Bitcoin Forum
December 07, 2016, 08:20:39 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  

Warning: Moderators do not remove likely scams. You must use your own brain: caveat emptor. Watch out for Ponzi schemes. Do not invest more than you can afford to lose.

Pages: « 1 2 3 4 [5] 6 7 »  All
  Print  
Author Topic: [BDK] - Liquidating, Permanent Closure -  (Read 15244 times)
Kluge
Donator
Legendary
*
Offline Offline

Activity: 1218


Michael, send me some coins before I hitman you


View Profile
July 20, 2012, 07:47:01 AM
 #81

Everyone replied to, I believe.

An alternative to BitInstant has been launched for "Significant" business associates of BDK. https://bitcointalk.org/index.php?topic=94264

No website is planned, and this service will be eventually discontinued as community services improve. It is not a "trading platform" in that I'm not going to let people have long-term balances with me..... Though that'd be interesting if I wanted to go full-retard with fractional reserves.

Don't mix your coins someone said isn't legal
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481142039
Hero Member
*
Offline Offline

Posts: 1481142039

View Profile Personal Message (Offline)

Ignore
1481142039
Reply with quote  #2

1481142039
Report to moderator
1481142039
Hero Member
*
Offline Offline

Posts: 1481142039

View Profile Personal Message (Offline)

Ignore
1481142039
Reply with quote  #2

1481142039
Report to moderator
1481142039
Hero Member
*
Offline Offline

Posts: 1481142039

View Profile Personal Message (Offline)

Ignore
1481142039
Reply with quote  #2

1481142039
Report to moderator
on9isrock
Member
**
Offline Offline

Activity: 70



View Profile
July 21, 2012, 02:48:24 PM
 #82

PM sent.
i am glad bitcoin forum allows people to lend BTC
hope this services not gone

my address :18TTx6qBr2LTiyRu6SuLDX1SFwDCQyeJRC
Kluge
Donator
Legendary
*
Offline Offline

Activity: 1218


Michael, send me some coins before I hitman you


View Profile
July 21, 2012, 03:40:49 PM
 #83

Laptop died about an hour and a half ago. Has been overheating for a while, need to buy a new one. Sharing PC with wife, who uses computer about as often as me, so I'll be a bit unresponsive until new laptop's delivered.

Cheers,
Ben

ETA: Bought a laptop on Newegg through chungenhung. Should arrive on Wednesday. Cheers!

Don't mix your coins someone said isn't legal
zvs
Legendary
*
Offline Offline

Activity: 1386



View Profile WWW
July 21, 2012, 07:24:32 PM
 #84

Just for curiosity's sake,

Quote
You also need an extensive, positive business-related reputation on this forum or OTC. I don't care about your eBay rating.

Why would one place greater emphasis on OTC than on eBay?  Someone can have eBay history back to '98, I'm not sure about this other thing.. 2011?

I suppose eBay would be more prone to have stolen accts, but if you can verify the person's identity?

I would trade with someone with 1000's of feedbacks on eBay with account since 1998, rather than someone with 50 on bitcoin-otc,  the second  would be much more likely to be building up reputation for a massive take

Dacentec, best deals for US dedicated servers. They regularly restock $20-$25 Opterons with 8-16GB RAM & 2x1-2TB HDD's (ofc, usually lots of other good stuff to choose from).  I did a Serverbear benchmark of one of my $20/mo Opteron (June last year), it's here.  Have had about a half dozen different servers with Dacentec, & none have failed to sustain at least 40MB/s (burst higher). My favorite is a 12-month rent-to-own ZT Systems 2XL5520 16GB 2x2TB SATA for $40/month (got lucky with the 'off-brand', haven't seen a RTO 2xL5520 for under $50/mo since -- at least for monthly contracts).  wholesaleinternet.com has some ancient 2-core intel CPUs @ $10/mo sometimes (I got an Intel Core 2 6300 @ 1.86GHz, with a 250GB HDD with 46000 hours on it, LOL. $20 @ Dacentec is much better, if you can grab one). joesdatacenter.com (same location as Wholesale Internet) also occasionally has specials (or if you don't want to wait, it has an AMD Opteron 170 @ $16/mo).
Kluge
Donator
Legendary
*
Offline Offline

Activity: 1218


Michael, send me some coins before I hitman you


View Profile
July 21, 2012, 07:54:01 PM
 #85

Just for curiosity's sake,

Quote
You also need an extensive, positive business-related reputation on this forum or OTC. I don't care about your eBay rating.

