Bitcoin Forum
March 28, 2024, 02:04:37 PM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 4 5 6 [7] 8 »  All
  Print  
Author Topic: Bitcoinica lost 43,554 BTC from Linode compromise, suspicious TXIDs publicized  (Read 56369 times)
Rassah
Legendary
*
Offline Offline

Activity: 1680
Merit: 1035



View Profile WWW
March 02, 2012, 07:47:50 PM
 #121

Insure for a certain amount of USD/Fiat based on business risks, instead of a specific BTC value. To be safe, the Bitcoin business operator can insure for more than they actually have in case they get more. It's doable. Just stupid expensive.
The network tries to produce one block per 10 minutes. It does this by automatically adjusting how difficult it is to produce blocks.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1711634677
Hero Member
*
Offline Offline

Posts: 1711634677

View Profile Personal Message (Offline)

Ignore
1711634677
Reply with quote  #2

1711634677
Report to moderator
1711634677
Hero Member
*
Offline Offline

Posts: 1711634677

View Profile Personal Message (Offline)

Ignore
1711634677
Reply with quote  #2

1711634677
Report to moderator
ball4thegame
Sr. Member
****
Offline Offline

Activity: 309
Merit: 251


View Profile
March 02, 2012, 07:50:54 PM
 #122

Just a thought to share with Zhou and others trying to locate the thief...

Approximately a week ago on the SR forums, there was someone who put out a $30,000 offer to anyone who would submit ID info and such to Mt Gox to enable him/her to withdraw from a large account without giving up his/her real information. Perhaps this was the hacker trying to cover his identity for his future 'endeavor'. Figured I would let people know.

Link?

Can't access from work, will try to post it later if nobody else does. It was in the discussion section on the SR forums.
runeks
Legendary
*
Offline Offline

Activity: 980
Merit: 1008



View Profile WWW
March 02, 2012, 07:51:40 PM
 #123

I think insurance companies would get a lot of cases on their hands if they started insuring bitcoins. I mean, how can you insure something that can be stolen without leaving any trace?
mc_lovin
Legendary
*
Offline Offline

Activity: 1190
Merit: 1000


www.bitcointrading.com


View Profile WWW
March 02, 2012, 07:55:12 PM
 #124

i pretty much saw this coming.
neo_rage
Full Member
***
Offline Offline

Activity: 196
Merit: 100



View Profile
March 02, 2012, 07:55:57 PM
 #125

Awesome. Hope that you guys solve this problem with a little troubles.

Thanks god I'm not mining at Bitcoinica, but i'm with you.

Clipse
Hero Member
*****
Offline Offline

Activity: 504
Merit: 502


View Profile
March 02, 2012, 08:10:41 PM
 #126

Awesome. Hope that you guys solve this problem with a little troubles.

Thanks god I'm not mining at Bitcoinica, but i'm with you.

Bitcoinica is far from a mining pool Wink

...In the land of the stale, the man with one share is king... >> Clipse

We pay miners at 130% PPS | Signup here : Bonus PPS Pool (Please read OP to understand the current process)
bitcoinBull
Legendary
*
Offline Offline

Activity: 826
Merit: 1001


rippleFanatic


View Profile
March 02, 2012, 09:30:19 PM
 #127

I cant help but know some Linode employee wont be at work tomorrow.

This all is way way way to convenient, seems like an inside job planned overtime with the knowledge of who runs worthwhile bitcoin services and on which VPS accounts.

This is alot of money, please for all of us make its your top priority to get compensation out of Linode otherwise any future losses less than this would be seen acceptable by these crappy hosting companies or other services.

Indeed. It seems rather odd that a random hacker would systematically probe linode for security flaws, and then magically find 8 customers related to bitcoin, and methodically empty their wallets. This is clearly somebody from the inside.

They could have been observing bitcoin node ip addresses and found that 8 of them belonged to linode.  Could have observed that the transaction broadcasts of bitcoinica withdrawals were originating from one of those 8.  Then concluded that bitcoinica's hot wallet was on a linode VPS.

