Bitcoin Forum
December 06, 2016, 02:26:44 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 [20] 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 »
  Print  
Author Topic: Bitcoinica MtGox account compromised  (Read 145751 times)
sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
July 14, 2012, 01:41:01 AM
 #381


Thanks. So the leaker who accessed genjix's box packed it on his box as him. That's why it says genjix/genjix, genjix's box was hacked.

genjix's box was hacked? Who told you that? Shocked

So, the simplest explanation is the one you gave and not that genjix himself leaked the source code? Roll Eyes
no one is giving an 'explanation'. We are jsut trying to trace this stuff back as close to 'source' as possible..


@BitcoinBull  I assume by 'box' you mean his personal computer?

I will not give much importance to bitcoinBull's assumptions as 20 minutes ago he was assuming I was looking at the file on the OP and not at the file I had downloaded from the link at the pastebin and decoded with the instructions posted at reddit...

well, in your opinion, did it come from his gihub or his computer? And would it not be easy enough to edit that stuff to make it look like it came from a particular source?

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
1481034404
Hero Member
*
Offline Offline

Posts: 1481034404

View Profile Personal Message (Offline)

Ignore
1481034404
Reply with quote  #2

1481034404
Report to moderator
1481034404
Hero Member
*
Offline Offline

Posts: 1481034404

View Profile Personal Message (Offline)

Ignore
1481034404
Reply with quote  #2

1481034404
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481034404
Hero Member
*
Offline Offline

Posts: 1481034404

View Profile Personal Message (Offline)

Ignore
1481034404
Reply with quote  #2

1481034404
Report to moderator
1481034404
Hero Member
*
Offline Offline

Posts: 1481034404

View Profile Personal Message (Offline)

Ignore
1481034404
Reply with quote  #2

1481034404
Report to moderator
Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1442



View Profile
July 14, 2012, 01:43:42 AM
 #382


Thanks. So the leaker who accessed genjix's box packed it on his box as him. That's why it says genjix/genjix, genjix's box was hacked.

genjix's box was hacked? Who told you that? Shocked

So, the simplest explanation is the one you gave and not that genjix himself leaked the source code? Roll Eyes
no one is giving an 'explanation'. We are jsut trying to trace this stuff back as close to 'source' as possible..


@BitcoinBull  I assume by 'box' you mean his personal computer?

I will not give much importance to bitcoinBull's assumptions as 20 minutes ago he was assuming I was looking at the file on the OP and not at the file I had downloaded from the link at the pastebin and decoded with the instructions posted at reddit...

well, in your opinion, did it come from his gihub or his computer? And would it not be easy enough to edit that stuff to make it look like it came from a particular source?

Anything is possible. I could create a VM and have a user with the name genjix and achieve the same result.
That still doesn't give me a solution to be able to clone a private github repo, much less edit the HEAD file to include genjix name on it, for I would need to clone the repo first Grin

bitcoinBull
Legendary
*
Offline Offline

Activity: 826


rippleFanatic


View Profile
July 14, 2012, 01:48:53 AM
 #383

@BitcoinBull  I assume by 'box' you mean his personal computer?

More likely his VPS (virtual private server), which he explained was the cause of the last breach. He said he gives many "noobs" from #C++, etc access to that VPS.


genjix's box was hacked? Who told you that? Shocked

So, the simplest explanation is the one you gave and not that genjix himself leaked the source code? Roll Eyes

Given his history, I think incompetence is more likely than malice, definitely in genjix's case.

That patrick would walk away right now looks suspicious, if he were a smart thief he would come back and finish the claims so everyone gets their 66% (like myBitcoin). So in a counter-intuitive way, I think that he "walked away" in anger/frustration is actually a sign that it wasn't an inside job. Its very plausible and at least equally likely that there was another thief IMO (see below)...



I think the probability is about the same as finding a sha-256 collision in bitcoin   Smiley

So its probably silly to imagine it happened. Compare the chance of an inside job (someone told the thief where to look or told them the actual password) or a keylogger (etc) type attack was used to discover it, in such cases the fact one can find it in the source code is merely a red herring, whether deliberately dyed red or merely accidentally happening to be red.

-MarkM-


I didnt see a "lastpass master pasword " label on that string.

This.

Was ANYONE here even aware that the bitcoinica source code had been leaked, prior to genjix's OP on this thread?

