Bitcoin Forum
December 12, 2024, 11:38:35 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 ... 79 »
  Print  
Author Topic: [Emergency ANN] Bitcoinica site is taken offline for security investigation  (Read 224569 times)
zhoutong (OP)
VIP
Hero Member
*
Offline Offline

Activity: 490
Merit: 502


View Profile WWW
May 11, 2012, 01:16:37 PM
Last edit: May 28, 2012, 06:38:44 AM by theymos
Merited by elianite (1)
 #1

New thread: https://bitcointalk.org/index.php?topic=84042

Today, we have discovered a suspicious Bitcoin transaction that doesn't seem to be initiated by any one of the company owners. Some of them are not online at the moment so this is not conclusive.

Suspicious transaction:

  {
        "account" : "",
        "address" : "182tGyiczhXSSCTciVujNRkkMw1zQxUVhp",
        "category" : "send",
        "amount" : -18547.66867623,
        "fee" : 0.00000000,
        "blockhash" : "00000000000003f6bfd3e2fcbf76091853b28be234b5473a67f89b9d5bee019c",
        "blockindex" : 1,
        "txid" : "7a22917744aa9ed740faf3068a2f895424ed816ed1a04012b47df7a493f056e8",
        "time" : 1336738723
    },

We have contacted Rackspace to suspend all our servers and lock down our accounts. All your trading and financial data is safe (as far as I know), apart from the Bitcoin loss.

Thank you for your patience and understanding while we investigate this issue in detail.

Founder of NameTerrific (https://www.nameterrific.com/). Co-founder of CoinJar (https://coinjar.io/)

Donations for my future Bitcoin projects: 19Uk3tiD5XkBcmHyQYhJxp9QHoub7RosVb
davout
Legendary
*
Offline Offline

Activity: 1372
Merit: 1008


1davout


View Profile WWW
May 11, 2012, 01:19:19 PM
 #2

"amount" : -18547.66867623
Whoops!

unclescrooge
aka Raphy
Hero Member
*****
Offline Offline

Activity: 868
Merit: 1000


View Profile
May 11, 2012, 01:20:12 PM
 #3

18000 btc? Oh my god that's harsh
unclescrooge
aka Raphy
Hero Member
*****
Offline Offline

Activity: 868
Merit: 1000


View Profile
May 11, 2012, 01:25:40 PM
 #4

And you know why the price dropped today Cheesy

Buy opportunity guys Cheesy
ineededausername
Hero Member
*****
Offline Offline

Activity: 784
Merit: 1000


bitcoin hundred-aire


View Profile
May 11, 2012, 01:27:45 PM
 #5

oh hell no, not again! Angry

Look out for CoinExchanger's "Thank You" thread!

(BFL)^2 < 0
PLATO
Sr. Member
****
Offline Offline

Activity: 493
Merit: 250


Don't trust "BBOD The Best Futures Exchange"


View Profile
May 11, 2012, 01:29:45 PM
 #6

Sounds like u got ZHOU TONGED

All posts by me after 2012 were a compromised account. Probably by "BBOD The Best Futures Exchange". SORRY Y'ALL
zhoutong (OP)
VIP
Hero Member
*
Offline Offline

Activity: 490
Merit: 502


View Profile WWW
May 11, 2012, 01:32:55 PM
 #7

Today, we have discovered a suspicious Bitcoin transaction that doesn't seem to be initiated by any one of the company owners. Some of them are not online at the moment so this is not conclusive.

Suspicious transaction:

  {
        "account" : "",
        "address" : "182tGyiczhXSSCTciVujNRkkMw1zQxUVhp",
        "category" : "send",
        "amount" : -18547.66867623,
        "fee" : 0.00000000,
        "blockhash" : "00000000000003f6bfd3e2fcbf76091853b28be234b5473a67f89b9d5bee019c",
        "blockindex" : 1,
        "txid" : "7a22917744aa9ed740faf3068a2f895424ed816ed1a04012b47df7a493f056e8",
        "time" : 1336738723
    },

We have contacted Rackspace to suspend all our servers and lock down our accounts. All your trading and financial data is safe (as far as I know), apart from the Bitcoin loss.

