iluvpie60 (OP)
|
|
August 26, 2014, 12:29:28 PM |
|
So how does this happen then? Was their server where the main hot wallet was storing bitcoins not multisig for protection or how does that work? Things that make you go hmmm. http://www.coindesk.com/black-market-cannabis-road-hacked-loses-100000-bitcoin/ Multisig employed
The success of the attack is particularly notable given that Cannabis Road had moved to integrate safeguards aimed at better protecting user funds through multi-signature technology, an evolution of the traditional wallet offering that introduces an arbitrator to the transaction process.
In a May interview with DeepDotWeb, Crypto indicated that Cannabis Road was using a hybrid version of multisig, however, in part to make the technology easier for its customers to use.
At the time, he indicated that Cannabis Road had added three levels of multisig in response to a rise in attacks against illicit websites, explaining:
“All three levels start off the same, asking for public keys of the buyer, vendor and market to create the shared (multisignature) address. The buyer sends funds to the shared address. Once the buyer is happy, the buyer agrees to finalize the order, this is where the three levels are offered.”
Two more advanced levels were added on top of this service, both of which put restrictions on the situations in which users would be asked to send their private keys.
|
|
|
|
thisisthis
Member
Offline
Activity: 69
Merit: 10
|
|
August 26, 2014, 12:31:27 PM |
|
That hacker should be hired by some big company like google or microsoft (after some years in jail of course).
|
|
|
|
LiteCoinGuy
Legendary
Offline
Activity: 1148
Merit: 1014
In Satoshi I Trust
|
|
August 26, 2014, 12:46:30 PM |
|
maybe its just a lie and they ran off with the money
|
|
|
|
BadBear
v2.0
Legendary
Offline
Activity: 1652
Merit: 1128
|
|
August 26, 2014, 12:46:42 PM |
|
"hacked"
|
|
|
|
bitkilo
Legendary
Offline
Activity: 1638
Merit: 1010
https://www.bitcoin.com/
|
|
August 26, 2014, 12:57:17 PM |
|
I would like to see some proofe of a hack before i just belive what they write. My understanding is that multi-sig is very secure but they were using some hybrid version they said. I belive i read somewhere that silk road 2 is also in the middle of implamenting multi-sig escrow, maybe they will have 2nd thoughts now.
|
Not a paid signature, just added to promote Bitcoin.com
|
|
|
Jamie_Boulder
|
|
August 26, 2014, 12:59:37 PM |
|
1. Inside job 2. Company lied about their security 3. He's jesus
You decide.
|
|
|
|
EFS
Staff
Legendary
Offline
Activity: 3878
Merit: 2172
Crypto Swap Exchange
|
|
August 26, 2014, 01:01:52 PM |
|
maybe its just a lie and they ran off with the money
Of course they ran off with the money. Who do you blame? Tell the police they stole my drug money!
|
|
|
|
Jesu
|
|
August 26, 2014, 01:04:28 PM |
|
maybe its just a lie and they ran off with the money
That's exactly what I thought as soon as I saw this. This is just yet another reason why we need decentralized Markets.
|
|
|
|
RodeoX
Legendary
Offline
Activity: 3066
Merit: 1147
The revolution will be monetized!
|
|
August 26, 2014, 01:14:22 PM |
|
maybe its just a lie and they ran off with the money
Guys, come on. We shouldn't accuse them of something. Maybe they were the honest, hard working kind of criminals?
|
|
|
|
montello
|
|
August 26, 2014, 01:34:18 PM |
|
"hacked" Is there a proof to this effect?
|
|
|
|
Bitcoinpro
Legendary
Offline
Activity: 1344
Merit: 1000
|
|
August 26, 2014, 01:44:14 PM |
|
Sounds like it was a 2 of 3 multisig, so that means the vendor and market where the same person
though its was most probably a third party wallet so the market knew all three addresses anyway
|
WWW.FACEBOOK.COM
CRYPTOCURRENCY CENTRAL BANK
LTC: LP7bcFENVL9vdmUVea1M6FMyjSmUfsMVYf
|
|
|
Jesu
|
|
August 26, 2014, 01:49:33 PM |
|
"hacked" Is there a proof to this effect? Proof to what? Whether they were hacked or "hacked"? I'm sure some more details will become available soon. Have they provided the addresses where the funds were sent to?
|
|
|
|
bornil267645
|
|
August 26, 2014, 01:50:55 PM |
|
I think this is an inside job.
|
|
|
|
yayayo
Legendary
Offline
Activity: 1806
Merit: 1024
|
|
August 26, 2014, 01:56:26 PM |
|
I think they've been "hacked" almost for sure. It's the same story over and over again.
Semi-legal and illegal entities that attract funds can easily run away with them, because nobody can persecute them without admitting morally questionable or illegal activity as well.
ya.ya.yo!