Why would one place greater emphasis on OTC than on eBay?  Someone can have eBay history back to '98, I'm not sure about this other thing.. 2011?

I suppose eBay would be more prone to have stolen accts, but if you can verify the person's identity?

I would trade with someone with 1000's of feedbacks on eBay with account since 1998, rather than someone with 50 on bitcoin-otc,  the second  would be much more likely to be building up reputation for a massive take
Difficult to verify the owner of the eBay account is the person I'm talking to, and more prone to hacking attempts than OTC. If someone with an extensive eBay history would post an item from the account, then it would be considered acceptable "Proof of Reputation."

Don't mix your coins someone said isn't legal
stochastic
Hero Member
*****
Offline Offline

Activity: 532


View Profile
July 21, 2012, 08:41:26 PM
 #86

Just for curiosity's sake,

Quote
You also need an extensive, positive business-related reputation on this forum or OTC. I don't care about your eBay rating.

Why would one place greater emphasis on OTC than on eBay?  Someone can have eBay history back to '98, I'm not sure about this other thing.. 2011?

I suppose eBay would be more prone to have stolen accts, but if you can verify the person's identity?

I would trade with someone with 1000's of feedbacks on eBay with account since 1998, rather than someone with 50 on bitcoin-otc,  the second  would be much more likely to be building up reputation for a massive take
Difficult to verify the owner of the eBay account is the person I'm talking to, and more prone to hacking attempts than OTC. If someone with an extensive eBay history would post an item from the account, then it would be considered acceptable "Proof of Reputation."

Ebay's feedback ratings were not very robust until 2007.  Before that it was easy to build positive feedback without having any substance to back it up.  Still now one could have thousands of penny auctions and still get quality feedback.

Introducing constraints to the economy only serves to limit what can be economical.
Kluge
Donator
Legendary
*
Offline Offline

Activity: 1218


Michael, send me some coins before I hitman you


View Profile
July 22, 2012, 02:19:04 AM
 #87

An alternative to BitInstant has been launched for "Significant" business associates of BDK. https://bitcointalk.org/index.php?topic=94264
I need more ideas for services depositors would be interested in receiving at subsidized rates in exchange for me not being able to offer the rates of a PPT.

The grand scheme will all come together with ioucoin.com. I'll soon talk to tosaki about another sub-service I intend to launch with it, but for now, I really need ideas for what people are interested in which would fall in the realm of something IOU would be particularly well-equipped to handle. Buying Bitcoins, selling Bitcoins, lending Bitcoins... I suppose we can implement recurring payments from ioucoin.com and not have demand deposits (too black to be "legally gray"), but do private e-wallet service with a fee attached, or make CDs more flexible somehow.... Idunno, I'm sure someone in the community could think of a  more ideal solution.

The requirements currently attached to "P&P" will be completely different once ioucoin.com is launched and depositors are given accounts to the site.