Thank you for your patience and understanding while we investigate this issue in detail.

It's really hard to believe that after the linode debacle, you guys are
still leaving that many coins on hosted systems.

Please learn about offline transactions and how to properly decouple
the wallet from your trading system.

Reading the armory threads would be a good place to start.


We have over 80% of our Bitcoins in offline wallets at the moment before the attack. We had to keep a large balance because the withdrawals are huge!

Founder of NameTerrific (https://www.nameterrific.com/). Co-founder of CoinJar (https://coinjar.io/)

Donations for my future Bitcoin projects: 19Uk3tiD5XkBcmHyQYhJxp9QHoub7RosVb
ataranlen
Hero Member
*****
Offline Offline

Activity: 846
Merit: 1000


The One and Only


View Profile WWW
May 11, 2012, 01:36:50 PM
 #8

This is very interesting. Hopefully someone actually knows about the transfer.

MineTexas.com Minecraft Server We accept Bitcoin and Dogecoin.
Deepbit on Facebook: http://www.facebook.com/pages/Deepbit/151108048294815
zhoutong (OP)
VIP
Hero Member
*
Offline Offline

Activity: 490
Merit: 502


View Profile WWW
May 11, 2012, 01:37:24 PM
 #9

We have over 80% of our Bitcoins in offline wallets at the moment before the attack. We had to keep a large balance because the withdrawals are huge!
use mtgox code for any withdrawals above 500 btc /24h

The hacker almost gained access to our Mt. Gox API keys, before I revoke them!

He could get 30,000+ BTC easily if I was asleep, or busy.

Founder of NameTerrific (https://www.nameterrific.com/). Co-founder of CoinJar (https://coinjar.io/)

Donations for my future Bitcoin projects: 19Uk3tiD5XkBcmHyQYhJxp9QHoub7RosVb
DiabloD3
Legendary
*
Offline Offline

Activity: 1162
Merit: 1000


DiabloMiner author


View Profile WWW
May 11, 2012, 01:40:02 PM
 #10

I have repeatedly told people that Bitcoinica is a scam and that Bitcoinica staff should be banned from the forums.

Maybe now people will actually listen.

BadBear
v2.0
Legendary
*
Offline Offline

Activity: 1652
Merit: 1128



View Profile WWW
May 11, 2012, 01:40:36 PM
 #11

Dang, good thing you were watching. Any idea how they got in?

1Kz25jm6pjNTaz8bFezEYUeBYfEtpjuKRG | PGP: B5797C4F

Tired of annoying signature ads? Ad block for signatures
zhoutong (OP)
VIP
Hero Member
*
Offline Offline

Activity: 490
Merit: 502


View Profile WWW
May 11, 2012, 01:40:44 PM
 #12

it was Rackspace fault ?

Not likely. I could be a email account compromise. Someone reset the password and gained access to the account. My email account history is normal, not sure about other owners. (Yes, the emails were sent to everyone!)

Founder of NameTerrific (https://www.nameterrific.com/). Co-founder of CoinJar (https://coinjar.io/)

Donations for my future Bitcoin projects: 19Uk3tiD5XkBcmHyQYhJxp9QHoub7RosVb
zhoutong (OP)
VIP
Hero Member
*
Offline Offline

Activity: 490
Merit: 502


View Profile WWW
May 11, 2012, 01:42:27 PM
 #13

I have repeatedly told people that Bitcoinica is a scam and that Bitcoinica staff should be banned from the forums.

Maybe now people will actually listen.

Bitcoinica is a regulated entity, verifiable by government records. We are one of the most legitimate businesses in Bitcoin community, by any standard.

Founder of NameTerrific (https://www.nameterrific.com/). Co-founder of CoinJar (https://coinjar.io/)

Donations for my future Bitcoin projects: 19Uk3tiD5XkBcmHyQYhJxp9QHoub7RosVb
Clipse
Hero Member
*****
Offline Offline

Activity: 504
Merit: 502


View Profile
May 11, 2012, 01:44:04 PM
 #14

Honestly, I know people want to be able to withdraw in "real-time" but why is it so terrible to have a pending period for large transfers? Surely this would avoid such massive withdrawals in near "real-time" without you being able to suspend it in case of hacks/theft?

