Bitcoin Forum
November 19, 2024, 02:31:08 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 4 5 6 7 8 9 10 11 12 »  All
  Print  
Author Topic: klee's hacked 1170 btc, Part II  (Read 10876 times)
haploid23 (OP)
Legendary
*
Offline Offline

Activity: 812
Merit: 1002



View Profile WWW
July 13, 2014, 09:10:12 AM
Last edit: July 19, 2014, 07:04:34 PM by haploid23
 #1

One of the condition of the hacker was for klee to lock the original bounty thread. I've been following that thread, so I suppose if there's anything left that can be done or posted about, it can be continued in here. It just really sucks to see klee admit defeat and forced to accept the ransom for just a fraction of what he originally lost.

https://bitcointalk.org/index.php?topic=686275.0


How was the 462 btc amount determined?

crunck
Legendary
*
Offline Offline

Activity: 1176
Merit: 1005


crunck


View Profile
July 13, 2014, 09:19:47 AM
 #2

Indeed I have also been following this on the nxt forum, and whilst of coarse I feel for the guy, if he had followed standard protocols he would still have his BTC and nxt I mean who in this day and age leaves his PW's in a flat txt file ?

.
.7 BTC  WELCOME BONUS!..
███████████████████████████
██████████▀▀▄▄▄▄▄ ▄▀▀██████
█████████▄██████ ████ ▀████
██████▀▀ ▄▄▄▄ ▀▀███▀▄██ ███
████▀   ██████   ▀██████ ██
███ ▄▄▄████████▄▄▄ ██▄▄▄ ██
██ █████▀    ▀█████ ████ ██
██  ▀██        ███▀ ███ ███
██   ▄██▄    ▄██▄   █▀▄████
███ ▄████████████▄ ████████
████▄▀███▀▀▀▀███▀▄█████████
██████▄▄      ▄▄███████████
███████████████████████████
█████████████████████████████████████████████████████████████████████████████████████████████
█████████████████████████████████████████████████████████████████████████████████████████████
█████████████████████████████████████████████████████████████████████████████████████████████
██████████████████████████████▄▄▄█████▄▄▄████████████████████████████████████████████████████
██████████▄█████▄█▄███▄█▄██████████▄██▀▀▀████████████████████████████████████████████████████
██████████████▀████▄████▀██████████████████████████▄█████▄██▄█████▄████▄████▄████▄████████
█████████████████▐█████▌███████████▄█████▀███▀▀████████▀▀▀▀█████▀▀▀██████▀▀███▀▀███████████
██████████████▄████▀████▄██████████████████▄▄▄▄▄███▄▄▄▄█████▄▄▄████████████████████████
████████████████▀█▀███▀█▀██████████▀███████▀█████████▀█████▀██▀█████▀███████████████████████
██████████████████████████████▀▀▀████████████████████████████████████████████████████████████
█████████████████████████████████████████████████████████████████████████████████████████████
█████████████████████████████████████████████████████████████████████████████████████████████
█████████████████████████████████████████████████████████████████████████████████████████████
███████████████████████████
████████▀▀  ▐█▌  ▀▀████████
██████▄     ▐█▌     ▄██████
████ ▀██▄▄███████▄▄██▀ ████
███    ██▀▀  ▄  ▀▀██    ███
██    ██   ▄███▄   ██    ██
████████  ███████  ████████
██    ██  ▀▀ █ ▀▀  ██    ██
███    ██▄▄ ▀▀▀ ▄▄██    ███
████ ▄██▀▀██████▀▀▀██▄ ████
██████▀     ▐█▌     ▀██████
████████▄▄  ▐█▌  ▄▄████████
███████████████████████████
.
.30+  ALTCOINS AVAILABLE..
cech4204a
Sr. Member
****
Offline Offline

Activity: 252
Merit: 250

12CDKyxPyL5Rj28ed2yz5czJf3Dr2ZvEYw


View Profile WWW
July 13, 2014, 09:39:55 AM
 #3

Damn, that's a big theft there , i hope police will be able to do anything about it. Well i guess i will never have a feeling how it feels, but i can imagine. I was worried for my 0.5 btc, with like 20 character PW and a 5 special backups of wallet and i was still nervous about it...1170 btc, thats just sick ammount, like 700k$, you have to have that ammount secured in cold wallet.