Plugging the file URL into Google gives only a handful of results, with this thread being the earliest incidence of it, as far as I can tell.

That, plus the fact that the tar file appears to have been packed by username genjix.

Additionally, there's the fact that the lastpass password was supposedly the MtGOX KEY (username) and not the SECRET. A bizarre thing to do, which smells more like it's a fuck-up in an attempt to make up a plausible hack story.

The whole story is just too cute for me.


The source code was leaked on reddit almost a week ago (0 points from 9 downvotes, that's why I personally missed it).

It is plausible that someone would try the mtgox api key as the LastPass password. A very lucky someone could've confirmed months ago that info@bitcoinica.com was a LastPass account, because LastPass tells you if you try log-in with an invalid username/e-mail ("Unknown e-mail address") or if its a valid LastPass account ("Invalid password").

So when the source code was leaked, they saw the API key and decided to try it.


College of Bucking Bulls Knowledge
Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1442



View Profile
July 14, 2012, 01:54:43 AM
 #384

genjix's box was hacked? Who told you that? Shocked

So, the simplest explanation is the one you gave and not that genjix himself leaked the source code? Roll Eyes

Given his history, I think incompetence is more likely than malice, definitely in genjix's case.

That patrick would walk away right now looks suspicious, if he were a smart thief he would come back and finish the claims so everyone gets their 66% (like myBitcoin). So in a counter-intuitive way, I think that he "walked away" in anger/frustration is actually a sign that it wasn't an inside job. Its very plausible and at least equally likely that there was another thief IMO (see below)...


I agree with you on this one. If it was an inside job, and I'm not saying it is(I mean the thefts, not the source code leak), it was from someone else and not Patrick or Amir. They would have to be completely nuts to screw up on something that would tarnish their reputation in this manner.

Bitcoin Oz
Hero Member
*****
Offline Offline

Activity: 700


Wat


View Profile WWW
July 14, 2012, 01:56:00 AM
 #385

This whole mess should have been in the hands of a third party administrator long ago and at the very least a police report filed.

Setting up a company is the essence of government interference and to turn around and to claim you dont believe in government interference after you do that doesnt make sense, which is the reason they claim they never filed a police report.

Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1442



View Profile
July 14, 2012, 02:08:19 AM
 #386

Adding to my previous post agreeing with bitcoinBull. If it was an inside job it wasn't Patrick or Amir.

First we had this.
https://bitcointalk.org/index.php?topic=81045.msg894435#msg894435
Quote
Please don't blame genjix. It's definitely not his fault.

He's not in our mailing list so it couldn't be him.

Well, shit just happens and it's not anyone's fault or incompetence here. I'm the only guy awake when the incident happens.

and now we have this
Posting an update soon.

good news?

If it's related to my previous email to the Bitcoinica team, no, it's a bad news.

This was a pointless and malicious comment.

Are you trying to further harm their reputation or your own? Because they're not entirely separate.

No, I was merely stating a fact. I discovered something unusual and I emailed them. They promised an update. And that's it.

I don't have the right to update you publicly because I have some advantage in obtaining insider information.

I'm not part of the "bad news" and I'm not involved in Bitcoinica. If I didn't tell them they will discover the problem anyway.

Someone care to explain to a dumb guy(me) how is it that a guy who isn't "involved in Bitcoinica" discovers a theft of almost $400k before the ones who are involved in Bitcoinica?

sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
July 14, 2012, 02:12:20 AM
 #387

Adding to my previous post agreeing with bitcoinBull. If it was an inside job it wasn't Patrick or Amir.

First we had this.
https://bitcointalk.org/index.php?topic=81045.msg894435#msg894435
Quote
Please don't blame genjix. It's definitely not his fault.

He's not in our mailing list so it couldn't be him.

Well, shit just happens and it's not anyone's fault or incompetence here. I'm the only guy awake when the incident happens.

and now we have this
Posting an update soon.

good news?

If it's related to my previous email to the Bitcoinica team, no, it's a bad news.

This was a pointless and malicious comment.

Are you trying to further harm their reputation or your own? Because they're not entirely separate.

No, I was merely stating a fact. I discovered something unusual and I emailed them. They promised an update. And that's it.

I don't have the right to update you publicly because I have some advantage in obtaining insider information.

