Bitcoin Forum
December 10, 2016, 03:17:29 AM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 [22] 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 »
  Print  
Author Topic: Bitcoinica MtGox account compromised  (Read 145935 times)
Bitcoin Oz
Hero Member
*****
Offline Offline

Activity: 700


Wat


View Profile WWW
July 14, 2012, 05:17:47 AM
 #421

What the fuck was 40 000 bitcoins doing sitting at mt gox. After the first hack it was claimed 80% of funds were sitting in cold storage.

Someone told lies about this too. Can someone dig up the original thread where they promised the coins were in cold storage ?

1481339849
Hero Member
*
Offline Offline

Posts: 1481339849

View Profile Personal Message (Offline)

Ignore
1481339849
Reply with quote  #2

1481339849
Report to moderator
1481339849
Hero Member
*
Offline Offline

Posts: 1481339849

View Profile Personal Message (Offline)

Ignore
1481339849
Reply with quote  #2

1481339849
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
jcp
Newbie
*
Offline Offline

Activity: 14


View Profile
July 14, 2012, 05:18:15 AM
 #422

In any event, employee compensation clawbacks generally are only available for losses that were incurred prior to the payment of the compensation. The idea is that someone who misrepresents the profitability of a business shouldn't benefit from their misconduct by getting a bonus based on the inflated profits. Nothing like that seems to have happened in this case. In many countries (including the United States) you don't have to prove the employee was at fault. It's sufficient to show that the bonus was paid based on incorrect information.

As far as a non-employee clawback goes, generally you can't clawback funds from someone who gave something of comparable value for the funds received unless you can show wrongdoing on their part or the contract specifically permitted a clawback. It's very unlikely that ZhouTong's contract would have permitted a clawback for anything other than a materially significant misrepresentation or omission on his part. And there's no evidence so far, at least as I know, that ZhouTong did anything like that.

Tort law doesn't work that way. Prior principals can be liable, and there is a mountain of case law in common law jurisdictions where this is the case. If full payout was not returned to deposit holders, then there may be liability due to negligence from a lack of due diligence with the buyer / current owner of Bitcoinica. Further, as you implied, if the seller received compensation significantly higher than the true NPV/MTM of the equity, the difference may likely be subject to legal claims even if Zhoutong acted in good faith if the current owners convinced Zhoutong to sell his company so the current owners can strip/steal all the deposits (as the non-disclosure of the ownership transfer was proximate cause for the loss).

It is in Zhoutong's personal best interests to ensure that Bitcoinica client funds are returned in full if he is not colluding with the present owners, otherwise there will be significant economic incentives for deposit holders to investigate the identity of Zhoutong and all parties involved.
Phinnaeus Gage
Legendary
*
Offline Offline

Activity: 1302


Bitcoin: An Idea Worth Spending


View Profile
July 14, 2012, 05:24:04 AM
 #423

Posted an update to the OP.

Poof! And he's gone! Funny how he's not been around to post. I guess there's nothing exciting going on with this forum to warrant his presence.

~Bruno~
bitcoinBull
Legendary
*
Offline Offline

Activity: 826


rippleFanatic


View Profile
July 14, 2012, 05:28:28 AM
 #424

What the fuck was 40 000 bitcoins doing sitting at mt gox. After the first hack it was claimed 80% of funds were sitting in cold storage.

Someone told lies about this too. Can someone dig up the original thread where they promised the coins were in cold storage ?

Good question. And when the 18k were stolen, genjix's first response was "There shouldn't even be that much money in the live wallet." And we see Patrick's comments on #bitcoin-dev talking about "amateur hour" while probing bitcoinica, and demanding respect just a few days ago.

Then they were put in control of bitcoinica's MtGox account (Tihan confirmed this, he gave them all the passwords in the info@bitcoinica.com LastPass account), and in the months since they didn't even turn on 2-factor auth.

Its literally a miracle that Intersango is still in business (at least they did accidentally leak all Intersango users e-mail addresses).

