Phinnaeus Gage
Legendary
 Offline
Activity: 1918
Merit: 1570
Bitcoin: An Idea Worth Spending
|
 |
May 18, 2012, 03:31:31 AM |
|
Also, the address starts with 1EML
Expect Mass Leak
And after the 1EML part, it says wAweso Looks like the beginning of "Awesome", not sure what the "w" is all about. Probably was an easy to generate address in Vanitygen, it would take a while to generate 1emlawesome Vanitygen has a little-known ability to use regex, which - if written carefully - could make the job easier. It could also be sped up by running on many GPUs. |
|
|
|
|
|
|
|
|
|
"Bitcoin: the cutting edge of begging technology." -- Giraffe.BTC
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
BIGMERVE
|
|
May 18, 2012, 03:38:58 AM |
|
Why is nobody on here talking about why the claims page isn't working. Everyone has bitched since the coins were stolen (including me) and Zhou briefly mentions "claims.bitcoinica.com" and nobody replies? Has anyone actually connected to the site and filed their claim?
|
|
|
|
ArsenShnurkov
Legendary
Offline
Activity: 1386
Merit: 1000
|
|
May 18, 2012, 03:39:23 AM
Last edit: May 18, 2012, 04:04:16 AM by ArsenShnurkov |
|
Doesn't work for me. The site is not available. Might be DNS is not yet propagated data. |
|
|
|
|
|
Blazr
|
|
May 18, 2012, 03:41:22 AM |
|
Why is nobody on here talking about why the claims page isn't working. Everyone has bitched since the coins were stolen (including me) and Zhou briefly mentions "claims.bitcoinica.com" and nobody replies? Has anyone actually connected to the site and filed their claim?
Was working 20 minutes ago. What did you break, Bigmerve? |
|
|
|
BCB
CTG
VIP
Legendary
Offline
Activity: 1078
Merit: 1002
BCJ
|
|
May 18, 2012, 03:42:32 AM |
|
This works. But the cert it not valid for the ip https://173.45.224.244/ |
|
|
|
|
|
Blazr
|
|
May 18, 2012, 03:43:32 AM |
|
Yeah, I wouldn't use that link |
|
|
|
tulkos
Member
Offline
Activity: 74
Merit: 10
|
|
May 18, 2012, 03:45:17 AM |
|
I have filled out the claim page, verified my email address with them and now waiting for the next step?
|
|
|
|
rjk
Sr. Member
Offline
Activity: 448
Merit: 250
1ngldh
|
|
May 18, 2012, 03:47:11 AM |
|
Yeah, I wouldn't use that link It's a valid StartCom certificate that was just issued, but connecting via IP doesn't allow the browser to do various automated checks on it. |
|
|
|
|
Blazr
|
|
May 18, 2012, 03:47:28 AM |
|
I have filled out the claim page, verified my email address with them and now waiting for the next step?
They have to verify each claim manually. Wait your turn. |
|
|
|
|
GroundRod
|
|
May 18, 2012, 04:12:49 AM |
|
The hacker wrote "EXPECT MASS LEAK" in transactions from the stolen money. We can only assume he has a copy of the database, so he has access to all the information needed to make a claim.
Almost. Unfortunatly (for the hacker) he doesn't control user's email accounts, and he has no access to users ID documents. And he ought only have hashes of passwords. Link me to more detail on the "EXPECT MASS LEAK" message? This is an address some of the stolen money was sent to Notice the transaction amounts: 1.01100101 BTC 2.01111 BTC 3.0111 BTC 4.01100101 BTC 5.01100011 BTC 6.011101 BTC 7.001 BTC 8.01101101 BTC 9.01100001 BTC 10.01110011 BTC 11.01110011 BTC 12.001 BTC 13.011011 BTC 14.01100101 BTC 15.01100001 BTC 16.01101011 BTC 17.001 BTC 18.01110011 BTC 19.01101111 BTC 20.01101111 BTC 21.0110111 BTC The part after the decimal point is ascii binary, and it converts to: expect mass leak soon Also, the address starts with 1 EMLExpect Mass Leak Converter: http://www.roubaixinteractive.com/PlayGround/Binary_Conversion/Binary_To_Text.asp(for amounts that don't have 8 decimal places you need to add in more 0's, the 116BTC transaction is irrelevant I think) Not an expert here, just speculating... That is really bizarre. Behavior like this speaks allot about the nature of the one behind it's premeditation. Juvenile for one, and why those three words? Designed to instill fear in the minds of those that find the message. Allot went into them being embedded in the transaction. More than likely a troll shunned by the community here. If this heist had been done by some group within TPTB in-order to derail BitCoin progress, I doubt they would go to all this trouble, no this is the mind of a Jack The Ripper type personality, and my guess a solo individual. |
|
|
|
|
flower1024
Legendary
Offline
Activity: 1428
Merit: 1000
|
|
May 18, 2012, 06:05:10 AM
Last edit: May 18, 2012, 06:22:01 AM by flower1024 |
|
https://claims.bitcoinica.com does not work (tried chrome, ff and ie) EDIT: direct ip does work...
