Bitcoin Forum
December 09, 2016, 11:46:56 AM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 5 6 [7] 8 9 10 11 12 13 14 15 »  All
  Print  
Author Topic: Hacked Linode & coins stolen to 1NRy8GbX56MymBhDYM...  (Read 57572 times)
Micon
Legendary
*
Offline Offline

Activity: 1218


I'm not the law, but I represent justice


View Profile WWW
March 02, 2012, 02:24:59 AM
 #121

I'm half a noob when it comes to exactly how the blockchain can be used to track transactions, but my understanding is that since we have the hash that stole the coins, even if he tries to wash them can't we see at least where big chunks will go?   can we track this money through the block chain?

Chairman SwCPoker.eu Bitcoin Poker 2.0 |  Pro Poker Player  |  blog & podcas DonkDown.com | @BryanMicon | 2015- PGP Key
1481284016
Hero Member
*
Offline Offline

Posts: 1481284016

View Profile Personal Message (Offline)

Ignore
1481284016
Reply with quote  #2

1481284016
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481284016
Hero Member
*
Offline Offline

Posts: 1481284016

View Profile Personal Message (Offline)

Ignore
1481284016
Reply with quote  #2

1481284016
Report to moderator
1481284016
Hero Member
*
Offline Offline

Posts: 1481284016

View Profile Personal Message (Offline)

Ignore
1481284016
Reply with quote  #2

1481284016
Report to moderator
1481284016
Hero Member
*
Offline Offline

Posts: 1481284016

View Profile Personal Message (Offline)

Ignore
1481284016
Reply with quote  #2

1481284016
Report to moderator
Revalin
Hero Member
*****
Offline Offline

Activity: 728


165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g


View Profile
March 02, 2012, 02:27:00 AM
 #122

Aside from covering the losses themselves, both Slush and Zhoutong have been operating honorably and openly for some time.  This is not at all like MyBitcoin which was red flagged by plenty of people as a likely scam long before it went down.

      War is God's way of teaching Americans geography.  --Ambrose Bierce
Bitcoin is the Devil's way of teaching geeks economics.  --Revalin 165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g
paraipan
Legendary
*
Offline Offline

Activity: 924


Firstbits: 1pirata


View Profile WWW
March 02, 2012, 02:27:14 AM
 #123

Another 10k+ BTC from Bitcoinica :-/.
https://bitcointalk.org/index.php?topic=66961

In the transaction related to your incident, one of the destination addresses had 25k BTC or so... by the looks of it the perp has amassed a lot of bitcoins and I bet there were many legit wallets in Linode with legit transactions so he can also use these to launder his money.

It's a lot of money to launder, though. We're talking about 1/4 million US$ or so.

Beware of big mining contract purchases in ferroh or GPUMax (or others) during the next few days.

zhoutong didn't provide transaction id of the robbery like slush did

http://blockchain.info/tx-index/2873808/0268b7285b95444808753969099f7ae43fb4193d442e3e0deebb10e2bb1764d0 -- may be it.

could be, if it's the only 10 grand that moved lately, will wait for zt confirm

BTCitcoin: An Idea Worth Saving - Q&A with bitcoins on rugatu.com - Check my rep
bbit
Legendary
*
Offline Offline

Activity: 1288

Bitcoin


View Profile
March 02, 2012, 02:27:19 AM
 #124

I'm half a noob when it comes to exactly how the blockchain can be used to track transactions, but my understanding is that since we have the hash that stole the coins, even if he tries to wash them can't we see at least where big chunks will go?   can we track this money through the block chain?

funny I was wondering the very same thing. I don't get why anyone would steal bitcoin since when you go to "cash out" it could conceivably be red-flagged - then again they could do small amounts  BUT STILL what thief wants to sit there and do $50 cash out at a time ? can anyone explain this?
adamstgBit
Legendary
*
Offline Offline

Activity: 1904


Trusted Bitcoiner


View Profile WWW
March 02, 2012, 02:27:52 AM
 #125

@JeffK Full disclosure request:

What is your relationship with Linode?

Two year customer last month, never had problems but I've been around the Bitcoin community long enough to be suspicious of people who "lose" bitcoins or have them "stolen"

Ok, you're going to be suspicious of Gavin, the bitcoinica guy, and Slush?

he is suspicious of Linode itself.

JeffK
Sr. Member
****
Offline Offline

Activity: 350


I never hashed for this...


View Profile
March 02, 2012, 02:28:46 AM
 #126

@JeffK Full disclosure request:

What is your relationship with Linode?

Two year customer last month, never had problems but I've been around the Bitcoin community long enough to be suspicious of people who "lose" bitcoins or have them "stolen"

And I find suspicious that after being inactive since Jan 9th 2012 you came back today...