Don't mix your coins someone said isn't legal
Kluge
Donator
Legendary
*
Offline Offline

Activity: 1218


Michael, send me some coins before I hitman you


View Profile
July 22, 2012, 04:17:34 PM
 #88

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Multiple logins were attempted in a personal email account from a Tor exit node and shortly after by an Amazon cloud server (which seems to have succeeded and has been reported to AWS). I am assuming all email data sent to Benjm00@gmail.com has been compromised. All other email accounts do not appear touched. The password is shared, but I only allow one "sensitive" website to use one shared password. My initial assumption is that this is related to the multiple Bitcoinica thefts, but this is certainly not certain. I'm not sure how I managed to let it slip my mind that I used the same password elsewhere. My MtGox account, Bitcoin Wallet, and various bank/CU accounts are not assumed to be at risk unless I left compromising information in my email account. There is currently no assumed risk for Bitcoins being stolen. There is currently no assumed risk for USD being stolen. It is assumed very likely that all information sent to my email address has been compromised, including contact information (which includes Paypal receipts) sent to that email account. It is assumed very likely the attacker has sensitive personally-identifying information.

Obvious security measures have been taken to prevent future attempts. Please do not contact me with sensitive information without using a known gpg key until I have everything locked down and resolved. Please do not assume communications from me are indeed from me unless I have signed them using a known gpg key until I say otherwise.

I will provide any important updates as I'm aware of them. I apologize for any potential inconvenience or damages caused by this.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)

iQEcBAEBAgAGBQJQDCedAAoJEBR6Ov1xmEtJZDwH/iH2GTaFxyT5KjTxWAMmt5Ad
5bERY7FvLu7BSaYmTsnkv4MYA0COOsCKd/e22tOCO997ElcuEUjSdGUdpq+6OuiL
5GQGzzQsLHqc5JRQRQ4m//CQ2aqbGldDiYrBj5aZXLfmIUNBjcOTM5ijsUDJJSgY
PwCGYLAHR56O9Aa7aL0L78CBCDEVmLzG0gqEjmpczBnKXA34NCV1KUs8hLlLeNEq
zp/VQHE7FFmZLMW7fkrb/mhhWiT0p3Api/g25M7CAJsSp52ima4Z/HwAwmMcpqYD
atwTPQ6VoULi2762Pevinl546otec4NyxWjcD3i0T0zw5LVDe0EdncnH9YsMjYU=
=llL8
-----END PGP SIGNATURE-----

Don't mix your coins someone said isn't legal
Kluge
Donator
Legendary
*
Offline Offline

Activity: 1218


Michael, send me some coins before I hitman you


View Profile
July 22, 2012, 04:30:54 PM
 #89

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Please now assume all GPG keys are invalid less the one I'm posting below.

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2.0.17 (MingW32)