College of Bucking Bulls Knowledge
Transisto
Donator
Legendary
*
Offline Offline

Activity: 1624



View Profile WWW
July 14, 2012, 05:30:21 AM
 #425

Posted an update to the OP.

Poof! And he's gone! Funny how he's not been around to post. I guess there's nothing exciting going on with this forum to warrant his presence.
Genjix is attending Hackaton in Berlin.

I bet they're busy providing tech support for intersango.
Phinnaeus Gage
Legendary
*
Offline Offline

Activity: 1302


Bitcoin: An Idea Worth Spending


View Profile
July 14, 2012, 05:30:48 AM
 #426

What the fuck was 40 000 bitcoins doing sitting at mt gox. After the first hack it was claimed 80% of funds were sitting in cold storage.

Someone told lies about this too. Can someone dig up the original thread where they promised the coins were in cold storage ?

You are so delusional! No such thing was ever said. But if it had, it would look like the below.

you have access!!!
Just send my 60-70btc to 19PKMheiAr2Lxm2YN67pTUpTmwTW96PGvF .
lol trying to jump the line. Try not to be an idiot.
Im not jumping the line. I suggested that zhou got rid of the bureaucracy.
We have waited long enough, and im getting impatient.

It's not how things work. The owner of the account is not Bitcoinica LP, and I never have authority to touch the money in that account.

I can just confirm that the fund injection (from cold storage) has been done, and technically Patrick (and maybe others) can already access the funds.

Or like this:

Quote
Who has the keys to the offline cold storage wallet?
I don't have. I don't even know how much we have in cold storage before the hack.
repentance
Hero Member
*****
Offline Offline

Activity: 840


View Profile
July 14, 2012, 05:34:06 AM
 #427


Copied and paste from a random website:

Quote
What are the banking hours in Japan? Most banks are open Monday to Friday, 9:00am to 3:00pm. Most are closed on Saturday's and Sunday's.

TGIF comes to mind. In this case, TGIF13.

As of an hour ago, Mt Gox has yet to file a report. Neither has those (maybe no longer plural) over at Bitcoinica.

~Bruno~


Bank hours have nothing to do with it.  I was just giving a bank as an example of who would normally file the report with law enforcement if a depositor's funds are taken from an account with a financial institution.

We actually don't know exactly what contact MtGox may or may not have had with the authorities and it is no-one's best interest for them to reveal that information at this stage.  On the other hand, the failure of those associated with Bitcoinica to make reports to law enforcement is inexcusable and simply cannot be justified.

Quote
ZhouTong wasn't paid employee compensation.

In the other thread it was stated that Zhoutong continued to receive $8000 per month until recently.  It is not clear whether he received that money as an employee or as a consultant, although his posts following the May intrusion indicated that he regarded himself as an employee.  Generally when companies become insolvent, employee entitlements take precedence over those of unsecured creditors but there is little indication that any of the "management" people were being paid following the Linode hack.  In fact, if Zhou is to be believed, funds were being injected into Bitcoinica at that time (by Tihan and perhaps others) to cover the initial losses.

Quote
Zhou was being paid $8000 a month for operating Bitcoinica in his part time while Tihan was scrambling to get the site working. During the last month, Zhou was not taking pay, to refund the money stolen by the Linode compromise. Tihan was rushing to get the paperwork finished because Zhou is attending school. We kept sending the paperwork back saying it's incomplete and there's problems, so when the initial compromise happened, the company was not yet fully formed. The initial confusion was over who is responsible as the GP - the part time owner devoting maybe 5 hours a week? The new owners who had no experience operating the site? The middleman who acts on behalf of the owner and has no technical knowledge? That's why payments were initially complicated and delayed.


All I can say is that this is Bitcoin. I don't believe it until I see six confirmations.
zhoutong
VIP
Hero Member
*
Offline Offline

Activity: 490


View Profile WWW
July 14, 2012, 05:36:33 AM
 #428

What the fuck was 40 000 bitcoins doing sitting at mt gox. After the first hack it was claimed 80% of funds were sitting in cold storage.