College of Bucking Bulls Knowledge
Herodes
Hero Member
*****
Offline Offline

Activity: 868
Merit: 1000


View Profile
March 03, 2012, 12:17:16 PM
 #128

I cant help but know some Linode employee wont be at work tomorrow.

This all is way way way to convenient, seems like an inside job planned overtime with the knowledge of who runs worthwhile bitcoin services and on which VPS accounts.

This is alot of money, please for all of us make its your top priority to get compensation out of Linode otherwise any future losses less than this would be seen acceptable by these crappy hosting companies or other services.

Indeed. It seems rather odd that a random hacker would systematically probe linode for security flaws, and then magically find 8 customers related to bitcoin, and methodically empty their wallets. This is clearly somebody from the inside.

They could have been observing bitcoin node ip addresses and found that 8 of them belonged to linode.  Could have observed that the transaction broadcasts of bitcoinica withdrawals were originating from one of those 8.  Then concluded that bitcoinica's hot wallet was on a linode VPS.

Yes, but would it not be likely that he/they would need intimiate knowledge of the linode systems, meaning they would need to be a customer or already a sysadmin at Linode ?
BkkCoins
Hero Member
*****
Offline Offline

Activity: 784
Merit: 1009


firstbits:1MinerQ


View Profile WWW
March 03, 2012, 12:46:08 PM
 #129

I cant help but know some Linode employee wont be at work tomorrow.

This all is way way way to convenient, seems like an inside job planned overtime with the knowledge of who runs worthwhile bitcoin services and on which VPS accounts.

This is alot of money, please for all of us make its your top priority to get compensation out of Linode otherwise any future losses less than this would be seen acceptable by these crappy hosting companies or other services.

Indeed. It seems rather odd that a random hacker would systematically probe linode for security flaws, and then magically find 8 customers related to bitcoin, and methodically empty their wallets. This is clearly somebody from the inside.

They could have been observing bitcoin node ip addresses and found that 8 of them belonged to linode.  Could have observed that the transaction broadcasts of bitcoinica withdrawals were originating from one of those 8.  Then concluded that bitcoinica's hot wallet was on a linode VPS.

Yes, but would it not be likely that he/they would need intimiate knowledge of the linode systems, meaning they would need to be a customer or already a sysadmin at Linode ?
No, this is exactly how hackers work. They explore and try tons of different attack vectors until they find ones that work. Whether this was an insider or not I don't know but certainly a hacker wouldn't need to be an insider. This is what they do. They find flaws and dig in deeper until they can leverage the flaws. (I'm saying hacker but a more correct term would be "cracker".)

muyuu
Donator
Legendary
*
Offline Offline

Activity: 980
Merit: 1000



View Profile
March 03, 2012, 12:52:33 PM
 #130

Bitcoinica was also in Rackspace, right?

Well, this just in http://www.rackspace.com/knowledge_center/content/slicehost-forum-archive-migration-and-conversion

Rackspace's slicehost forum user DB compromised. They are a bit unclear on how and what exactly was compromised, and why do they know it.

This shouldn't in theory affect rackspace users but is a fair warning on not reusing passwords and also not having your passwords anywhere near "the cloud"...

GPG ID: 7294199D - OTC ID: muyuu (470F97EB7294199D)
forum tea fund BTC 1Epv7KHbNjYzqYVhTCgXWYhGSkv7BuKGEU DOGE DF1eTJ2vsxjHpmmbKu9jpqsrg5uyQLWksM CAP F1MzvmmHwP2UhFq82NQT7qDU9NQ8oQbtkQ
gamer4156
Sr. Member
****
Offline Offline

Activity: 1008
Merit: 250



View Profile
March 03, 2012, 06:20:13 PM
 #131

I remember seeing that post on SR as well.
btcash
Hero Member
*****
Offline Offline

Activity: 968
Merit: 515



View Profile
March 03, 2012, 06:32:49 PM
 #132

How can you reimburse that much? Have you really made that much profit?