mQENBFAMKn8BCADBlIM9q9sPF+qXzOR/Q4Y6bWnfwhwirwm3b2cy18xlN1c/Uort
fo2/UvMnC1ZZcNLClk/9LSw/wQaCOHUQocKoDUclgUYtNigXW5BDRAasP8+x59nk
PmapFfTvtBaePOccTyrQfj4A3q9an19jtq0KWy8yTQkvdWWRxP7eeWQ+suqzPXou
+/Tz8PvnEsaPm0tsk2UO238aUG+jWEqTf6Nhei9w13F4OMVoIZ5FyiYfC3gC3H6a
F78OouVWQKmK/pSlGzTjKdc1lJPtDyQ0M6fU8QIXwzg2Mx53pYB5DNVuLYOI8svs
JcskGz7sQPledsSkYilJATm/RpO2XtdsAHu1ABEBAAG0HUJlbiBNYWxlYyA8YWRt
aW5AaW91Y29pbi5jb20+iQE4BBMBAgAiBQJQDCp/AhsDBgsJCAcDAgYVCAIJCgsE
FgIDAQIeAQIXgAAKCRDUTuUmjkucyHgzB/wKvtrZspcl+A5KeYfu1FwcBf336nIq
V4wetRZKIzHP2Ar3ed+GwaYfQLmqL7ED7uogaO4Ob36MjALAI0Qy1eQ3Vb6xSTeU
i7iTSv7eTnlYMNdHZaCCzD6A7wH+YtMppYbw6o/tqzprvGSMNCvtvwHrukUvbhg8
LeN2P7pjqUBwJ2yqiHty43Tpf2yt5MEKFvCfoCidCNCOHD8RmbvMAjnJ3O661UzG
Uwfg4HH1UM48CCXDJU2xzIEA8KLVr7GB9SVjS2/BkdIZJpoabIR8SXo35UYcGBuF
hXyQrEkfmcLMTDCPQAjKtoE3usbhu8wn4uzpLsRqWYYtFGGBBnetpKXcuQENBFAM
Kn8BCADHB2/pXyNPoZsnzY3rbk8IwonYqNQ53oGUUflvPk0sHx40lnJLmMXOO2Jf
BqDzCDVctnt6DuUTGwHIfVzRnS2tfYM/3vJEI9apcDYkfaRhokeVq0FYb+HFyoi1
crCFAMMyykTT+FlsyCnI+QC+TQM0MYxlyJLtStzpQqi3u1MugE33UY47W1foxnRE
AbObWxInxg5fYMBdi6xOtWPnOZAKUp/0HKJA7a67+SZn71/di+sN4C+VJdQiHfGr
3G5ibqrAICZbLcZXC73ovDOxLHLoWz/n8U6Be4bfk+cj1BMOvun+12ybLUwD/+dp
sBYXdoP8Z6J+0qFZ2SS5iIu6uFX3ABEBAAGJAR8EGAECAAkFAlAMKn8CGwwACgkQ
1E7lJo5LnMhxaQf/QtO21zCVGZnuANf4kGYwU9wFtJhe/WwnFgnjM16X2W+oB7Bx
SYwd+RQknpfQPa5W1GQkojzCrb9Xo2H9obaGGfpafGzXPBPD4y232jIhl7f1hpIr
km96ZjK7Y2Raa1qOUl9uGbAGzU0rqJd40maREihlRwNPb2ZJZ4PD61DpTYK/z0Rj
lHu7C8ThSjclx/PCKu+WXfFYyxFjH7ERmweaIX75UbCB8JqMHBDpF8o2he4gT0Mw
XLJKoktu0a8FeerD8WTzws2JQuPj4HIy4L6zAUcA+q5U91a2ZEWfIrOL1kPuc/v4
6xdFExQvdAuMdI0byCZNMrffEj0Jazwwf8P5dA==
=05jB
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)

iQEcBAEBAgAGBQJQDCq2AAoJEBR6Ov1xmEtJX8QH/Ax20kYTqDqlzgAt1VwNiGOR
K725pMy8vgW1EZTlNwgejBzehSErp9yEuTIMclyNL5JfHf7n8vKVXF9KKQQQ0QXh
s0/EE7Rcrfgd17ad66ReIf1IaEndKBdO+5YhJgcBtqjSvB1kKpUy2GBG0RM/3vsY
W/vj2XtgJdgAVrnN8jytUScZ7z1OAMCXq6jSUIbV5z9SPM2L2TwiEQo7HO89RNIY
3vr5/XEWE/87IY3vzBRYOF3L4C0KPUms5VQi0BNChjbdL9jilS2vbRotK3wqniew
UJxw+bCYpR5Y4mqWq2/l1b6QVhtwD4OEyP9Fv4ujQrswL33wFIzHdLoW8tE0Ais=
=BfPe
-----END PGP SIGNATURE-----

Don't mix your coins someone said isn't legal
silverbox
Legendary
*
Offline Offline

Activity: 910


View Profile
July 22, 2012, 04:35:50 PM
 #90

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Multiple logins were attempted in a personal email account from a Tor exit node and shortly after by an Amazon cloud server (which seems to have succeeded and has been reported to AWS). I am assuming all email data sent to Benjm00@gmail.com has been compromised. All other email accounts do not appear touched. The password is shared, but I only allow one "sensitive" website to use one shared password. My initial assumption is that this is related to the multiple Bitcoinica thefts, but this is certainly not certain. I'm not sure how I managed to let it slip my mind that I used the same password elsewhere. My MtGox account, Bitcoin Wallet, and various bank/CU accounts are not assumed to be at risk unless I left compromising information in my email account. There is currently no assumed risk for Bitcoins being stolen. There is currently no assumed risk for USD being stolen. It is assumed very likely that all information sent to my email address has been compromised, including contact information (which includes Paypal receipts) sent to that email account. It is assumed very likely the attacker has sensitive personally-identifying information.

