clients and submit a transaction signing the sha256 for the client
the more people sign a client the more it is trusted, the amount of trust generated relating to the stake of the signer.

I don't know if this has any legs.

Otherwise how will other clients ever get trusted after what has happened and the ease with which java can be recompiled, modified and repackaged is a concern.

In some ways its good  this has happened now (although I feel for those affected) and is driving this debate, someones greed has undone them because if this type of attack had happened later the damage could have been far worse in terms of people affected and NXTs reputation.

NXT foundation does not claim to be a sole organization that represent NXT. As long as NXT foundation is trusted then it can be used for the source of trusted information. Currently official information come only from Luc or Cfb. If CFB do not think it is centralization, then I don't know what is.
We still need to trust in individuals, otherwise nothing get done.

[allwelder]

Just an unmature question:
Is it secure that add some random nodes from the list(forget the website) to well know peers in web.xml?
Thanks.