klee's hacked 1170 btc, Part II

[CIYAM]

I am guessing that the hacker is now watching this topic also - he should be advised to make sure he sends the rest of the funds he promised to send ASAP.

Most of us do not see any good reason for 36 days and so it would be in his best interests to make good on this as quickly as possible.

[RocketSingh]

Klee, any explanation on why 36 days if the btc has been already laundered and are in hacker's hands?

I don't know if they are laundered or not!

According to bitmixer.io they're already are:

https://bitcointalk.org/index.php?topic=686275.msg7816359#msg7816359

How do we know it was the whole amount?

I am not sure someone could mix that easily a big amount like that.
Probably he would need smaller chunks.

As stated before: https://bitcointalk.org/index.php?topic=686275.msg7789438#msg7789438

As it is happening: https://bitcointalk.org/index.php?topic=686275.msg7816359#msg7816359

First chunk sent: https://blockchain.info/address/16NCirZABu9i56hKzfUjEvP44SdNeLRSN3

But still unconfirmed.

i/p amounts are mostly in 50 BTC.

Why the thief is spooked after mixing ?

Most probably, he has used his receiving address from mixer before which is attached to his real world identity.

Why we can do now ?

Trace back from the i/p of this Tx to find hackers identity.

https://blockchain.info/tx/98ca4040dc65dbab362645ab3241889780ee2ae839b29a6e099c98431f624f6c

p.s. As the bounty is no more... I dont know how far that would be achieved !!! But, we were close to the hacker, because of the bounty.

[RocketSingh]

I am guessing that the hacker is now watching this topic also - he should be advised to make sure he sends the rest of the funds he promised to send ASAP.

Most of us do not see any good reason for 36 days and so it would be in his best interests to make good on this as quickly as possible.

36 days time has been taken for a reason. He'll now mix the other coins using other mixers or alt coins. But as Klee has declared he is happy with 462 coins, no one will freeze his fund or trace him. He'll get enough time to cover his traces with multiple mixing. It shows again, we were close... very close. One complaint against Bitmixer could hunt him down... because, I firmly believe, he has accepted coins in a previously used address, where his identity is attached on some forum on the web.

[ShakyhandsBTCer]

I am guessing that the hacker is now watching this topic also - he should be advised to make sure he sends the rest of the funds he promised to send ASAP.

Most of us do not see any good reason for 36 days and so it would be in his best interests to make good on this as quickly as possible.

36 days time has been taken for a reason. He'll now mix the other coins using other mixers or alt coins. But as Klee has declared he is happy with 462 coins, no one will freeze his fund or trace him. He'll get enough time to cover his traces with multiple mixing. It shows again, we were close... very close. One complaint against Bitmixer could hunt him down... because, I firmly believe, he has accepted coins in a previously used address, where his identity is attached on some forum on the web.

Even if the output address was not attached to his identity, if bitmixer were to give up the output address, it would effectively make mixing coins useless and would never be able to actually cash out.

[RocketSingh]

I am guessing that the hacker is now watching this topic also - he should be advised to make sure he sends the rest of the funds he promised to send ASAP.

Most of us do not see any good reason for 36 days and so it would be in his best interests to make good on this as quickly as possible.

36 days time has been taken for a reason. He'll now mix the other coins using other mixers or alt coins. But as Klee has declared he is happy with 462 coins, no one will freeze his fund or trace him. He'll get enough time to cover his traces with multiple mixing. It shows again, we were close... very close. One complaint against Bitmixer could hunt him down... because, I firmly believe, he has accepted coins in a previously used address, where his identity is attached on some forum on the web.

Even if the output address was not attached to his identity, if bitmixer were to give up the output address, it would effectively make mixing coins useless and would never be able to actually cash out.

This is one of the o/p address provided by the thief (he is not a hacker, he has no ethics) to bitmixer.io: https://blockchain.info/address/1PGcQz81CkR7N4coxn66G3SnVXZiKA4ry7

Mixing happened here: https://blockchain.info/tx/8c0ff3dbb2d1338ac0a9f08d95c45f63131a527328376a6fbecafcd542ddf150

[CIYAM]

Agreed - a thief is not a "hacker" (according to the original meaning of hacker which we have spent many years "reclaiming").