Bitcoin is DEAD
Swordsoffreedom
Legendary
*
Offline Offline

Activity: 2954
Merit: 1135


Leading Crypto Sports Betting & Casino Platform


View Profile WWW
July 13, 2014, 09:43:07 AM
 #4

I definitely felt for him on that one but at the least he was able to strike a deal of sorts with the hacker so there is something returning to his wallet not many people can say that.

Still qualifys on the master list though but I hope klee gets part of his coins and the scammer/hacker keeps up his part of the deal.
https://bitcointalk.org/index.php?topic=576337.msg7802304#msg7802304

..Stake.com..   ▄████████████████████████████████████▄
   ██ ▄▄▄▄▄▄▄▄▄▄            ▄▄▄▄▄▄▄▄▄▄ ██  ▄████▄
   ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██  ██████
   ██ ██████████ ██      ██ ██████████ ██   ▀██▀
   ██ ██      ██ ██████  ██ ██      ██ ██    ██
   ██ ██████  ██ █████  ███ ██████  ██ ████▄ ██
   ██ █████  ███ ████  ████ █████  ███ ████████
   ██ ████  ████ ██████████ ████  ████ ████▀
   ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
   ██            ▀▀▀▀▀▀▀▀▀▀            ██ 
   ▀█████████▀ ▄████████████▄ ▀█████████▀
  ▄▄▄▄▄▄▄▄▄▄▄▄███  ██  ██  ███▄▄▄▄▄▄▄▄▄▄▄▄
 ██████████████████████████████████████████
▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█  ▄▀▄             █▀▀█▀▄▄
█  █▀█             █  ▐  ▐▌
█       ▄██▄       █  ▌  █
█     ▄██████▄     █  ▌ ▐▌
█    ██████████    █ ▐  █
█   ▐██████████▌   █ ▐ ▐▌
█    ▀▀██████▀▀    █ ▌ █
█     ▄▄▄██▄▄▄     █ ▌▐▌
█                  █▐ █
█                  █▐▐▌
█                  █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█
▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀       ▐█▌       ▀█▄
██         ▐█▌         ██
████▄     ▄█████▄     ▄████
████████▄███████████▄████████
███▀    █████████████    ▀███
██       ███████████       ██
▀█▄       █████████       ▄█▀
▀█▄    ▄██▀▀▀▀▀▀▀██▄  ▄▄▄█▀
▀███████         ███████▀
▀█████▄       ▄█████▀
▀▀▀███▄▄▄███▀▀▀
..PLAY NOW..
Gimmelfarb
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500


View Profile
July 13, 2014, 10:16:16 AM
 #5

i imagine the 462 number is a percentage of sorts -- but it sounds like we'll never know. it's a private matter. at least he's gonna get quite a chunk back, and i'm sure he'll take better care of it now.
WootKung
Newbie
*
Offline Offline

Activity: 46
Merit: 0


View Profile
July 13, 2014, 10:19:20 AM
 #6

inb4 hacker don't give bak lol
Gimmelfarb
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500


View Profile
July 13, 2014, 10:23:03 AM
 #7

inb4 hacker don't give bak lol

not really a laughing matter. Undecided

but it sounds like he signed a message from the address (or a linked address, if it moved). and made offers/demands. i doubt someone would go to those lengths otherwise. sounds like he wants to take a hit on the total loot in order to cut off any investigation. seems wise enough.
The Avenger
Hero Member
*****
Offline Offline

Activity: 798
Merit: 1000



View Profile
July 13, 2014, 10:31:10 AM
 #8

inb4 hacker don't give bak lol

not really a laughing matter. Undecided

but it sounds like he signed a message from the address (or a linked address, if it moved). and made offers/demands. i doubt someone would go to those lengths otherwise. sounds like he wants to take a hit on the total loot in order to cut off any investigation. seems wise enough.
So far the hacker has return 4.62 BTC (not 462BTC) to the specified address. Looks like klee was scammed twice.