I'm just a big Linode fan and I don't think it's fair that people are posting shit on reddit and hacker news calling them insecure before we have any statement from them, and when they have a good history of being one of the longest providers of VPSs I've known of, and has always goven me good customer service and free upgrades.


I think it's only fair to give them a chance to respond first. If I was actually a Linode employee, I'd probably be working on that response instead of posting here.
Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1442



View Profile
March 02, 2012, 02:29:37 AM
 #127

I'm half a noob when it comes to exactly how the blockchain can be used to track transactions, but my understanding is that since we have the hash that stole the coins, even if he tries to wash them can't we see at least where big chunks will go?   can we track this money through the block chain?

funny I was wondering the very same thing. I don't get why anyone would steal bitcoin since when you go to "cash out" it could conceivably be red-flagged - then again they could do small amounts  BUT STILL what thief wants to sit there and do $50 cash out at a time ? can anyone explain this?

Silk Road has the best laundry and you sure ain't gonna get their help, much less you'll get help from the drug dealers to whom those coins will be delivered ultimately.

JeffK
Sr. Member
****
Offline Offline

Activity: 350


I never hashed for this...


View Profile
March 02, 2012, 02:30:28 AM
 #128

@JeffK Full disclosure request:

What is your relationship with Linode?

Two year customer last month, never had problems but I've been around the Bitcoin community long enough to be suspicious of people who "lose" bitcoins or have them "stolen"

Ok, you're going to be suspicious of Gavin, the bitcoinica guy, and Slush?

he is suspicious of Linode itself.

Partially this too, I'd rather hear their word on it, than some guys who are posting negative things all over before Linode posts their "Yup, it was our fauly" or "That never happened" response
Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1442



View Profile
March 02, 2012, 02:32:33 AM
 #129

@JeffK Full disclosure request:

What is your relationship with Linode?

Two year customer last month, never had problems but I've been around the Bitcoin community long enough to be suspicious of people who "lose" bitcoins or have them "stolen"

And I find suspicious that after being inactive since Jan 9th 2012 you came back today...

I'm just a big Linode fan and I don't think it's fair that people are posting shit on reddit and hacker news calling them insecure before we have any statement from them, and when they have a good history of being one of the longest providers of VPSs I've known of, and has always goven me good customer service and free upgrades.


I think it's only fair to give them a chance to respond first. If I was actually a Linode employee, I'd probably be working on that response instead of posting here.

So you prefer for all other business that host with them to stay relaxed and wait for their turn to be majorly ass-pounded while Linode crafts a response? Is that it?








...moron...

JeffK
Sr. Member
****
Offline Offline

Activity: 350


I never hashed for this...


View Profile
March 02, 2012, 02:34:25 AM
 #130

@JeffK Full disclosure request:

What is your relationship with Linode?

Two year customer last month, never had problems but I've been around the Bitcoin community long enough to be suspicious of people who "lose" bitcoins or have them "stolen"

And I find suspicious that after being inactive since Jan 9th 2012 you came back today...

I'm just a big Linode fan and I don't think it's fair that people are posting shit on reddit and hacker news calling them insecure before we have any statement from them, and when they have a good history of being one of the longest providers of VPSs I've known of, and has always goven me good customer service and free upgrades.


I think it's only fair to give them a chance to respond first. If I was actually a Linode employee, I'd probably be working on that response instead of posting here.

So you prefer for all other business that host with them to stay relaxed and wait for their turn to be majorly ass-pounded while Linode crafts a response? Is that it?








...moron...

So the moment you move to your next host, and some customer posts something about them being insecure with very flaky 'proof', you will jump ship to another provider immediately?





...moron...
slush
Legendary
*
Offline Offline

Activity: 1358



View Profile WWW
March 02, 2012, 02:39:06 AM
 #131

I think it's only fair to give them a chance to respond first.

But Linode's vice president already confirmed it was security issue of Linode. He even posted the same explanation to me and Gavin. I cannot say for myself, but I think Gavin is one of most honest people around.

Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1442



View Profile
March 02, 2012, 02:39:42 AM
 #132

Yes I would. Better safe than sorry!

rjk
Sr. Member
****
Offline Offline

Activity: 420


1ngldh


View Profile
March 02, 2012, 02:41:30 AM
 #133

Better to have to re-enter the encryption password any time the server goes down, than to have no encryption at all. Linux servers never crash of their own accord anyway, unless there is something major wrong.