So - I would ask the thief to return 90% of the funds (10% as a *lesson* for Klee about securing his assets seems fair to me).

[CEG5952]

Agreed - a thief is not a "hacker" (according to the original meaning of hacker which we have spent many years "reclaiming").

So - I would ask the thief to return 90% of the funds (10% as a *lesson* for Klee about securing his assets seems fair to me).

Unfortunately, we're not dealing with Robin Hood here. Everything about this says to me that the thief is just stringing along to give the least amount possible in order to halt any investigation.

[ChiliPowder]

I am guessing that the hacker is now watching this topic also - he should be advised to make sure he sends the rest of the funds he promised to send ASAP.

Most of us do not see any good reason for 36 days and so it would be in his best interests to make good on this as quickly as possible.

36 days time has been taken for a reason. He'll now mix the other coins using other mixers or alt coins. But as Klee has declared he is happy with 462 coins, no one will freeze his fund or trace him. He'll get enough time to cover his traces with multiple mixing. It shows again, we were close... very close. One complaint against Bitmixer could hunt him down... because, I firmly believe, he has accepted coins in a previously used address, where his identity is attached on some forum on the web.

Even if the output address was not attached to his identity, if bitmixer were to give up the output address, it would effectively make mixing coins useless and would never be able to actually cash out.

Could you explain this to me? What if he uses tor/tails and effectively made an address just to send the coins to. If bitmixer gives output couldnt he just say mix the coins through fog or blender and be right back to square one?:

I only ask as Im new to the inner workings Bitcoin.

[CIYAM]

Unfortunately, we're not dealing with Robin Hood here. Everything about this says to me that the thief is just stringing along to give the least amount possible in order to halt any investigation.

And unfortunately for him he has "disturbed a hornet's nest" so I guess it is up to him to work out just how clever he thinks he is (and how much stress he wants in his life).

[The Avenger]

I am not sure someone could mix that easily a big amount like that.
Probably he would need smaller chunks.

The refunded coins you have recieved certainly seem to be from a mixer, so I think it's fair to assume they were mixed by the hacker.

bitmixer say on their website they can handle sums of BTC greater than 1000BTC if they have at least 5 confirmations, so it doesn't seem impossible the hacker sent it through as one 1170BTC transaction.

That said, the scripted mixing of the 221BTC started here (as you will see, the timestamp ends with 02 seconds. The mixer processed all splits after that at 02 or 03 seconds into a new minute, obviously indicates a script at work):
https://blockchain.info/address/17eHmNKr6Cb1U4uBhcnfs3iwWKsZGtRLaV

Mixing 410BTC started here
https://blockchain.info/address/16j6RQrJc3cyGEqe6BtApXkoNZ4Yy5z5Wo

Mixing 540BTC started here
https://blockchain.info/address/14DZ3Yjb39sDTMwKd19Ly4PK15BKZfLXWZ

Which is interesting, in that I revise my assessment the hacker was a savvy hacker. I was lead to believe that by the scripted splitting of the coins etc, which was in fact the work of the mixer service.

So the hacker could be any stupid lowlife opportunist scum-fuck halfwit who got lucky raiding a dropbox.

bitmixer.io are party in a $750,000 theft. If they have deleted all their records, then it looks like they are the ones who will have to do the time for the crime.

[Benjig]

Klee, any explanation on why 36 days if the btc has been already laundered and are in hacker's hands?

I don't know if they are laundered or not!

According to bitmixer.io they're already are:

https://bitcointalk.org/index.php?topic=686275.msg7816359#msg7816359

How do we know it was the whole amount?

I am not sure someone could mix that easily a big amount like that.
Probably he would need smaller chunks.

As stated before: https://bitcointalk.org/index.php?topic=686275.msg7789438#msg7789438

As it is happening: https://bitcointalk.org/index.php?topic=686275.msg7816359#msg7816359

First chunk sent: https://blockchain.info/address/16NCirZABu9i56hKzfUjEvP44SdNeLRSN3

But still unconfirmed.

i/p amounts are mostly in 50 BTC.

Why the thief is spooked after mixing ?

Most probably, he has used his receiving address from mixer before which is attached to his real world identity.

Why we can do now ?