I'm not part of the "bad news" and I'm not involved in Bitcoinica. If I didn't tell them they will discover the problem anyway.

Someone care to explain to a dumb guy(me) how is it that a guy who isn't "involved in Bitcoinica" discovers a theft of almost $400k before the ones who are involved in Bitcoinica?

you're assuming we know what ZT's bad news was. It is possible he contacted them about the source code leak. Or god only knows what.

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
zhoutong
VIP
Hero Member
*
Offline Offline

Activity: 490


View Profile WWW
July 14, 2012, 02:14:32 AM
 #388

Adding to my previous post agreeing with bitcoinBull. If it was an inside job it wasn't Patrick or Amir.

First we had this.
https://bitcointalk.org/index.php?topic=81045.msg894435#msg894435
Quote
Please don't blame genjix. It's definitely not his fault.

He's not in our mailing list so it couldn't be him.

Well, shit just happens and it's not anyone's fault or incompetence here. I'm the only guy awake when the incident happens.

and now we have this
Posting an update soon.

good news?

If it's related to my previous email to the Bitcoinica team, no, it's a bad news.

This was a pointless and malicious comment.

Are you trying to further harm their reputation or your own? Because they're not entirely separate.

No, I was merely stating a fact. I discovered something unusual and I emailed them. They promised an update. And that's it.

I don't have the right to update you publicly because I have some advantage in obtaining insider information.

I'm not part of the "bad news" and I'm not involved in Bitcoinica. If I didn't tell them they will discover the problem anyway.

Someone care to explain to a dumb guy(me) how is it that a guy who isn't "involved in Bitcoinica" discovers a theft of almost $400k before the ones who are involved in Bitcoinica?

you're assuming we know what ZT's bad news was. It is possible he contacted them about the source code leak. Or god only knows what.

No. I received this email. I was still in the verify@bitcoinica.com mailing list.

I believe that the theft happened much earlier and no one discovered. No one cared about this spammy-look email either (or they don't check their mailbox).


Quote
From: Bitcoinica Sucks <bitcoinicasucks@hotmail.com>
To: verify@bitcoinica.com
Date: Friday, 13 July 2012 3:39:55 AM
Subject: Bitcoinica is done

THANK YOU FOR YOU SOURCE CODE.

BITCONICA IS NOW OFFICALY DONE!

LASTPAS PASWORD: c02e1a27-5524-449f-ba65-aff9581ddedc

Founder of NameTerrific (https://www.nameterrific.com/). Co-founder of CoinJar (https://coinjar.io/)

Donations for my future Bitcoin projects: 19Uk3tiD5XkBcmHyQYhJxp9QHoub7RosVb
sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
July 14, 2012, 02:17:32 AM
 #389

you're assuming we know what ZT's bad news was. It is possible he contacted them about the source code leak. Or god only knows what.

No. I received this email. I was still in the verify@bitcoinica.com mailing list.

I believe that the theft happened much earlier and no one discovered. No one cared about this spammy-look email either (or they don't check their mailbox).


Quote
From: Bitcoinica Sucks <bitcoinicasucks@hotmail.com>
To: verify@bitcoinica.com
Date: Friday, 13 July 2012 3:39:55 AM
Subject: Bitcoinica is done

THANK YOU FOR YOU SOURCE CODE.

BITCONICA IS NOW OFFICALY DONE!

LASTPAS PASWORD: c02e1a27-5524-449f-ba65-aff9581ddedc
You posted on the 12th you had bad news about an email you received on the 13th? I'm not following something right here, sorry.


If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
Bitcoin Oz
Hero Member
*****
Offline Offline

Activity: 700


Wat


View Profile WWW
July 14, 2012, 02:20:19 AM
 #390

you're assuming we know what ZT's bad news was. It is possible he contacted them about the source code leak. Or god only knows what.

No. I received this email. I was still in the verify@bitcoinica.com mailing list.

I believe that the theft happened much earlier and no one discovered. No one cared about this spammy-look email either (or they don't check their mailbox).


Quote
From: Bitcoinica Sucks <bitcoinicasucks@hotmail.com>
To: verify@bitcoinica.com
Date: Friday, 13 July 2012 3:39:55 AM
Subject: Bitcoinica is done

THANK YOU FOR YOU SOURCE CODE.

