Mintpal hacked (VeriCoin)

[Spoetnik]

I mentioned how Cryptsy was hacked a few pages back here and i have been getting PM's since..
just now i went to Cryptsy and right away that cocky fucking prick Jshock who always acts like a fucking jerk went on to threaten me then banned me LOL

hey fucktards.. news flash

being a chat box moderator does not make your a big-shot.

i saved the chat log too so he can't play dumb about how it went down too.

PS:
What i said in part of my first comment on this topic is 100% accurate and honest.
that is it.

PPS:
Buckle up it's gonna be a bumpy ride

[1714540769]

1714540769

[CryptsyJim]

1) We lost a considerable amount of VeriCoin in the attack, however we have been working with the VRC developers and all major exchanges to hard fork the coin at a position before the attack. This will allow us to retrieve the stolen coins and facilitate all withdrawals. We are also working with various exchanges to accommodate any losses they may encouter as a result of the required fork.

This is a problem right here. Just because it's stolen does not mean they should be able to arbitrarily reverse the hack. If they're successful at hard forking, this will set precedence that any time there is a theft reported, devs can just hard fork again. This will eventually be abused, and corruption happens.

agreed and this reminds me of the BTER / NXT hack other day and the JPC / Allcrypt hack the other month.

on one hand i think we gotta play by the rules.. bear with me on this lol

Ok so we have a lawless market right ?
Then in all fairness it's to the exchanges to run their business how they see fit period.
BUT
I don't like what these guys are doing..
I myself think if they stole the coins then oh well they are stolen and that is the end of it.
Hard forking a coin or other dumb measures is undermining Crypto bit by bit.

a lot of negative precedents are being set more frequently and unless Regulation is put in place and fast i am getting out of this shit scam pit of bullshit scene.

edit:
This shit is getting out of hand..
It also reminds me of Cryptsy getting hacked for Points couple weeks back..
A guy exploited the exchange and dumped Cryptsy "Points" down to about 4 sat's
The exchange rolled it back but guys got fucked over because they sold other coins to buy up cheap points..
so Cryptsy rolled back the changes on points leaving anyone that dumped their coins earlier kinda fucked over.. as i was told by users who did this.
AND the guy who hacked it popped up after a week and i had a little chat with him and turns out he robbed the place for a bit more than 89k usd after cashing out.
He was laughing his ass off asking me directly what he should spend it on.

Crypsty was not hacked, and no funds were removed from site.  We did have a bug that was exploited in the points market, but it was quickly found and corrected. No funds were removed.

[Bluestreet]

1) We lost a considerable amount of VeriCoin in the attack, however we have been working with the VRC developers and all major exchanges to hard fork the coin at a position before the attack. This will allow us to retrieve the stolen coins and facilitate all withdrawals. We are also working with various exchanges to accommodate any losses they may encouter as a result of the required fork.

This is a problem right here. Just because it's stolen does not mean they should be able to arbitrarily reverse the hack. If they're successful at hard forking, this will set precedence that any time there is a theft reported, devs can just hard fork again. This will eventually be abused, and corruption happens.

agreed and this reminds me of the BTER / NXT hack other day and the JPC / Allcrypt hack the other month.

on one hand i think we gotta play by the rules.. bear with me on this lol

Ok so we have a lawless market right ?
Then in all fairness it's to the exchanges to run their business how they see fit period.
BUT
I don't like what these guys are doing..
I myself think if they stole the coins then oh well they are stolen and that is the end of it.
Hard forking a coin or other dumb measures is undermining Crypto bit by bit.

a lot of negative precedents are being set more frequently and unless Regulation is put in place and fast i am getting out of this shit scam pit of bullshit scene.

edit:
This shit is getting out of hand..
It also reminds me of Cryptsy getting hacked for Points couple weeks back..
A guy exploited the exchange and dumped Cryptsy "Points" down to about 4 sat's
The exchange rolled it back but guys got fucked over because they sold other coins to buy up cheap points..
so Cryptsy rolled back the changes on points leaving anyone that dumped their coins earlier kinda fucked over.. as i was told by users who did this.
AND the guy who hacked it popped up after a week and i had a little chat with him and turns out he robbed the place for a bit more than 89k usd after cashing out.
He was laughing his ass off asking me directly what he should spend it on.