Someone told lies about this too. Can someone dig up the original thread where they promised the coins were in cold storage ?

The funds were in the cold storage. But apparently someone transferred that to Mt. Gox account to be ready for refunds.

Founder of NameTerrific (https://www.nameterrific.com/). Co-founder of CoinJar (https://coinjar.io/)

Donations for my future Bitcoin projects: 19Uk3tiD5XkBcmHyQYhJxp9QHoub7RosVb
Bitcoin Oz
Hero Member
*****
Offline Offline

Activity: 700


Wat


View Profile WWW
July 14, 2012, 05:36:44 AM
 #429

What the fuck was 40 000 bitcoins doing sitting at mt gox. After the first hack it was claimed 80% of funds were sitting in cold storage.

Someone told lies about this too. Can someone dig up the original thread where they promised the coins were in cold storage ?

You are so delusional! No such thing was ever said. But if it had, it would look like the below.

you have access!!!
Just send my 60-70btc to 19PKMheiAr2Lxm2YN67pTUpTmwTW96PGvF .
lol trying to jump the line. Try not to be an idiot.
Im not jumping the line. I suggested that zhou got rid of the bureaucracy.
We have waited long enough, and im getting impatient.

It's not how things work. The owner of the account is not Bitcoinica LP, and I never have authority to touch the money in that account.

I can just confirm that the fund injection (from cold storage) has been done, and technically Patrick (and maybe others) can already access the funds.

Or like this:

Quote
Who has the keys to the offline cold storage wallet?
I don't have. I don't even know how much we have in cold storage before the hack.


https://bitcointalk.org/index.php?topic=81045.msg894305#msg894305   maybe I imagined someone said it.....

Bitcoin Oz
Hero Member
*****
Offline Offline

Activity: 700


Wat


View Profile WWW
July 14, 2012, 05:39:20 AM
 #430

What the fuck was 40 000 bitcoins doing sitting at mt gox. After the first hack it was claimed 80% of funds were sitting in cold storage.

Someone told lies about this too. Can someone dig up the original thread where they promised the coins were in cold storage ?

The funds were in the cold storage. But apparently someone transferred that to Mt. Gox account to be ready for refunds.

Mt Gox != cold storage for those playing at home.

Phinnaeus Gage
Legendary
*
Offline Offline

Activity: 1302


Bitcoin: An Idea Worth Spending


View Profile
July 14, 2012, 05:40:50 AM
 #431

Posted an update to the OP.

Poof! And he's gone! Funny how he's not been around to post. I guess there's nothing exciting going on with this forum to warrant his presence.
Genjix is attending Hackaton in Berlin.

I bet they're busy providing tech support for intersango.

Let me get this straight. The poor guy is not eating well, isn't sleeping well, there's a major debacle going on, and he's the key player making sure that people get their money back with the use of an outdated computer. But he's able to attend a hacking convention in Berlin which, if I still remember my geography, is not in the UK. And Zhou Tong is in Singapore which is not in Australia. How many of the other key players of Bitcoinica are on holiday? It looks like I may be canceling my fishing trip to Wisconsin again this year to clean up the mess I have here in Sandwich, due in part because of all this.

Please, Jehovah, at least let Satoshi Nakamoto be of legal drinking age. I want to believe!

~Bruno~
bitcoinBull
Legendary
*
Offline Offline

Activity: 826


rippleFanatic


View Profile
July 14, 2012, 05:46:50 AM
 #432

What the fuck was 40 000 bitcoins doing sitting at mt gox. After the first hack it was claimed 80% of funds were sitting in cold storage.

Someone told lies about this too. Can someone dig up the original thread where they promised the coins were in cold storage ?

You are so delusional! No such thing was ever said. But if it had, it would look like the below.

It's not how things work. The owner of the account is not Bitcoinica LP, and I never have authority to touch the money in that account.