|
|
|
|
. ..1xBit.com Super Six.. | ▄█████████████▄ ████████████▀▀▀ █████████████▄ █████████▌▀████ ██████████ ▀██ ██████████▌ ▀ ████████████▄▄ ███████████████ ███████████████ ███████████████ ███████████████ ███████████████ ▀██████████████ | ███████████████ █████████████▀ █████▀▀ ███▀ ▄███ ▄ ██▄▄████▌ ▄█ ████████ ████████▌ █████████ ▐█ ██████████ ▐█ ███████▀▀ ▄██ ███▀ ▄▄▄█████ ███ ▄██████████ ███████████████ | ███████████████ ███████████████ ███████████████ ███████████████ ███████████████ ███████████▀▀▀█ ██████████ ███████████▄▄▄█ ███████████████ ███████████████ ███████████████ ███████████████ ███████████████ | ▄█████ ▄██████ ▄███████ ▄████████ ▄█████████ ▄██████████ ▄███████████ ▄████████████ ▄█████████████ ▄██████████████ ▀▀███████████ ▀▀███████ ▀▀██▀ | ▄▄██▌ ▄▄███████ █████████▀ ▄██▄▄▀▀██▀▀ ▄██████ ▄▄▄ ███████ ▄█▄ ▄ ▀██████ █ ▀█ ▀▀▀ ▄ ▀▄▄█▀ ▄▄█████▄ ▀▀▀ ▀████████ ▀█████▀ ████ ▀▀▀ █████ █████ | ▄ █▄▄ █ ▄ ▀▄██▀▀▀▀▀▀▀▀ ▀ ▄▄█████▄█▄▄ ▄ ▄███▀ ▀▀ ▀▀▄ ▄██▄███▄ ▀▀▀▀▄ ▄▄ ▄████████▄▄▄▄▄█▄▄▄██ ████████████▀▀ █ ▐█ ██████████████▄ ▄▄▀██▄██ ▐██████████████ ▄███ ████▀████████████▄███▀ ▀█▀ ▐█████████████▀ ▐████████████▀ ▀█████▀▀▀ █▀ | . Premier League LaLiga Serie A | . Bundesliga Ligue 1 Primeira Liga | | . ..TAKE PART.. |
|
|
|
bitkilo
Legendary
Offline
Activity: 1638
Merit: 1010
https://www.bitcoin.com/
|
|
August 26, 2014, 02:02:18 PM |
|
"hacked"
Is there a proof to this effect? Proof to what? Whether they were hacked or "hacked"? I'm sure some more details will become available soon. Have they provided the addresses where the funds were sent to? You can follow this link from the story, it show the address that the btc went to. http://blockchain.info/address/1CatnMd3jsEKhwhSLUf8V862im8gBp3NDFBut this alone is not proof of a hack, just where some btc went.
|
Not a paid signature, just added to promote Bitcoin.com
|
|
|
iluvpie60 (OP)
|
|
August 26, 2014, 02:06:10 PM |
|
Drug sites like the one in the OP should be expected to get hacked, they can't try to come after the person legally if they even know who it is and anyone dealing in this activity should have expected it as every one of these sites get hacked or taken by the feds.
interesting theory on that. while it could be quite true that they could run away with your coins because who is going to sue someone for a few thousand dollars of bitcoin when you are using it to buy illegal drugs? probably no one. "hacked" is probably a good way to put it. i really do wonder though if it is possible to intercept the data going between somethinga nd actually grab the sigs then combine then for the multi sig then steal everything. obviously whoever does that would have to be pretty good at doing that, but if just one person knows how to do it it would seem they are the same person who keeps hitting all these small exchanges also. i lost like .2 btc on coinex.pw.... had some random mooncoins and small pieces of different coins and it got "hacked" too. but i can never really know.
|
|
|
|
Jesu
|
|
August 26, 2014, 02:09:25 PM |
|
"hacked"
Is there a proof to this effect? Proof to what? Whether they were hacked or "hacked"? I'm sure some more details will become available soon. Have they provided the addresses where the funds were sent to? You can follow this link from the story, it show the address that the btc went to. http://blockchain.info/address/1CatnMd3jsEKhwhSLUf8V862im8gBp3NDFBut this alone is not proof of a hack, just where some btc went. I know it's not proof, but people can follow where the money goes and possibly trace it back to someone, or at least it may provide some clues.
|
|
|
|
zeetubes
|
|
August 26, 2014, 02:38:22 PM |
|
I agree with a couple of others above that it was almost certainly an inside job. Just because they have multi sig capability doesn't mean they're actually using it, or at least using it properly. Also, they may have been using a lot of their own product and just forgot to do something.
|
|
|
|
sandykho47
Sr. Member
Offline
Activity: 252
Merit: 251
Knowledge its everything
|
|
August 26, 2014, 03:02:55 PM |
|
I doubt they really hacked, expect the one who hacked is highest-level hacker I think someone inside the company created backdoor & hacked it (when they want) Maybe they not use 3 level multi sig properly But, looks like it "hacked" not hacked
|
Kemampuanku Tidak semua orang memiliki dan dapat melakukannya . Tidak memakan kaum sendiri . dan mempunyai kode etik yang tidak masuk akal.
|
|
|
CtrlAltBernanke420
|
|
August 26, 2014, 03:20:52 PM |
|
I agree with a couple of others above that it was almost certainly an inside job. Just because they have multi sig capability doesn't mean they're actually using it, or at least using it properly. Also, they may have been using a lot of their own product and just forgot to do something.
Wasnt there an announcement about 2-3 weeks ago TOR was potentially compromised. Potentially not causing any panic for users or vendors but rather the site operators became vulnerable to.... justice. I am guessing a inside job considering other sites did shut down on this announcement. Causing a 'migration' of vendors and buyers to other market places. Well these other market places probably were scams from the beginning simply waiting to gain some serious coin, and or once they learned of the potential TOR compromise they decided it wasnt worth the risk any more, but rather than closing shop 3 weeks ago it was more like, wait.. wait. waait.. waaaiit... okay now kill the site, call it hacked, we're done. Considering most 'hacks' up so far have all very likely been inside jobs, whether it was intentional or not to steal from the ppl, they are likely smashing/burning hard drives right now and destroying potentially incriminating evidence. They hacked you, to save themselves. But they probably didnt mean to let you down, TOR let them down which let the rest of the users down. If i was the site owner, this probably would have been my logic.
|
|
|
|
|