Trace back from the i/p of this Tx to find hackers identity.

https://blockchain.info/tx/98ca4040dc65dbab362645ab3241889780ee2ae839b29a6e099c98431f624f6c

p.s. As the bounty is no more... I dont know how far that would be achieved !!! But, we were close to the hacker, because of the bounty.

Do you think the hacker will be mixing the coins with his ip provided by local internet service? lol there is no way to trace out the real location.

[damiano]

Bitmixer has not much to do with hack, they have just provided the service for hacker.

People in the bitcoin community are so strange.

bitmixer.io knowingly accepted $750,000 in stolen funds.

They did not inform the police.

That is a crime.

Indeed it is.

Especially here in the USA

Anyone know where bit mixer.io is or hosted?

[RocketSingh]

Klee, any explanation on why 36 days if the btc has been already laundered and are in hacker's hands?

I don't know if they are laundered or not!

According to bitmixer.io they're already are:

https://bitcointalk.org/index.php?topic=686275.msg7816359#msg7816359

How do we know it was the whole amount?

I am not sure someone could mix that easily a big amount like that.
Probably he would need smaller chunks.

As stated before: https://bitcointalk.org/index.php?topic=686275.msg7789438#msg7789438

As it is happening: https://bitcointalk.org/index.php?topic=686275.msg7816359#msg7816359

First chunk sent: https://blockchain.info/address/16NCirZABu9i56hKzfUjEvP44SdNeLRSN3

But still unconfirmed.

i/p amounts are mostly in 50 BTC.

Why the thief is spooked after mixing ?

Most probably, he has used his receiving address from mixer before which is attached to his real world identity.

Why we can do now ?

Trace back from the i/p of this Tx to find hackers identity.

https://blockchain.info/tx/98ca4040dc65dbab362645ab3241889780ee2ae839b29a6e099c98431f624f6c

p.s. As the bounty is no more... I dont know how far that would be achieved !!! But, we were close to the hacker, because of the bounty.

Do you think the hacker will be mixing the coins with his ip provided by local internet service? lol there is no way to trace out the real location.

LoL... seems u have no clue how the trace back takes place

[The Avenger]

Bitmixer has not much to do with hack, they have just provided the service for hacker.

People in the bitcoin community are so strange.

bitmixer.io knowingly accepted $750,000 in stolen funds.

They did not inform the police.

That is a crime.

Indeed it is.

Especially here in the USA

Anyone know where bit mixer.io is or hosted?

Europe

Money laundering is also a crime in Europe 

[damiano]

Bitmixer has not much to do with hack, they have just provided the service for hacker.

People in the bitcoin community are so strange.

bitmixer.io knowingly accepted $750,000 in stolen funds.

They did not inform the police.

That is a crime.

Indeed it is.

Especially here in the USA

Anyone know where bit mixer.io is or hosted?

Europe

Money laundering is also a crime in Europe 

Where abouts in Europe ?

[The Avenger]

Bitmixer has not much to do with hack, they have just provided the service for hacker.

People in the bitcoin community are so strange.

bitmixer.io knowingly accepted $750,000 in stolen funds.

They did not inform the police.

That is a crime.

Indeed it is.

Especially here in the USA

Anyone know where bit mixer.io is or hosted?

Europe

Money laundering is also a crime in Europe  

Where abouts in Europe ?

You do a psychological take-down on the hacker, to the point where he begs to give back some of what he stole and it's unnoticed. Who was turning the screw? To the point the hacker himself required the thread be closed down as part of the deal, because he was reading it and some of us made it too tangible what will happen to him. He couldn't face it.

The details on bitmixer are all there, if you go searching. Shit, I even mentioned it earlier    

[jbrnt]

If I had 1000 btc stolen, I would probably take the deal. 

It is a large sum of money, and likely to appreciate even more in a few years. It is better to have something back rather than nothing at all. It is against the moral principles, but the amount is too big to risk.

[CEG5952]

Woah, you guys are turning this into a war on mixing services? Bitmixer was doing their job. They provide a service, and it would be a useless service if they retained records that would incriminate their customers.

[b!z]

[Swordsoffreedom]

First chunk sent: https://blockchain.info/address/16NCirZABu9i56hKzfUjEvP44SdNeLRSN3

But still unconfirmed.

That's good it's still something at least but yah its a bind
Best of luck with this klee now for the next one in 36 days