Crypsty was not hacked, and no funds were removed from site.  We did have a bug that was exploited in the points market, but it was quickly found and corrected. No funds were removed.

There are 2 new alt coins that are really trying to be real, NOBL and Guldencoin - NLG. It's the only 2 coins besides btc I trust right now.

Exchanges so far bittrex has impressed me a lot, I probably would use Cryptsy if they added a Guldencoin - USD pairing in the future.

The truth is when it comes to exchanges they add the coins who are backed by the richest scammers and coins where price is easily manipulated. AKA PoS coins with 5 million and under supply.

[Alphi]

I suspect the theft is larger than Mintpal are letting on. In terms of, other coins were stolen too. But the damage was limited because they were using proper cold storage for the other coins, so they only lost a small percentage of customer funds. If they don't announce it, they won't get a flood of people panicking and taking all their coins off the exchange.

We've all seen what's happened with mtgox. You can't trust these exchanges to tell the truth when it comes to hacks.

It doesn't make sense to me that only Vericoin was stolen. It makes more sense that many coins took a hit, but only Vericoin got hit hard because of no cold storage and everything being in the hot wallet.

That's my opinion anyway, obviously I have no proof so take it how you want.

I agree, mintpal have already stated that it was not a fault with the vericoin network but a fault in their withdrawal system..
if you read between the lines this means that any and all coin hot wallets on the exchange could potentially have been raided.

by how much, we will probably never know..

ofcourse the other possibility is that the thieves stole some insignificant amount of BTC and some LTC... hit the jackpot with VRC  at which time someone at mintpal noticed the extremely large withdraw and then hit the halt button on all other withdraws.

I think the mintpal community needs to push for an audit of all coins on that exchange.
there may be other events where coins were stolen but mintpal has not yet discovered them.

at this point to continue trading as they have, mintpal are either extremely confident with their security measures or living in blissful ignorance.
lets hope we don't get goxed again...
the world doesn't need another  Mark Karpeles.

[Litesire]

1) We lost a considerable amount of VeriCoin in the attack, however we have been working with the VRC developers and all major exchanges to hard fork the coin at a position before the attack. This will allow us to retrieve the stolen coins and facilitate all withdrawals. We are also working with various exchanges to accommodate any losses they may encouter as a result of the required fork.

This is a problem right here. Just because it's stolen does not mean they should be able to arbitrarily reverse the hack. If they're successful at hard forking, this will set precedence that any time there is a theft reported, devs can just hard fork again. This will eventually be abused, and corruption happens.

agreed and this reminds me of the BTER / NXT hack other day and the JPC / Allcrypt hack the other month.

on one hand i think we gotta play by the rules.. bear with me on this lol

Ok so we have a lawless market right ?
Then in all fairness it's to the exchanges to run their business how they see fit period.
BUT
I don't like what these guys are doing..
I myself think if they stole the coins then oh well they are stolen and that is the end of it.
Hard forking a coin or other dumb measures is undermining Crypto bit by bit.

a lot of negative precedents are being set more frequently and unless Regulation is put in place and fast i am getting out of this shit scam pit of bullshit scene.

edit:
This shit is getting out of hand..
It also reminds me of Cryptsy getting hacked for Points couple weeks back..
A guy exploited the exchange and dumped Cryptsy "Points" down to about 4 sat's
The exchange rolled it back but guys got fucked over because they sold other coins to buy up cheap points..
so Cryptsy rolled back the changes on points leaving anyone that dumped their coins earlier kinda fucked over.. as i was told by users who did this.
AND the guy who hacked it popped up after a week and i had a little chat with him and turns out he robbed the place for a bit more than 89k usd after cashing out.
He was laughing his ass off asking me directly what he should spend it on.

Crypsty was not hacked, and no funds were removed from site.  We did have a bug that was exploited in the points market, but it was quickly found and corrected. No funds were removed.

There are 2 new alt coins that are really trying to be real, NOBL and Guldencoin - NLG. It's the only 2 coins besides btc I trust right now.

Exchanges so far bittrex has impressed me a lot, I probably would use Cryptsy if they added a Guldencoin - USD pairing in the future.

The truth is when it comes to exchanges they add the coins who are backed by the richest scammers and coins where price is easily manipulated. AKA PoS coins with 5 million and under supply.