"I am not The Avenger"
1AthxGvreWbkmtTXed6EQfjXMXXdSG7dD6
WootKung
Newbie
*
Offline Offline

Activity: 46
Merit: 0


View Profile
July 13, 2014, 10:31:34 AM
 #9

inb4 hacker don't give bak lol

not really a laughing matter. Undecided

but it sounds like he signed a message from the address (or a linked address, if it moved). and made offers/demands. i doubt someone would go to those lengths otherwise. sounds like he wants to take a hit on the total loot in order to cut off any investigation. seems wise enough.

taunting his victim?

wanting to get the heat off so he can move the coins around?
Sydboy
Full Member
***
Offline Offline

Activity: 196
Merit: 100


View Profile
July 13, 2014, 11:10:32 AM
 #10

how does that make him scammed twice ?
fucked over twice maybe. ?

inb4 hacker don't give bak lol

not really a laughing matter. Undecided

but it sounds like he signed a message from the address (or a linked address, if it moved). and made offers/demands. i doubt someone would go to those lengths otherwise. sounds like he wants to take a hit on the total loot in order to cut off any investigation. seems wise enough.
So far the hacker has return 4.62 BTC (not 462BTC) to the specified address. Looks like klee was scammed twice.
Wolf Rainer
Legendary
*
Offline Offline

Activity: 1960
Merit: 1022


View Profile
July 13, 2014, 11:31:21 AM
 #11

750.000 GOD! I can kill my self it i lose that. But seriourly how can someone keep that money in online wallet? With my accout (less than 1 btc) i have it splitted in several wallets with three factors auth.
WootKung
Newbie
*
Offline Offline

Activity: 46
Merit: 0


View Profile
July 13, 2014, 11:37:30 AM
 #12

750.000 GOD! I can kill my self it i lose that. But seriourly how can someone keep that money in online wallet? With my accout (less than 1 btc) i have it splitted in several wallets with three factors auth.

this ^

I keep my moderate stash in 4 different paper wallets, multiple copies and i still get nervous.

i can't even imagine keeping that many bitcoin and not using paper wallets cold storage or Armory
ronskii
Newbie
*
Offline Offline

Activity: 28
Merit: 0


View Profile WWW
July 13, 2014, 11:42:18 AM
 #13

Thats a sick amount.. But the guy should be trackable don't you think so?
CIYAM
Legendary
*
Offline Offline

Activity: 1890
Merit: 1086


Ian Knowles - CIYAM Lead Developer


View Profile WWW
July 13, 2014, 11:46:58 AM
 #14

Thats a sick amount.. But the guy should be trackable don't you think so?

The BTC has already been through a mixer (as was noted by the mixer service in Klee's topic) and supposedly all records that could have traced the mixing have already been deleted (so there is no way that they can trace the hacker without at least losing their credibility as a mixing service).

I do think that the stuff about having 36 days to return the 462 BTC amount doesn't look very legit (i.e. the hacker gains 1 month to "disappear to another country").

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
Light
Hero Member
*****
Offline Offline

Activity: 742
Merit: 502


Circa 2010


View Profile
July 13, 2014, 11:59:19 AM
 #15

I do think that the stuff about having 36 days to return the 462 BTC amount doesn't look very legit (i.e. the hacker gains 1 month to "disappear to another country").

If the hacker wants it over and done with why wouldn't he just give it all over now and be done with it? Smells fishy to me.

