Bitcoin Forum
April 24, 2014, 05:50:20 AM *
News: Due to the OpenSSL heartbleed bug, changing your forum password is recommended.
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 ... 80
  Print  
Author Topic: [Emergency ANN] Bitcoinica site is taken offline for security investigation  (Read 133551 times)
zhoutong
VIP
Hero Member
*
Offline Offline

Activity: 490


View Profile WWW

Ignore
May 11, 2012, 01:16:37 PM
 #1

New thread: https://bitcointalk.org/index.php?topic=84042

Today, we have discovered a suspicious Bitcoin transaction that doesn't seem to be initiated by any one of the company owners. Some of them are not online at the moment so this is not conclusive.

Suspicious transaction:

  {
        "account" : "",
        "address" : "182tGyiczhXSSCTciVujNRkkMw1zQxUVhp",
        "category" : "send",
        "amount" : -18547.66867623,
        "fee" : 0.00000000,
        "blockhash" : "00000000000003f6bfd3e2fcbf76091853b28be234b5473a67f89b9d5bee019c",
        "blockindex" : 1,
        "txid" : "7a22917744aa9ed740faf3068a2f895424ed816ed1a04012b47df7a493f056e8",
        "time" : 1336738723
    },

We have contacted Rackspace to suspend all our servers and lock down our accounts. All your trading and financial data is safe (as far as I know), apart from the Bitcoin loss.

Thank you for your patience and understanding while we investigate this issue in detail.

Founder of NameTerrific (https://www.nameterrific.com/). Co-founder of CoinJar (https://coinjar.io/)

Donations for my future Bitcoin projects: 19Uk3tiD5XkBcmHyQYhJxp9QHoub7RosVb
1398318620
Hero Member
*
Offline Offline

Posts: 1398318620

View Profile Personal Message (Offline)

Ignore
1398318620
Reply with quote  #2

1398318620
Report to moderator
1398318620
Hero Member
*
Offline Offline

Posts: 1398318620

View Profile Personal Message (Offline)

Ignore
1398318620
Reply with quote  #2

1398318620
Report to moderator
1398318620
Hero Member
*
Offline Offline

Posts: 1398318620

View Profile Personal Message (Offline)

Ignore
1398318620
Reply with quote  #2

1398318620
Report to moderator
Unbeatable Service & Product Support
Grab Your Miners at GAWMiners.com
Order Before April 25th to receive
Double your Hashing Power for 1 week!

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1398318620
Hero Member
*
Offline Offline

Posts: 1398318620

View Profile Personal Message (Offline)

Ignore
1398318620
Reply with quote  #2

1398318620
Report to moderator
1398318620
Hero Member
*
Offline Offline

Posts: 1398318620

View Profile Personal Message (Offline)

Ignore
1398318620
Reply with quote  #2

1398318620
Report to moderator
davout
Staff
Hero Member
*****
Offline Offline

Activity: 1148


1davout


View Profile WWW

Ignore
May 11, 2012, 01:19:19 PM
 #2

"amount" : -18547.66867623
Whoops!

unclescrooge
aka Raphy
Hero Member
*****
Offline Offline

Activity: 742


View Profile

Ignore
May 11, 2012, 01:20:12 PM
 #3

18000 btc? Oh my god that's harsh

unclescrooge
aka Raphy
Hero Member
*****
Offline Offline

Activity: 742


View Profile

Ignore
May 11, 2012, 01:25:40 PM
 #4

And you know why the price dropped today Cheesy

Buy opportunity guys Cheesy

ineededausername
Hero Member
*****
Offline Offline

Activity: 714


bitcoin hundred-aire


View Profile

Ignore
May 11, 2012, 01:27:45 PM
 #5

oh hell no, not again! Angry

Look out for CoinExchanger's "Thank You" thread!

(BFL)^2 < 0
PLATO
Sr. Member
****
Offline Offline

Activity: 277


Subversive


View Profile WWW

Ignore
May 11, 2012, 01:29:45 PM
 #6

Sounds like u got ZHOU TONGED
zhoutong
VIP
Hero Member
*
Offline Offline

Activity: 490


View Profile WWW

Ignore
May 11, 2012, 01:32:55 PM
 #7

Today, we have discovered a suspicious Bitcoin transaction that doesn't seem to be initiated by any one of the company owners. Some of them are not online at the moment so this is not conclusive.