Yes, our historical profit is fairly sufficient to cover the loss from this incident, and we believe that it's the best interest for the community to keep running the business. We will take appropriate strategies and implement more security features to prevent this from happening ever again, even with the presence of dishonest partners or employees.
this is hard to believe. It takes MtGox around 2 months to earn that much and their volume is way larger then yours.

I am wondering why somemany bitcoin people used that hoster. There are thousands of hoster.
stick_theman
Sr. Member
****
Offline Offline

Activity: 372
Merit: 250


View Profile
March 03, 2012, 08:55:35 PM
 #133

How can you reimburse that much? Have you really made that much profit?

Yes, our historical profit is fairly sufficient to cover the loss from this incident, and we believe that it's the best interest for the community to keep running the business. We will take appropriate strategies and implement more security features to prevent this from happening ever again, even with the presence of dishonest partners or employees.
this is hard to believe. It takes MtGox around 2 months to earn that much and their volume is way larger then yours.

I am wondering why somemany bitcoin people used that hoster. There are thousands of hoster.

Bitcoinica is leveraged as compared to MtGox.  I have a lot of respect for you, ZT.
kurtosis
Newbie
*
Offline Offline

Activity: 17
Merit: 0


View Profile
March 04, 2012, 09:23:09 AM
 #134

I just want to note that after MtGox got severely hacked, it became one of the most secure Bitcoin exchanges out there.
I was wondering about that, being one of the people whose account was hacked.  How do you know this?
runeks
Legendary
*
Offline Offline

Activity: 980
Merit: 1008



View Profile WWW
March 04, 2012, 02:18:00 PM
 #135

How can you reimburse that much? Have you really made that much profit?

Yes, our historical profit is fairly sufficient to cover the loss from this incident, and we believe that it's the best interest for the community to keep running the business. We will take appropriate strategies and implement more security features to prevent this from happening ever again, even with the presence of dishonest partners or employees.
this is hard to believe. It takes MtGox around 2 months to earn that much and their volume is way larger then yours.
Mt. Gox only charges (at most) 0.6% in fees. Bitcoinica currently charges the equivalent of 1.168%
in fees (https://www.bitcoinica.com/ bottom page) and allows leveraged trading (buying/selling more bitcoins/dollars than you actually have). So when a guy like this short sells for $130,000 worth of bitcoins, Bitcoinica makes around $1500 in, quite literally, no time.

I just want to note that after MtGox got severely hacked, it became one of the most secure Bitcoin exchanges out there.
I was wondering about that, being one of the people whose account was hacked.  How do you know this?
I would argue that he doesn't know this. This is his reasoning: https://bitcointalk.org/index.php?topic=66979.msg779780#msg779780
I'm not saying Mt. Gox isn't secure though, please don't misunderstand me. I'm just saying we have no way of knowing - with absolute certainty - if they are. I think this is a relevant point.

Many people thought the Titanic was unable to sink. Until it sank.
zhoutong (OP)
VIP
Hero Member
*
Offline Offline

Activity: 490
Merit: 502


View Profile WWW
March 04, 2012, 06:14:19 PM
 #136

How can you reimburse that much? Have you really made that much profit?

Yes, our historical profit is fairly sufficient to cover the loss from this incident, and we believe that it's the best interest for the community to keep running the business. We will take appropriate strategies and implement more security features to prevent this from happening ever again, even with the presence of dishonest partners or employees.
this is hard to believe. It takes MtGox around 2 months to earn that much and their volume is way larger then yours.
Mt. Gox only charges (at most) 0.6% in fees. Bitcoinica currently charges the equivalent of 1.168%
in fees (https://www.bitcoinica.com/ bottom page) and allows leveraged trading (buying/selling more bitcoins/dollars than you actually have). So when a guy like this short sells for $130,000 worth of bitcoins, Bitcoinica makes around $1500 in, quite literally, no time.