From what I can see, so far the hacker hasn't held up on their end with the promise (the only tx to the agreed address is - https://blockchain.info/tx/bfdedc91f7f909ad56733bbcffc75214ad49f96d362ae2fb69fb6b529173686a) which is about 100x less than the overall amount and 50x less than the agreed amount for the first split.
SirChiko
Legendary
*
Offline Offline

Activity: 966
Merit: 1000



View Profile
July 13, 2014, 12:10:09 PM
 #16

I do think that the stuff about having 36 days to return the 462 BTC amount doesn't look very legit (i.e. the hacker gains 1 month to "disappear to another country").

If the hacker wants it over and done with why wouldn't he just give it all over now and be done with it? Smells fishy to me.

From what I can see, so far the hacker hasn't held up on their end with the promise (the only tx to the agreed address is - https://blockchain.info/tx/bfdedc91f7f909ad56733bbcffc75214ad49f96d362ae2fb69fb6b529173686a) which is about 100x less than the overall amount and 50x less than the agreed amount for the first split.
Maybe he is mixing these coins again to be sure, before sending them to klee?

The only online casino on which i won something. I made 17mBTC from 1mBTC in like 15 minutes.  This is not paid AD!

▀Check it out yourself▀
Light
Hero Member
*****
Offline Offline

Activity: 742
Merit: 502


Circa 2010


View Profile
July 13, 2014, 12:13:34 PM
 #17

Maybe he is mixing these coins again to be sure, before sending them to klee?

I suppose that could be possible, but why wouldn't he just send the coins from the current address their in then mix? Considering that he already received a signed message and to verify signed messages you need a Bitcoin address (and for the address to have any relevance it needs to have enough coins in it), the address is already known to at least klee... Not to mention, sending them in relatively small chunks is going to take a while if at all.
Cablez
Legendary
*
Offline Offline

Activity: 1400
Merit: 1000


I owe my soul to the Bitcoin code...


View Profile
July 13, 2014, 12:28:24 PM
 #18

Obviously, the hacker was starting to feel the heat of being scrutinized so much and worried that the mixing funds might get frozen somehow.  I really think that klee should man up like Roger Ver and leave no quarter for the scum.  Taking a token from him only condones that the behavior pays off.  It is time to turn up the heat now and not kowtow.  You have another bit in the puzzle in that the email service (albeit anonymous) might have an IP to go with the hacker. Every lead counts.

My vote is fry him, he is already nervous, don't let him sleep well at night.  Remember mister hacker, not everyone is silly enough to tip you off by posting in a forum.

Tired of substandard power distribution in your ASIC setup???   Chris' Custom Cablez will get you sorted out right!  No job too hard so PM me for a quote
Check my products or ask a question here: https://bitcointalk.org/index.php?topic=74397.0
The Avenger
Hero Member
*****
Offline Offline

Activity: 798
Merit: 1000



View Profile
July 13, 2014, 12:29:21 PM
 #19

The BTC has already been through a mixer
Wrong. No mixing has taken place on the major balances:

https://blockchain.info/address/1PkzdYBpcLvf5kKUanbp7dpGEjt9AvNVmN
https://blockchain.info/address/1EyJWr7qwJazi8F4q3uEXDJLRhSHkqfaGd
https://blockchain.info/address/1HZMa4M9ZXmcLEvALVop8Ks1dJFApMdKEU

The coins are being split into smaller and smaller amounts, but are still totally traceable to the original stolen balance.

"I am not The Avenger"
1AthxGvreWbkmtTXed6EQfjXMXXdSG7dD6
CIYAM
Legendary
*
Offline Offline

Activity: 1890
Merit: 1086


Ian Knowles - CIYAM Lead Developer


View Profile WWW
July 13, 2014, 12:32:38 PM
 #20

Wrong. No mixing has taken place on the major balances:

Then please explain what was the post from the mixing service was referring to then?

In any case it doesn't seem reasonable to require 36 days to put the rest through mixing services.

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
Pages: [1] 2 3 4 5 6 7 8 9 10 11 12 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!