I can just confirm that the fund injection (from cold storage) has been done, and technically Patrick (and maybe others) can already access the funds.

Shit.. June 06 zhoutong confirms that funds were moved from cold storage. The source was leaked approximately June July 08. And the withdrawal made on June July 12. That's at least 36 days on MtGox without two-factor auth.

edit: fixed dates

College of Bucking Bulls Knowledge
Phinnaeus Gage
Legendary
*
Offline Offline

Activity: 1302


Bitcoin: An Idea Worth Spending


View Profile
July 14, 2012, 05:48:37 AM
 #433

What the fuck was 40 000 bitcoins doing sitting at mt gox. After the first hack it was claimed 80% of funds were sitting in cold storage.

Someone told lies about this too. Can someone dig up the original thread where they promised the coins were in cold storage ?

The funds were in the cold storage. But apparently someone transferred that to Mt. Gox account to be ready for refunds.

I wish I took a picture of myself after reading the above, for I caught myself doing a real life epic facepalm.

Me: Hey, Joe. I got the $20 I owe you.
Joe: Great!
Me: First I have to take it out of my wallet and put it in Myra's purse. Then she'll take it out and give it to you.
Joe: Cool!
Joe: Waiting!
Joe: Still waiting!
Me: And poof! It's gone!
Joe: Wait, what?
Me: Next!
Phinnaeus Gage
Legendary
*
Offline Offline

Activity: 1302


Bitcoin: An Idea Worth Spending


View Profile
July 14, 2012, 05:58:36 AM
 #434

What the fuck was 40 000 bitcoins doing sitting at mt gox. After the first hack it was claimed 80% of funds were sitting in cold storage.

Someone told lies about this too. Can someone dig up the original thread where they promised the coins were in cold storage ?

The funds were in the cold storage. But apparently someone transferred that to Mt. Gox account to be ready for refunds.

Mt Gox != cold storage for those playing at home.

I can't take this anymore! My face just cramped up from laughing so hard.

Let's see if I can play just as well as you.

For those playing at home, the powers that be, prior to attending a hacking convention, put a sizable sum of bitcoins in Mt Gox (a.k.a. cold storage) so that many people owed funds to will soon receive half of what is rightfully owed them. It's the safest and best option for all concerns.

But if anything should happen, which we here in Studio A don't see anything nefarious afoot, there is a backup plan. (Zhou, are you ready in studio B?)

~Bruno~
Transisto
Donator
Legendary
*
Offline Offline

Activity: 1624



View Profile WWW
July 14, 2012, 06:02:43 AM
 #435

...
Mt Gox != cold storage for those playing at home.
I can't take this anymore! My face just cramped up from laughing so hard.
...
We got the facepalm part a while ago,

Please go easy on the humor, Some people are really stressed out over this.
zhoutong
VIP
Hero Member
*
Offline Offline

Activity: 490


View Profile WWW
July 14, 2012, 06:03:14 AM
 #436

What the fuck was 40 000 bitcoins doing sitting at mt gox. After the first hack it was claimed 80% of funds were sitting in cold storage.

Someone told lies about this too. Can someone dig up the original thread where they promised the coins were in cold storage ?

The funds were in the cold storage. But apparently someone transferred that to Mt. Gox account to be ready for refunds.

Mt Gox != cold storage for those playing at home.

I can't take this anymore! My face just cramped up from laughing so hard.

Let's see if I can play just as well as you.

For those playing at home, the powers that be, prior to attending a hacking convention, put a sizable sum of bitcoins in Mt Gox (a.k.a. cold storage) so that many people owed funds to will soon receive half of what is rightfully owed them. It's the safest and best option for all concerns.

But if anything should happen, which we here in Studio A don't see anything nefarious afoot, there is a backup plan. (Zhou, are you ready in studio B?)

~Bruno~


Bruno, I got 8.0 for IELTS, but I can't seem to understand your language.