Obvious security measures have been taken to prevent future attempts. Please do not contact me with sensitive information without using a known gpg key until I have everything locked down and resolved. Please do not assume communications from me are indeed from me unless I have signed them using a known gpg key until I say otherwise.

I will provide any important updates as I'm aware of them. I apologize for any potential inconvenience or damages caused by this.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)

iQEcBAEBAgAGBQJQDCedAAoJEBR6Ov1xmEtJZDwH/iH2GTaFxyT5KjTxWAMmt5Ad
5bERY7FvLu7BSaYmTsnkv4MYA0COOsCKd/e22tOCO997ElcuEUjSdGUdpq+6OuiL
5GQGzzQsLHqc5JRQRQ4m//CQ2aqbGldDiYrBj5aZXLfmIUNBjcOTM5ijsUDJJSgY
PwCGYLAHR56O9Aa7aL0L78CBCDEVmLzG0gqEjmpczBnKXA34NCV1KUs8hLlLeNEq
zp/VQHE7FFmZLMW7fkrb/mhhWiT0p3Api/g25M7CAJsSp52ima4Z/HwAwmMcpqYD
atwTPQ6VoULi2762Pevinl546otec4NyxWjcD3i0T0zw5LVDe0EdncnH9YsMjYU=
=llL8
-----END PGP SIGNATURE-----


Ouch.  Sad
Kluge
Donator
Legendary
*
Offline Offline

Activity: 1218


Michael, send me some coins before I hitman you


View Profile
July 22, 2012, 04:57:21 PM
 #91

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

It was the LastPass account which was compromised. Assume everything is at risk of being compromised, including this computer until I boot into Linux and change everything all over again, which I'm doing now.

- -Ben
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)

iQEcBAEBAgAGBQJQDDDtAAoJENRO5SaOS5zIWJoH/2F+9z0loxNcwJjF1GJkui3W
DoTGBd4uYfQ8E1psaam/G9meCUuU64svFOwTqRhAFIGAuRbRrBfkVe3AM6A7BtlC
vLoRXa4ywhuRJjCuWqRTqI/B+8g2fL/bDaSe5/ewYgpyUo7b10JrzhRw9ZQJcx3c
EXQYFW7pirtnkpaJG231JqXmz3ZNMMtZzbMw6mmGnueanBp68LzREf8f+34gD4nU
xd1OhoZL4TxDz4NNumwPK5HEYHXIPs1Mz1xOSXKlK8bPRHoXjuwwdtnTVvJXPUOe
3ANkgeRIbjzXmDsQ1p9yxkFrPL7W6oAVha55SRgys6AfImMZijdgKuw2apkv71k=
=astw
-----END PGP SIGNATURE-----

ETA: 07/22/2012 04:54:25 LastPass.com 81.169.155.246 tor.fabiankeil.de Website
This was about an hour prior to the Gmail.com compromise.

Don't mix your coins someone said isn't legal
Kluge
Donator
Legendary
*
Offline Offline

Activity: 1218


Michael, send me some coins before I hitman you


View Profile
July 22, 2012, 06:42:44 PM
 #92

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Everything appears to be remaining untouched. Additional Yubikeys coming within a few days. Will be continuing to change things around and freezing accounts. I can't help but think the attacker is friendly. He had 3 hours to do whatever he wanted. Could've withdrew tens of thousands of dollars, could've maxed out credit cards, could've at least transfered BTC from GLBSE.