|
|
|
|
|
Krakonos
Member
Offline
Activity: 60
Merit: 10
|
|
May 18, 2012, 06:24:05 AM |
|
Works for me... And is the same IP as in like above. |
Tip jar: 1MWj8Etpt3ayLG5AvXwhtEU42szJD2m97z
|
|
|
flower1024
Legendary
Offline
Activity: 1428
Merit: 1000
|
|
May 18, 2012, 06:25:36 AM |
|
Works for me... And is the same IP as in like above. NOW it does work for me too |
|
|
|
|
check_status
Full Member
Offline
Activity: 196
Merit: 100
Web Dev, Db Admin, Computer Technician
|
|
May 18, 2012, 06:26:13 AM |
|
Not an expert here, just speculating...
That is really bizarre. Behavior like this speaks allot about the nature of the one behind it's premeditation. Juvenile for one, and why those three words? Designed to instill fear in the minds of those that find the message. Allot went into them being embedded in the transaction. More than likely a troll shunned by the community here. If this heist had been done by some group within TPTB in-order to derail BitCoin progress, I doubt they would go to all this trouble, no this is the mind of a Jack The Ripper type personality, and my guess a solo individual.
Not an expert of what, trolling?  |
For Bitcoin to be a true global currency the value of BTC needs always to rise. If BTC became the global currency & money supply = 100 Trillion then ⊅1.00 BTC = $4,761,904.76. P2Pool Server List | How To's and Guides Mega List | 1 EndfedSryGUZK9sPrdvxHntYzv2EBexGA |
|
|
publio
Member
Offline
Activity: 64
Merit: 10
|
|
May 18, 2012, 10:41:11 AM |
|
Not an expert here, just speculating...
That is really bizarre. Behavior like this speaks allot about the nature of the one behind it's premeditation. Juvenile for one, and why those three words? Designed to instill fear in the minds of those that find the message. Allot went into them being embedded in the transaction. More than likely a troll shunned by the community here. If this heist had been done by some group within TPTB in-order to derail BitCoin progress, I doubt they would go to all this trouble, no this is the mind of a Jack The Ripper type personality, and my guess a solo individual.
Not an expert of what, trolling? criminal psych? |
|
|
|
|
BIGMERVE
|
|
May 18, 2012, 12:28:17 PM |
|
Someone tell me if I did this right. I filled out the form, submitted it and received an email. I clicked the link in the email and it brought me to a page summarizing what I had filled out. There was nothing on that page to click or enter.
|
|
|
|
|
Mushoz
|
|
May 18, 2012, 12:45:13 PM |
|
Someone tell me if I did this right. I filled out the form, submitted it and received an email. I clicked the link in the email and it brought me to a page summarizing what I had filled out. There was nothing on that page to click or enter.
Same here. Now we'll have to wait I guess. |
www.bitbuy.nl - Koop eenvoudig, snel en goedkoop bitcoins bij Bitbuy!
|
|
|
ribuck
Donator
Hero Member
Offline
Activity: 826
Merit: 1039
|
|
May 18, 2012, 01:03:04 PM |
|
I have violated my promise (of "not to post anything [about Bitcoinica]") yesterday
A word of friendly advice, zhoutong: your life will be much easier and lower-stress if you leave this mess to Donald, Patrick and Amir to sort out. I mean, we all appreciate everything you have done, and that you have been the most communicative representative of the service, but it's not your problem anymore. So why not disable your forum login, block access to the forum in your computer's host file, back away from the keyboard, and focus on your studies and on enjoying the great lifestyle that Australia has to offer. It's not your problem anymore. |
|
|
|
|
zhoutong (OP)
VIP
Hero Member
Offline
Activity: 490
Merit: 502
|
|
May 18, 2012, 02:37:46 PM |
|
The hacker wrote "EXPECT MASS LEAK" in transactions from the stolen money. We can only assume he has a copy of the database, so he has access to all the information needed to make a claim.