...In the land of the stale, the man with one share is king... >> Clipse

We pay miners at 130% PPS | Signup here : Bonus PPS Pool (Please read OP to understand the current process)
sturle
Legendary
*
Offline Offline

Activity: 1437
Merit: 1002

https://bitmynt.no


View Profile WWW
May 11, 2012, 01:44:58 PM
 #15

Today, we have discovered a suspicious Bitcoin transaction that doesn't seem to be initiated by any one of the company owners. Some of them are not online at the moment so this is not conclusive.
Isn't this exactly what P2SH was invented to prevent?

Have a separate safety computer located somewhere else to automatically countersign all transactions which can be verified to be legitimate.  Normal transactions using bitcoind will not work without access to both wallets.

Sjå https://bitmynt.no for veksling av bitcoin mot norske kroner.  Trygt, billig, raskt og enkelt sidan 2010.
I buy with EUR and other currencies at a fair market price when you want to sell.  See http://bitmynt.no/eurprice.pl
Warning: "Bitcoin" XT, Classic, Unlimited and the likes are scams. Don't use them, and don't listen to their shills.
zhoutong (OP)
VIP
Hero Member
*
Offline Offline

Activity: 490
Merit: 502


View Profile WWW
May 11, 2012, 01:46:36 PM
 #16

Honestly, I know people want to be able to withdraw in "real-time" but why is it so terrible to have a pending period for large transfers? Surely this would avoid such massive withdrawals in near "real-time" without you being able to suspend it in case of hacks/theft?

We really wanted to keep the blockchain and wallet in MySQL database. But we don't have a technical solution yet. Interacting with the official client is painful.

Founder of NameTerrific (https://www.nameterrific.com/). Co-founder of CoinJar (https://coinjar.io/)

Donations for my future Bitcoin projects: 19Uk3tiD5XkBcmHyQYhJxp9QHoub7RosVb
N12
Donator
Legendary
*
Offline Offline

Activity: 1610
Merit: 1011



View Profile
May 11, 2012, 01:46:43 PM
 #17

Great news!

I am pleased to know that the Bitcoin community continues funding hackers and scammers in a big way. Bitcoin creates so much wealth for everyone of us. Last time was 45k BTC though, this time it’s only 18.5k, we’ve got to do better. Smiley

Continue using a site to get g zhoutonged and give your money to hackers to devalue your Bitcoins, please!
realnowhereman
Hero Member
*****
Offline Offline

Activity: 504
Merit: 502



View Profile
May 11, 2012, 01:46:52 PM
 #18

At time of writing, the funds haven't been spent.

http://blockchain.info/address/182tGyiczhXSSCTciVujNRkkMw1zQxUVhp

1AAZ4xBHbiCr96nsZJ8jtPkSzsg1CqhwDa
bulanula
Hero Member
*****
Offline Offline

Activity: 518
Merit: 500



View Profile
May 11, 2012, 01:47:54 PM
 #19

I have repeatedly told people that Bitcoinica is a scam and that Bitcoinica staff should be banned from the forums.

Maybe now people will actually listen.

Yankee (BitInstant)
Legendary
*
Offline Offline

Activity: 1078
Merit: 1000


Charlie 'Van Bitcoin' Shrem


View Profile WWW
May 11, 2012, 01:49:47 PM
 #20

I have repeatedly told people that Bitcoinica is a scam and that Bitcoinica staff should be banned from the forums.

Maybe now people will actually listen.

Bitcoinica is a regulated entity, verifiable by government records. We are one of the most legitimate businesses in Bitcoin community, by any standard.

I second that, and vouch for Zhou and the Bitcoinica team.

Bitcoin pioneer. An apostle of Satoshi Nakamoto. A crusader for a new, better, tech-driven society. A dreamer.

More about me: http://CharlieShrem.com
Pages: [1] 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 ... 79 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!