Yet all which appears to have been done is unauthorized entry into LastPass and Gmail, not even touching Google Docs. No emails were sent, nothing was deleted. Nothing was modified on Lastpass - he let me come right back on and reclaim everything. He even logged into Gmail using an IP which alerted me to his presence, when he had an AWS address (which he later used) which went through Google's checks without incident.

If that person were to want a reward, I am very grateful. AFAIK, everything is now much more secure, and there are no losses to report.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)

iQEcBAEBAgAGBQJQDErgAAoJENRO5SaOS5zIvnoH/RcL5QfeXV1RvY+barnkaNUa
Qe8T7saG6MLn3nIFB8798kKdnTZu5oMbgdkj98nmA77zJ43vj0cmAXJRCqJFN/+g
5n8zF9eltiZd+c3pMMqYA1mLznG8AMFhNeoFb1kyc9MgxJiF4zGTpzLRxmPODosv
Qzo4l4hi3Z/Hl4ad/Biy9YV1xP8llWMtPq+wVzKACQTqn1DTBuwaz8BJ6Jb3y0Qk
FMA/LQjMzO0CuWSJcrbfEP0cAUoZNn558wLBXMwYxojNOdC+Tq5OIgLCBbZUC4ee
DTtiDaNP0dCKIK1PAPX1fW+ZKoJd+l48smVY/4iFCZtoCmruZIfoB4c3bzZraLM=
=4RAH
-----END PGP SIGNATURE-----

Don't mix your coins someone said isn't legal
Kluge
Donator
Legendary
*
Offline Offline

Activity: 1218


Michael, send me some coins before I hitman you


View Profile
July 22, 2012, 06:55:23 PM
 #93

Spoke too soon.

Don't mix your coins someone said isn't legal
Kluge
Donator
Legendary
*
Offline Offline

Activity: 1218


Michael, send me some coins before I hitman you


View Profile
July 22, 2012, 07:13:32 PM
 #94

From BTC:  -41.98   13Kqkv3QAvfQRGnuZySLBXPhJTtbWiAiyr   2012-07-22 14:49:23
From BDK: -85.8435   13Kqkv3QAvfQRGnuZySLBXPhJTtbWiAiyr   2012-07-22 14:51:43
From BDK.BND: -216.2935   13Kqkv3QAvfQRGnuZySLBXPhJTtbWiAiyr   2012-07-22 14:54:19

Don't mix your coins someone said isn't legal
der_meister
Full Member
***
Offline Offline

Activity: 141



View Profile
July 22, 2012, 07:42:01 PM
 #95

Just noticed that the bidwall @BDK.BND is gone. Embarrassed

Moving on is a simple thing,
what it leaves behind is hard...
PatrickHarnett
Hero Member
*****
Offline Offline

Activity: 518



View Profile
July 22, 2012, 08:14:05 PM
 #96

Yes, his GLBSE account was hacked and appears all the shares/assets were crashed into whatever bids were there.  Expect some reversals.  14000 BDK.BND at basically zero price isn't reasonable.
gabbynot
Sr. Member
****
Offline Offline

Activity: 338


View Profile
July 22, 2012, 08:23:24 PM
 #97

I'd be taking a good look at any GLBSE accounts that just happened to place low-ball bids on those securities...
Kluge
Donator
Legendary
*
Offline Offline