Cryptsy would still need to add Guldencoin to there exchange for NLG/USD pairing. I agree though it's one of the hidden gems amongst the cesspit called the altcoin market. Adding coins like guildencoin gives legitimacy to this environment.

[InvestorPerson]

having a way of trading decentralized, now that would be the holy grail of cryptos

the only way of losing your coins would be through your own incompetence. that said, i moved 90%+ of all my stuff from mintpal

[Spoetnik]

i see you saying it was a "BUG"  
and i created a separate topic (about Cryptsy) so i don't keep going on about it here.
I put it all on the table and others can decide..

all i can say is i don't post false information.. what i said was honest (as always)
I would never knowingly post false information on purpose and i find it extremely offensive i was just told that by Cryptsy staff !

I also had already talked to Bitjohn politely i might add and i told him via pm here i was just relaying what i heard basically.
And if after that he asked me to clarify an earlier post ? i would have said ya no problem.
So AFTER i commented here i got PM's from BitJohn and i thought that was the end of it..
i assumed he or others posted back here clarifying what they wanted on the record etc.

But it was now JShocks turn to go through it with me in an offensive and confrontational manner
starting off when he popped up out of the blue saying he had a bone to pick with me etc
and i seriously had no damn idea at all what he was talking about.

Ya know if it really isn't a big deal then making it a big deal is pretty dumb lol
So instead of the matter being dropped it's getting negative exposure  

ALL of these exchanges need to be transparent and held accountable and when they play secretive little games then you pay the consequences.
Having a hack go down and saying nothing is not going to help matters..
They have to be up front 100% from day one.

[adhitthana]

[...] Mintpal was in control of 30% of existing VeriCoin, all of which maybe was stolen by a yet unidentified hacker. [...]

fixed it for you

What would be the goal of making the story up?

[gustav]

[...] Mintpal was in control of 30% of existing VeriCoin, all of which maybe was stolen by a yet unidentified hacker. [...]

fixed it for you

What would be the goal of making the story up?

we can only guess that. What's the benefit of a rollback? Maybe was a testrun to see if they can get away with a rollback? Maybe want to bring regulation in? Maybe want to establish some kind central of authority (themselves)? We don't even know who mintpal is or what bribes they take from what parties. I don't see any reason to take their word for it at this point. Especially not after coinex. The paranoids were right far too often around here. This is not the place for blind trust, never was. I would recommend to question everything and why wouldn't you? Makes more sense to question their story than to believe things with no proof. I don't even know who is operating mintpal. I only find it highly suspicious they didn't go offline during or after the hack. I also don't like the way the rollback was handled. I have doubts and i think they are valid so why not express them?

It is far too easy for an exchange to claim a hack and get their way after that even if none took place. Too many phony hacks.

[XbladeX]

having a way of trading decentralized, now that would be the holy grail of cryptos

the only way of losing your coins would be through your own incompetence. that said, i moved 90%+ of all my stuff from mintpal

it is never safe having coins on the exchange...

In VRC case was more safety having coin on Mintpal than having them on local PC...
No one will rollback for you but for 30%+ supply all will fork coin...
Just fact .

[adhitthana]

Too many phony hacks.

What phony hacks have there been?

[gustav]

Too many phony hacks.

What phony hacks have there been?

coinex, gox, cryptorush - mainly coinex was phony as.
Look how Karpeles "finds" btc later. Phony as shit. I don't believe a word they say.

They all say they were hacked but the truth is very different. You'll see that more often times in the future. They do it because they can.

remember this:
https://bitcointalk.org/index.php?topic=265277.msg7736137#msg7736137

we are not in lila-land with the heart-bears even if you would like to believe so. Don't trust nobody. Ask questions, demand answers. Othwise you will be screwed over again and again.

[virtapayseller666]

thats why price go down

[micax1]

Official story is pretty much sounds fake.
where are stolen BTC and LTC that were in hot wallets?

[XbladeX]

Official story is pretty much sounds fake.
where are stolen BTC and LTC that were in hot wallets?

No one who have brain take that shit real...
MtGox was collapsing six months ?...

I would believe in statement like poloniex or bitcurex had 10% of BTC was stolen but rest was blocked by their security system...
Here is to cool to believe in that story...

[Spoetnik]

i agree gustav..
GOX had claimed over 700,000 Bitcoins where hacked and stolen and then he later after talking with his lawyer
said he "found" 200,000 Bitcoin to turn in to his lawyer etc..
that says it all i think..