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
bbit
Legendary
*
Offline Offline

Activity: 1288

Bitcoin


View Profile
March 02, 2012, 02:42:04 AM
 #134

I'm half a noob when it comes to exactly how the blockchain can be used to track transactions, but my understanding is that since we have the hash that stole the coins, even if he tries to wash them can't we see at least where big chunks will go?   can we track this money through the block chain?

funny I was wondering the very same thing. I don't get why anyone would steal bitcoin since when you go to "cash out" it could conceivably be red-flagged - then again they could do small amounts  BUT STILL what thief wants to sit there and do $50 cash out at a time ? can anyone explain this?

Silk Road has the best laundry and you sure ain't gonna get their help, much less you'll get help from the drug dealers to whom those coins will be delivered ultimately.

ah got it you mean the jack-ass's that do this actually spend the bitcoins ? LOL   still even silkroad should be like oh look at that guy buying $1,000 $5,000 worth of ecstasy gee ..
JeffK
Sr. Member
****
Offline Offline

Activity: 350


I never hashed for this...


View Profile
March 02, 2012, 02:43:51 AM
 #135

I think it's only fair to give them a chance to respond first.

But Linode's vice president already confirmed it was security issue of Linode. He even posted the same explanation to me and Gavin. I cannot say for myself, but I think Gavin is one of most honest people around.

Well then I'm overly shocked the rest of us haven't gotten some kind of notification.

Regardless, I find it hard to believe that a hacker who supposedly has access to all of the Linodes uses that ability to hijack a few bitcoins. i also don't believe there is any legal precedent at all that would require them to cover the Bitcoins in question.
muyuu
Donator
Legendary
*
Offline Offline

Activity: 924



View Profile
March 02, 2012, 02:44:41 AM
 #136

I think it's only fair to give them a chance to respond first.

But Linode's vice president already confirmed it was security issue of Linode. He even posted the same explanation to me and Gavin. I cannot say for myself, but I think Gavin is one of most honest people around.

Don't bother replying to JeffK. He already implied you are a liar by questioning your paste of that conversation.

GPG ID: 7294199D - OTC ID: muyuu (470F97EB7294199D)
forum tea fund BTC 1Epv7KHbNjYzqYVhTCgXWYhGSkv7BuKGEU DOGE DF1eTJ2vsxjHpmmbKu9jpqsrg5uyQLWksM CAP F1MzvmmHwP2UhFq82NQT7qDU9NQ8oQbtkQ
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218


Gerald Davis


View Profile
March 02, 2012, 02:45:33 AM
 #137

do these incidents not bode well for online clients like Electrum or Blockchain.info?

even with encrypted user generated private keys, they can be stolen by the server when opened to sign tx's.

Server never "opens" the key.  The signing is done client side.  While you could have funds stolen it would be because of malware on your computer.  There is nothing on the server to steal.
Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1442



View Profile
March 02, 2012, 02:46:27 AM
 #138

JeffK, ain't it incredible how some people can value things you deem worthless?

x1010101x
Newbie
*
Offline Offline

Activity: 20



View Profile
March 02, 2012, 02:47:35 AM
 #139

Looks like Linode has issued a status update:

Quote
Manager Security Incident

Ensuring the security of our platform is our top priority. We maintain a strong security policy and aim to communicate openly should it ever be compromised. Thus, we are posting to describe a recent incident affecting the Linode Manager.

Here are the facts:

This morning, an intruder accessed a web-based Linode customer service portal. Suspicious events prompted an immediate investigation and the compromised credentials used by this intruder were then restricted.  All activity via the web portal is logged, and an exhaustive audit has provided the following:

All activity by the intruder was limited to a total of eight customers, all of which had references to "bitcoin".  The intruder proceeded to compromise those Linode Manager accounts, with the apparent goal of finding and transferring any bitcoins.  Those customers affected have been notified.  If you have not received a notification then your account is unaffected.  Again, only eight accounts were affected.

The portal does not have access to credit card information or Linode Manager user passwords.  Only those eight accounts were viewed or manipulated -- no other accounts were viewed or accessed.

Security is our number one priority and has been for over eight years. We depend on and value the trust our customers have placed in us. Now, more than ever, we remain committed to ensuring the safety and security of our customers' accounts, and will be reviewing our policies and procedures to prevent this from ever recurring.
slush
Legendary
*
Offline Offline

Activity: 1358



View Profile WWW
March 02, 2012, 02:47:50 AM
 #140

Regardless, I find it hard to believe that a hacker who supposedly has access to all of the Linodes uses that ability to hijack a few bitcoins.

If you call 13000+ BTC a "few coins", then please send me few coins back. I bet that bitcoins are the most valuable information across Linode servers at all.

Pages: « 1 2 3 4 5 6 [7] 8 9 10 11 12 13 14 15 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!