Bitcoinica spreads take the market depth into account. We don't charge fees directly. Most of the time, trading on Bitcoinica is just slightly more expensive than Mt. Gox for heavy traders (who pay 0.3% at Mt. Gox), and usually cheaper for infrequent traders.

Founder of NameTerrific (https://www.nameterrific.com/). Co-founder of CoinJar (https://coinjar.io/)

Donations for my future Bitcoin projects: 19Uk3tiD5XkBcmHyQYhJxp9QHoub7RosVb
Seal
Donator
Hero Member
*
Offline Offline

Activity: 849
Merit: 1078


View Profile WWW
March 06, 2012, 01:36:35 AM
 #137

+1 to zhoutong. Respect.

Given the community collectively has a massive amount of skilled IT resource available. Why not put up some kind of community raised bounty for those 'skilled enough' to expose the thief.

I wonder if any of the 'anonymous' crowd would like some work...

DefiDive - Filter the noise
A clean crypto asset management terminal
ctoon6
Sr. Member
****
Offline Offline

Activity: 350
Merit: 251



View Profile
March 06, 2012, 03:21:40 AM
 #138

Here is my question. Why was it ever a good idea to be running a site like this where someone else has access to your machine? These types of operations should be run from locked up racks.

LightRider
Legendary
*
Offline Offline

Activity: 1500
Merit: 1021


I advocate the Zeitgeist Movement & Venus Project.


View Profile WWW
March 06, 2012, 04:41:38 AM
Last edit: March 06, 2012, 09:19:20 AM by LightRider
 #139

I don't know if this is related, but I just received a very strange, very small amount of bitcoin that I was not expecting. Is anyone else out there receiving such transactions?

http://blockchain.info/tx-index/3059769/de3177f4e929d4deb1984889aa7ad79fd2e78075e41babbda23315bb5135e71f

Edit: It looks like someone is sending out small amounts of bitcoin to a large number of public addresses in alphabetical order...I think I just got tainted...


Nevermind, I am unduely paranoid.

Bitcoin combines money, the wrongest thing in the world, with software, the easiest thing in the world to get wrong.
Visit www.thevenusproject.com and www.theZeitgeistMovement.com.
dooglus
Legendary
*
Offline Offline

Activity: 2940
Merit: 1327



View Profile
March 06, 2012, 07:53:52 AM
Last edit: March 06, 2012, 08:09:42 AM by dooglus
 #140

Edit: It looks like someone is sending out small amounts of bitcoin to a large number of public addresses in alphabetical order...I think I just got tainted...

But those coins aren't tainted.  At least not from the linode theft.

'Only' these 1062 addresses contain coins from the linode theft: http://privatepaste.com/ce5905880d

My guess would be that this transaction was made by http://dailybitcoins.org/ - do you use them?

dailybitcoins.org:
* sends out their payments around 3am (your transaction was at 2012-03-06 03:55:43)
* mostly sends out 0.001 bitcoins, almost never less, with a few bigger (yours has 55 of 0.001, 24 of 0.005, 1 of 0.015 and some change)
* puts the addresses in alphabetical order
* usually has 81 outputs in their transactions (your transaction in blockexplorer: http://blockexplorer.com/tx/de3177f4e929d4deb1984889aa7ad79fd2e78075e41babbda23315bb5135e71f - has 81 outputs)

I think it's a pretty good guess that it's them.

Just-Dice                 ██             
          ██████████         
      ██████████████████     
  ██████████████████████████ 
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
    ██████████████████████   
        ██████████████       
            ██████           
   Play or Invest                 ██             
          ██████████         
      ██████████████████     
  ██████████████████████████ 
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
    ██████████████████████   
        ██████████████       
            ██████           
   1% House Edge
Pages: « 1 2 3 4 5 6 [7] 8 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!