Last i heard he made off with around 500,000 Bitcoins and was last seen using Twitter to post messages about "sunsets" on the beach.
Be happy GOX cheerleaders you paid for his beach retreat sunset retirement lol
rather than being a fanboy you guys should been holding him to the fire and keeping him accountable.. but you didn't !

and sadly no one in crypto learned squat from GOX.
you guys started a lynch mob when he shut Gox's Doors and carried on with the same stupid behavior..
so it will happen again and again.. dumb cheerleaders never learn.
I can't believe he was on the Bitcoin foundation board or what ever ROFL
In other words you blamed Mark himself for the problem when the problem is the system itself and the lack of regulation.

So..
Has there been a summary of what happened at MintPal ?
Or do we still know just that little bit of info posted by some guy here in the OP's first comment ?
And duuuuuuh...
i am NOT asking for hack details so other hackers can do it again.. so don't pull that routine on me.
If there is a hack we are entitled to disclosure.. such as what coins were taken.. or was there coins taken off their server etc.
And if we don't get it we are within our right to choose another service..

I would advise people check out track records of these places.. hard i know

[rugrats]

I just noticed this particular sentence from a Coindesk article about the hack.

According to MintPal, only the vericoin wallet was affected during the attack. This includes the database containing sensitive customer information and passwords.

Has Mintpal made an official comment about this yet?
Has MintPal-Jay commented on this yet?
Has our password and email been compromised?

I urge everyone to be safe and immediately change their Mintpal password. (I have withdrawn everything out of Mintpal a while ago.)

Philosophical issues and principals about decentralization should take a back seat first.
IMO, the most crucial thing right now is for Mintpal to provide a full disclosure of the incident, including method, vector, scope and resulting remedial actions.

[meganite]

I just noticed this particular sentence from a Coindesk article about the hack.

According to MintPal, only the vericoin wallet was affected during the attack. This includes the database containing sensitive customer information and passwords.

Has Mintpal made an official comment about this yet?
Has MintPal-Jay commented on this yet?
Has our password and email been compromised?

I urge everyone to be safe and immediately change their Mintpal password. (I have withdrawn everything out of Mintpal a while ago.)

Philosophical issues and principals about decentralization should take a back seat first.
IMO, the most crucial thing right now is for Mintpal to provide a full disclosure of the incident, including method, vector, scope and resulting remedial actions.

+1
I noticed that too; love how they just slipped it in there at the end. IMO, Mintpal cannot be trusted until further notice. The official explanation makes zero sense, and the targeting of only VRC leaves me scratching my head. Even *if* each coin hot wallet resides in their own discrete server, you're telling me that ONLY VRC was in a hot wallet, and that the hacks ONLY had access to VRC? Please. Mintpal has some MAJOR 'splainin to do, that's for sure. As for VRC, they have proven themselves to be nothing more than a play money PayPal; ladies and gents, the first chargeback in crypto history. Sad day indeed.

[Wulfcastle]

I just noticed this particular sentence from a Coindesk article about the hack.

According to MintPal, only the vericoin wallet was affected during the attack. This includes the database containing sensitive customer information and passwords.

Has Mintpal made an official comment about this yet?
Has MintPal-Jay commented on this yet?
Has our password and email been compromised?

I urge everyone to be safe and immediately change their Mintpal password. (I have withdrawn everything out of Mintpal a while ago.)

Philosophical issues and principals about decentralization should take a back seat first.
IMO, the most crucial thing right now is for Mintpal to provide a full disclosure of the incident, including method, vector, scope and resulting remedial actions.

Could be CoinDesk exaggeration again, if not then....

[TR8888]

@ IRC

[22:54] <StonedPenguin> According to MintPal, only the vericoin wallet was affected during the attack. This includes the database containing sensitive customer information and passwords.
[22:54] <StonedPenguin> http://www.coindesk.com/bitcoin-protected-vericoin-stolen-mintpal-wallet-breach/
[22:55] <StonedPenguin> Have our passwords been compromised?
[22:55] <@MintPal-Jason> StonedPenguin: No
[22:56] <@MintPal-Jason> The CoinDesk article is worded wrong. We answered that very question on our Q&A post https://support.mintpal.com/index.php?module=announce&sec=view&id=18