BITCONICA IS NOW OFFICALY DONE!

LASTPAS PASWORD: c02e1a27-5524-449f-ba65-aff9581ddedc
You posted on the 12th you had bad news about an email you received on the 13th? I'm not following something right here, sorry.



Someone needs to explain this...

rjk
Sr. Member
****
Offline Offline

Activity: 420


1ngldh


View Profile
July 14, 2012, 02:20:54 AM
 #391

Lrn 2 timezone

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
John (John K.)
Global Troll-buster and
Legendary
*
Offline Offline

Activity: 1092


Will read PM's. Have more time lately


View Profile
July 14, 2012, 02:25:24 AM
 #392

you're assuming we know what ZT's bad news was. It is possible he contacted them about the source code leak. Or god only knows what.

No. I received this email. I was still in the verify@bitcoinica.com mailing list.

I believe that the theft happened much earlier and no one discovered. No one cared about this spammy-look email either (or they don't check their mailbox).


Quote
From: Bitcoinica Sucks <bitcoinicasucks@hotmail.com>
To: verify@bitcoinica.com
Date: Friday, 13 July 2012 3:39:55 AM
Subject: Bitcoinica is done

THANK YOU FOR YOU SOURCE CODE.

BITCONICA IS NOW OFFICALY DONE!

LASTPAS PASWORD: c02e1a27-5524-449f-ba65-aff9581ddedc
You posted on the 12th you had bad news about an email you received on the 13th? I'm not following something right here, sorry.



Someone needs to explain this...
Time zones.

My BTC Tip Jar: 1Pgvfy19uwtYe5o9dg3zZsAjgCPt3XZqz9 , GPG ID: B3AAEEB0 ,OTC ID: johnthedong
Escrow service is available on a case by case basis! (PM Me to verify I'm the escrow!)

zhoutong
VIP
Hero Member
*
Offline Offline

Activity: 490


View Profile WWW
July 14, 2012, 02:26:34 AM
 #393

you're assuming we know what ZT's bad news was. It is possible he contacted them about the source code leak. Or god only knows what.

No. I received this email. I was still in the verify@bitcoinica.com mailing list.

I believe that the theft happened much earlier and no one discovered. No one cared about this spammy-look email either (or they don't check their mailbox).


Quote
From: Bitcoinica Sucks <bitcoinicasucks@hotmail.com>
To: verify@bitcoinica.com
Date: Friday, 13 July 2012 3:39:55 AM
Subject: Bitcoinica is done

THANK YOU FOR YOU SOURCE CODE.

BITCONICA IS NOW OFFICALY DONE!

LASTPAS PASWORD: c02e1a27-5524-449f-ba65-aff9581ddedc
You posted on the 12th you had bad news about an email you received on the 13th? I'm not following something right here, sorry.



All times are in UTC+8 (as I'm traveling in Singapore at the moment).

I notified Bitcoinica team at Friday, 13 July 2012 9:14:51 AM.

I posted later, when genjix promised a response.

If you convert all the time to UTC there shouldn't be any problems.

Founder of NameTerrific (https://www.nameterrific.com/). Co-founder of CoinJar (https://coinjar.io/)

Donations for my future Bitcoin projects: 19Uk3tiD5XkBcmHyQYhJxp9QHoub7RosVb
sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
July 14, 2012, 02:26:42 AM
 #394

you're assuming we know what ZT's bad news was. It is possible he contacted them about the source code leak. Or god only knows what.

No. I received this email. I was still in the verify@bitcoinica.com mailing list.

I believe that the theft happened much earlier and no one discovered. No one cared about this spammy-look email either (or they don't check their mailbox).


Quote
From: Bitcoinica Sucks <bitcoinicasucks@hotmail.com>
To: verify@bitcoinica.com
Date: Friday, 13 July 2012 3:39:55 AM
Subject: Bitcoinica is done

THANK YOU FOR YOU SOURCE CODE.

BITCONICA IS NOW OFFICALY DONE!

LASTPAS PASWORD: c02e1a27-5524-449f-ba65-aff9581ddedc
You posted on the 12th you had bad news about an email you received on the 13th? I'm not following something right here, sorry.



Someone needs to explain this...
Time zones.

All times are in UTC+8 (as I'm traveling in Singapore at the moment).