Activity: 1218


Michael, send me some coins before I hitman you


View Profile
July 22, 2012, 08:24:51 PM
 #98

My assumption of the events so far:
[1]Everything from Bitcoinica has been leaked, including credentials. I haven't been keeping up as much as I should have since I had nothing in there -- maybe that's already public knowledge. The other alternative is that EMC's credentials db was compromised, but I find that hard to believe. There are some other alternatives, including a brute force attack, which seem even more unlikely.
[2]It's possible I was stupid enough to use the same or similar password on Bitcoinica as LastPass. Clearly, I was stupid enough to use the same Gmail pw as Bitcoinica. I no longer have history of what my old LP master password was before changing it.
[3]The attacker accidentally logged onto Gmail using Tor, without realizing Gmail has Tor mostly blacklisted. He was not expecting me to be alerted. Perhaps he did not expect me to wake up relatively soon. Had he been more clever, he would have used the AWS server in MI to begin with.
[4]The attacker then....? Well, I'm not really sure what he did from 6am to 1:30pm. Maybe took a nap.
[5]While the attacker was napping and I was alerted to the unauthorized use, I changed all of my passwords to sensitive sites, including GLBSE, and LastPass, obviously.
[6]I eventually emailed Nef (11:30am? I don't have access to that email account right now), asking him to freeze my account and release recent activity info to me.  He did not respond, I assume because he was sleeping.
[7]I'm assuming the session the attacker had active from before I changed the password never expired on GLBSE, nor was revoked when I changed the pw. I did not think to enable 2FA for all activities until after the withdrawal. I did not have 2FA enabled prior to this attack because I'm too cheap to buy a cell phone -- that "frugality" has obviously bitten me in the ass. (Actually, I would've had an AT&T smartphone a few days ago if they allowed me to have a different shipping and billing address....)
[8]Around 1:45pm, I was alerted to BDK.BND being dumped. You can see https://bitcointalk.org/index.php?topic=67446.msg1046806#msg1046806 for how much was withdrawn. The funds from the BTC account were withdrawn by dumping the few remaining securities I kept. No new securities were issued, but the attacker sold all securities in the account. At that time, it was obvious what happened. I emailed Nef somewhere between 1:45p and 2p, asking him to halt all withdrawals (withdrawals from GLBSE are not immediate). I assume he was still sleeping -- he's in the UK and works just about his entire day, so understandable. At least one other lender texted Nefario as an additional alert, but it was quickly too late, and the withdrawal was processed.


Currently, I am not aware of any losses outside of what I have already reported. I have moved all coins out of my possession in case the primary OS was compromised. Ideally, Nef will reverse the fraudulent transactions.

Current "hard" losses are 344.117BTC. "Soft" losses (currently non-reversed GLBSE transactions) could push total losses near or above 2kBTC, but I'm assuming Nef will reverse the unauthorized transactions. Either way, BDK is not at immediate risk of insolvency.

Don't mix your coins someone said isn't legal
Scott J
Legendary
*
Offline Offline

Activity: 1540



View Profile WWW
July 22, 2012, 08:40:18 PM
 #99

Best of luck sorting everything out.

This thread has shown me how important it could be to have an emergency, secure address to send your BTC to.

Kluge
Donator
Legendary
*
Offline Offline

Activity: 1218


Michael, send me some coins before I hitman you


View Profile
July 22, 2012, 10:22:58 PM
 #100

Thanks to other lenders and related parties who have set up an extremely generous "relief fund" for me. This includes Gigavps, Copumpkin, and Pat. I really have absolutely no excuse not to get a smartphone tomorrow, though I was also very recently made aware of a utility called "JAuth" which does not require a cell phone for 2FA.

I'd also like to thank the large depositor who has stated he'll continue to do business with me, even when I've clearly messed up.

Thanks, all.

ETA: By request, the only IP addresses I currently have:
LP
07/22/2012 04:54:25 LastPass.com 81.169.155.246 tor.fabiankeil.de Website
Gmail
(//Tor login Gmail didn't permit to go through) Unknown    146.185.23.179    6:40 am (16 hours ago)
(//AWS login Gmail did permit) Browser    174.129.167.14     6:59 am (16 hours ago)

Initial response from AWS after filing report yesterday morning:
"We've determined that an Amazon EC2 instance was running at the IP address you provided in your abuse report. We'll investigate the complaint to determine what additional actions, if any, need to be taken in this case."

I asked Nefario for recent login info from GLBSE yesterday morning, but as of 11:20p EDT, still dunno what's up.

Don't mix your coins someone said isn't legal
Pages: « 1 2 3 4 [5] 6 7 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!