Suspicious transaction:

  {
        "account" : "",
        "address" : "182tGyiczhXSSCTciVujNRkkMw1zQxUVhp",
        "category" : "send",
        "amount" : -18547.66867623,
        "fee" : 0.00000000,
        "blockhash" : "00000000000003f6bfd3e2fcbf76091853b28be234b5473a67f89b9d5bee019c",
        "blockindex" : 1,
        "txid" : "7a22917744aa9ed740faf3068a2f895424ed816ed1a04012b47df7a493f056e8",
        "time" : 1336738723
    },

We have contacted Rackspace to suspend all our servers and lock down our accounts. All your trading and financial data is safe (as far as I know), apart from the Bitcoin loss.

Thank you for your patience and understanding while we investigate this issue in detail.

It's really hard to believe that after the linode debacle, you guys are
still leaving that many coins on hosted systems.

Please learn about offline transactions and how to properly decouple
the wallet from your trading system.

Reading the armory threads would be a good place to start.


We have over 80% of our Bitcoins in offline wallets at the moment before the attack. We had to keep a large balance because the withdrawals are huge!

Founder of NameTerrific (https://www.nameterrific.com/). Co-founder of CoinJar (https://coinjar.io/)

Donations for my future Bitcoin projects: 19Uk3tiD5XkBcmHyQYhJxp9QHoub7RosVb
ataranlen
Hero Member
*****
Offline Offline

Activity: 822


The One and Only


View Profile WWW

Ignore
May 11, 2012, 01:36:50 PM
 #8

This is very interesting. Hopefully someone actually knows about the transfer.

Play Minecraft? Join my PVP server, Minecraft Texas. Near as your server browser: pvp.MinecraftTX.com
1CJd8W6JiGKEgKHYp4PvWXWsnemHd8uqr7 - Donate?
Deepbit on Facebook: http://www.facebook.com/pages/Deepbit/151108048294815
zhoutong
VIP
Hero Member
*
Offline Offline

Activity: 490


View Profile WWW

Ignore
May 11, 2012, 01:37:24 PM
 #9

We have over 80% of our Bitcoins in offline wallets at the moment before the attack. We had to keep a large balance because the withdrawals are huge!
use mtgox code for any withdrawals above 500 btc /24h

The hacker almost gained access to our Mt. Gox API keys, before I revoke them!

He could get 30,000+ BTC easily if I was asleep, or busy.

Founder of NameTerrific (https://www.nameterrific.com/). Co-founder of CoinJar (https://coinjar.io/)

Donations for my future Bitcoin projects: 19Uk3tiD5XkBcmHyQYhJxp9QHoub7RosVb
DiabloD3
Hero Member
*****
Offline Offline

Activity: 1134


DiabloMiner author


View Profile WWW

Ignore
May 11, 2012, 01:40:02 PM
 #10

I have repeatedly told people that Bitcoinica is a scam and that Bitcoinica staff should be banned from the forums.

Maybe now people will actually listen.

BadBear
Global Moderator
Hero Member
*
Offline Offline

Activity: 952



View Profile

Ignore
May 11, 2012, 01:40:36 PM
 #11

Dang, good thing you were watching. Any idea how they got in?

1P1GwVpbTY6gcg8dX4nKzE5D6W8SCAzyZB
zhoutong
VIP
Hero Member
*
Offline Offline

Activity: 490


View Profile WWW

Ignore
May 11, 2012, 01:40:44 PM
 #12

it was Rackspace fault ?

Not likely. I could be a email account compromise. Someone reset the password and gained access to the account. My email account history is normal, not sure about other owners. (Yes, the emails were sent to everyone!)

Founder of NameTerrific (https://www.nameterrific.com/). Co-founder of CoinJar (https://coinjar.io/)

Donations for my future Bitcoin projects: 19Uk3tiD5XkBcmHyQYhJxp9QHoub7RosVb
zhoutong
VIP
Hero Member
*
Offline Offline

Activity: 490


View Profile WWW

Ignore
May 11, 2012, 01:42:27 PM
 #13

I have repeatedly told people that Bitcoinica is a scam and that Bitcoinica staff should be banned from the forums.

Maybe now people will actually listen.

Bitcoinica is a regulated entity, verifiable by government records. We are one of the most legitimate businesses in Bitcoin community, by any standard.