I notified Bitcoinica team at Friday, 13 July 2012 9:14:51 AM.

I posted later, when genjix promised a response.

If you convert all the time to UTC there shouldn't be any problems.

*double thumbs up* for different timezones.  I'd still like to know where the breech was that led to someone acquiring the source code to begin with.....

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
Clipse
Hero Member
*****
Offline Offline

Activity: 504


View Profile
July 14, 2012, 02:29:05 AM
 #395

you're assuming we know what ZT's bad news was. It is possible he contacted them about the source code leak. Or god only knows what.

No. I received this email. I was still in the verify@bitcoinica.com mailing list.

I believe that the theft happened much earlier and no one discovered. No one cared about this spammy-look email either (or they don't check their mailbox).


Quote
From: Bitcoinica Sucks <bitcoinicasucks@hotmail.com>
To: verify@bitcoinica.com
Date: Friday, 13 July 2012 3:39:55 AM
Subject: Bitcoinica is done

THANK YOU FOR YOU SOURCE CODE.

BITCONICA IS NOW OFFICALY DONE!

LASTPAS PASWORD: c02e1a27-5524-449f-ba65-aff9581ddedc
You posted on the 12th you had bad news about an email you received on the 13th? I'm not following something right here, sorry.



Someone needs to explain this...
Time zones.

All times are in UTC+8 (as I'm traveling in Singapore at the moment).

I notified Bitcoinica team at Friday, 13 July 2012 9:14:51 AM.

I posted later, when genjix promised a response.

If you convert all the time to UTC there shouldn't be any problems.

*double thumbs up* for different timezones.  I'd still like to know where the breech was that led to someone acquiring the source code to begin with.....

Probably the office cleaning lady email account got hacked, was likely also on the bitcoinica email list.

Im assuming they have an office.

...In the land of the stale, the man with one share is king... >> Clipse

We pay miners at 130% PPS | Signup here : Bonus PPS Pool (Please read OP to understand the current process)
MrTeal
Legendary
*
Offline Offline

Activity: 1246


View Profile
July 14, 2012, 02:30:30 AM
 #396

tbcoin
Hero Member
*****
Offline Offline

Activity: 896



View Profile WWW
July 14, 2012, 02:32:28 AM
 #397

this is unbelievable ...

What sense does it reuse a password like that (which is in PLAIN TEXT in the source code) and in SO EXTREMELY SENSITIVE service like lastpas ¿? ¿? ¿? ¿? ¿? is absurd. And above it looks like it was himself genjix who posted the source code (cry facepalm)

Sorry for my bad english Wink
Bitcoin card for deposit and payment + Little POS
Donations:1N65efiNUhH6sEQg7Z6oUC76kJS9Yhevyf
markm
Legendary
*
Offline Offline

Activity: 1778



View Profile WWW
July 14, 2012, 02:37:14 AM
 #398

Ok here's another millinery product of thinly crafted tin:

Genjix's machine is PWNd and if sniffing/keylogging there wouldn't have sniffed the password so is someone else's.

Likely the machine(s) was/were PWNd, the password sniffed, then while wondering what would be the best moment to drop the shoe the password was noticed to be in the source code so the idea of releasing the code came up. Throw in a friday the 13th coming up and the plan is born.

The PWNing would maybe have happened way back when the messages in the blockchain were placed saying some big more to come thing was still to come (I forget the exact wording).

-MarkM-

Browser-launched Crossfire client now online (select CrossCiv server for Galactic  Milieu)
Free website hosting with PHP, MySQL etc: http://hosting.knotwork.com/
Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1442



View Profile
July 14, 2012, 02:38:56 AM
 #399


No. I received this email. I was still in the verify@bitcoinica.com mailing list.

I believe that the theft happened much earlier and no one discovered. No one cared about this spammy-look email either (or they don't check their mailbox).


I totally believe in this, after reading everyone complaining that they sent email to verify@bitcoinica.com and almost never got an answer, which wasn't the case when they emailed genjix at the gmail lol

Bitcoin Oz
Hero Member
*****
Offline Offline

Activity: 700


Wat


View Profile WWW
July 14, 2012, 02:44:30 AM
 #400

If the lawsuit goes through they will simply declare bankruptcy. I dont know if you can be the director of other companies while bankrupt.

Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 [20] 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!