Almost. Unfortunatly (for the hacker) he doesn't control user's email accounts, and he has no access to users ID documents. And he ought only have hashes of passwords. Link me to more detail on the "EXPECT MASS LEAK" message? This is an address some of the stolen money was sent to Notice the transaction amounts: 1.01100101 BTC 2.01111 BTC 3.0111 BTC 4.01100101 BTC 5.01100011 BTC 6.011101 BTC 7.001 BTC 8.01101101 BTC 9.01100001 BTC 10.01110011 BTC 11.01110011 BTC 12.001 BTC 13.011011 BTC 14.01100101 BTC 15.01100001 BTC 16.01101011 BTC 17.001 BTC 18.01110011 BTC 19.01101111 BTC 20.01101111 BTC 21.0110111 BTC The part after the decimal point is ascii binary, and it converts to: expect mass leak soon Also, the address starts with 1 EMLExpect Mass Leak Converter: http://www.roubaixinteractive.com/PlayGround/Binary_Conversion/Binary_To_Text.asp(for amounts that don't have 8 decimal places you need to add in more 0's, the 116BTC transaction is irrelevant I think) Great find Blazr! I wonder if the attackers are planning to leak the database in the open? Transaction information, etc. Another point that I don't know if people thought about is, what happens with those generated MtGox codes on the database that haven't been redeemed by the users yet? Could the attacker cash them out at will (and probably already did) to hundreds of MtGox accounts, or even instantly exchange them to LR or other currencies using services like the one we offer? What is interesting is, Friday RIGHT before Bitcoinica went down we were trying to withdraw several thousands using MtGox (this is common practice for us since as funding partners, we usually get more Bitcoinica than what we sell, and eventually we need to turn it back into fiat). What is interested is that I was hitting the "MtGox limit temporarily reached" a lot of the times, even with small test amounts such as $100. I wonder if at that point, the attacker indeed emptied the bitcoinica MtGox account from funds. I mean, think about it: with full access to the server, what would have prevented the hacker from issuing a whole bunch of MtGox redeemable codes and completely empty their account? No, I was online for the entire duration of the hacking. I revoked the keys immediately. The withdrawal limit had already been reached due to normal withdrawals. The terrible thing is, Rackspace refused to log the hacker out. They don't know how to do it. |
|
|
|
John (John K.)
Global Troll-buster and
Legendary
Offline
Activity: 1288
Merit: 1225
Away on an extended break
|
|
May 18, 2012, 02:39:38 PM |
|
The hacker wrote "EXPECT MASS LEAK" in transactions from the stolen money. We can only assume he has a copy of the database, so he has access to all the information needed to make a claim.
Almost. Unfortunatly (for the hacker) he doesn't control user's email accounts, and he has no access to users ID documents. And he ought only have hashes of passwords. Link me to more detail on the "EXPECT MASS LEAK" message? This is an address some of the stolen money was sent to Notice the transaction amounts: 1.01100101 BTC 2.01111 BTC 3.0111 BTC 4.01100101 BTC 5.01100011 BTC 6.011101 BTC 7.001 BTC 8.01101101 BTC 9.01100001 BTC 10.01110011 BTC 11.01110011 BTC 12.001 BTC 13.011011 BTC 14.01100101 BTC 15.01100001 BTC 16.01101011 BTC 17.001 BTC 18.01110011 BTC 19.01101111 BTC 20.01101111 BTC 21.0110111 BTC The part after the decimal point is ascii binary, and it converts to: expect mass leak soon Also, the address starts with 1 EMLExpect Mass Leak Converter: http://www.roubaixinteractive.com/PlayGround/Binary_Conversion/Binary_To_Text.asp(for amounts that don't have 8 decimal places you need to add in more 0's, the 116BTC transaction is irrelevant I think) Great find Blazr! I wonder if the attackers are planning to leak the database in the open? Transaction information, etc. Another point that I don't know if people thought about is, what happens with those generated MtGox codes on the database that haven't been redeemed by the users yet? Could the attacker cash them out at will (and probably already did) to hundreds of MtGox accounts, or even instantly exchange them to LR or other currencies using services like the one we offer? What is interesting is, Friday RIGHT before Bitcoinica went down we were trying to withdraw several thousands using MtGox (this is common practice for us since as funding partners, we usually get more Bitcoinica than what we sell, and eventually we need to turn it back into fiat). What is interested is that I was hitting the "MtGox limit temporarily reached" a lot of the times, even with small test amounts such as $100. I wonder if at that point, the attacker indeed emptied the bitcoinica MtGox account from funds. I mean, think about it: with full access to the server, what would have prevented the hacker from issuing a whole bunch of MtGox redeemable codes and completely empty their account? No, I was online for the entire duration of the hacking. I revoked the keys immediately. The withdrawal limit had already been reached due to normal withdrawals. The terrible thing is, Rackspace refused to log the hacker out. They don't know how to do it. Err, pull the plug for the whole dedicated server is that hard? |
|
|
|
|
|