Founder of NameTerrific (https://www.nameterrific.com/). Co-founder of CoinJar (https://coinjar.io/)

Donations for my future Bitcoin projects: 19Uk3tiD5XkBcmHyQYhJxp9QHoub7RosVb
Clipse
SCAMMER
Hero Member
*****
Offline Offline

Activity: 504


View Profile

Ignore
May 11, 2012, 01:44:04 PM
 #14

Honestly, I know people want to be able to withdraw in "real-time" but why is it so terrible to have a pending period for large transfers? Surely this would avoid such massive withdrawals in near "real-time" without you being able to suspend it in case of hacks/theft?

...In the land of the stale, the man with one share is king... >> Clipse

We pay miners at 130% PPS | Signup here : Bonus PPS Pool (Please read OP to understand the current process)
sturle
Hero Member
*****
Online Online

Activity: 1078

http://bitmynt.no


View Profile WWW

Ignore
May 11, 2012, 01:44:58 PM
 #15

Today, we have discovered a suspicious Bitcoin transaction that doesn't seem to be initiated by any one of the company owners. Some of them are not online at the moment so this is not conclusive.
Isn't this exactly what P2SH was invented to prevent?

Have a separate safety computer located somewhere else to automatically countersign all transactions which can be verified to be legitimate.  Normal transactions using bitcoind will not work without access to both wallets.

Sjå http://bitmynt.no for veksling av bitcoin mot norske kroner.  Trygt, billig, raskt og enkelt sidan 2010.
I buy with EUR and other currencies at a fair market price when you want to sell.  See http://bitmynt.no/eurprice.pl
zhoutong
VIP
Hero Member
*
Offline Offline

Activity: 490


View Profile WWW

Ignore
May 11, 2012, 01:46:36 PM
 #16

Honestly, I know people want to be able to withdraw in "real-time" but why is it so terrible to have a pending period for large transfers? Surely this would avoid such massive withdrawals in near "real-time" without you being able to suspend it in case of hacks/theft?

We really wanted to keep the blockchain and wallet in MySQL database. But we don't have a technical solution yet. Interacting with the official client is painful.

Founder of NameTerrific (https://www.nameterrific.com/). Co-founder of CoinJar (https://coinjar.io/)

Donations for my future Bitcoin projects: 19Uk3tiD5XkBcmHyQYhJxp9QHoub7RosVb
Blitz­
Donator
Hero Member
*
Offline Offline

Activity: 1022



View Profile

Ignore
May 11, 2012, 01:46:43 PM
 #17

Great news!

I am pleased to know that the Bitcoin community continues funding hackers and scammers in a big way. Bitcoin creates so much wealth for everyone of us. Last time was 45k BTC though, this time it’s only 18.5k, we’ve got to do better. Smiley

Continue using a site to get g zhoutonged and give your money to hackers to devalue your Bitcoins, please!

"Bitcoin had been transformed from an anarachistic challenge to the financial status quo, to the crypto spawn of Satan, fuelled by cut-throat greed and delusions of avarice." - MatTheCat
realnowhereman
Hero Member
*****
Offline Offline

Activity: 490



View Profile

Ignore
May 11, 2012, 01:46:52 PM
 #18

At time of writing, the funds haven't been spent.

http://blockchain.info/address/182tGyiczhXSSCTciVujNRkkMw1zQxUVhp

1AAZ4xBHbiCr96nsZJ8jtPkSzsg1CqhwDa
bulanula
Hero Member
*****
Offline Offline

Activity: 518



View Profile

Ignore
May 11, 2012, 01:47:54 PM
 #19

I have repeatedly told people that Bitcoinica is a scam and that Bitcoinica staff should be banned from the forums.

Maybe now people will actually listen.

Yankee (BitInstant)
Hero Member
*****
Offline Offline

Activity: 868


Charlie Van Bitcoin


View Profile

Ignore
May 11, 2012, 01:49:47 PM
 #20

I have repeatedly told people that Bitcoinica is a scam and that Bitcoinica staff should be banned from the forums.

Maybe now people will actually listen.

Bitcoinica is a regulated entity, verifiable by government records. We are one of the most legitimate businesses in Bitcoin community, by any standard.

I second that, and vouch for Zhou and the Bitcoinica team.

"In a free society, private payments should be covered by merchant-customer privilege just as attorney-client privilege covers confidential legal communication." - Jon Matonis, Director, Bitcoin Foundation
Pages: [1] 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 ... 80
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!