Founder of NameTerrific (https://www.nameterrific.com/). Co-founder of CoinJar (https://coinjar.io/)

Donations for my future Bitcoin projects: 19Uk3tiD5XkBcmHyQYhJxp9QHoub7RosVb
Phinnaeus Gage
Legendary
*
Offline Offline

Activity: 1302


Bitcoin: An Idea Worth Spending


View Profile
July 14, 2012, 06:03:31 AM
 #437

What the fuck was 40 000 bitcoins doing sitting at mt gox. After the first hack it was claimed 80% of funds were sitting in cold storage.

Someone told lies about this too. Can someone dig up the original thread where they promised the coins were in cold storage ?

You are so delusional! No such thing was ever said. But if it had, it would look like the below.

It's not how things work. The owner of the account is not Bitcoinica LP, and I never have authority to touch the money in that account.

I can just confirm that the fund injection (from cold storage) has been done, and technically Patrick (and maybe others) can already access the funds.

Shit.. June 06 zhoutong confirms that funds were moved from cold storage. The source was leaked approximately June July 08. And the withdrawal made on June July 12. That's at least 36 days on MtGox without two-factor auth.

edit: fixed dates

WTF! And only two posts down from the above we have the following:

Since nobody seems to be reading the verify@bitcoinica emails I agree with Kokjo and kindly remind you to send me my 101 BTC  to: 1ET2ps7BRrZnDeq7bVNc8bS9ZmgN8DxUXy   - consider the BTC pocket change you owe me and my 3 cents USD a going away gift.

I respectfully do not care who pays for it, and this is not a trivial amount to me. You're not the only one with tuition fees to pay.

Afterwards, I promise to stop asking you on this forum for what is rightfully mine. Thank you.
Transisto
Donator
Legendary
*
Offline Offline

Activity: 1624



View Profile WWW
July 14, 2012, 06:51:50 AM
 #438

I'll post this again, seems nobody read it,

30% cut ?
How can 40k BTC be untraceable or easily spendable ?

Why don't we instead agree to give the hacker an honest and untainted 30% of the BTC he moved ?
By honest I mean we know who he is, we know what he did, we're happy with it, and we respect him for both getting into your gox account and returning funds.
This "hacker" is a "somwhat" tech-savvy person that achieved something worth being rewarded for.

This is not a home invasion or a physical robbery, as much as some may hate it, if we get anything stolen because of a weak password or weak security policy then we should have no-one but our-self to blame.

I think this concept should be well understood by this community.

Pro tip,
When I was using Bitcoinica :
I was doing it with an uncompromised PC, Firewall, AV(s) ect. (HARD)
I was closing my Bitcoinica browser sessions every-time I was done,
I had two account to spread the risk, both were secured with Google Authenticator, (phone app)
I had ~14 char randomly created passwords,
 different ones,
 all stored into LastPass,
With a safe lastpass password,
With a 2nd factor Yubikey, (my home pc is not considered safe on LastPass, so I have to push the button every time.)
The LastPass recovery email is dedicated to this, the password is paper stored in a safe place.
My HDD is truecrypted,
My firewire port are disabled,
I don't use a Wireless keyboard
I never leave the PC with an open session, (session autolock after ~10 min.)
...I do not have any felling it is all secure. I'm by no mean a security expert.

I had nowhere near the same value to protect and ... were not someone else assets.[/b]

IMO, This is rather basic protection scheme for a regular "geek" PC user...

Whatever your previous story, ;
In over 2 months...
You failed to disable Mt.Gox API,
You failed to protect mt. Gox with a Yubikey,
You failed to change Lastpass password,
You failed to protect Lastpass with one of their many 2nd factor auth. (some free)

Don't be surprised if people don't believe you.
repentance
Hero Member
*****
Offline Offline

Activity: 840


View Profile
July 14, 2012, 06:54:53 AM
 #439

And Zhou Tong is in Singapore which is not in Australia. How many of the other key players of Bitcoinica are on holiday? It looks like I may be canceling my fishing trip to Wisconsin again this year to clean up the mess I have here in Sandwich, due in part because of all this.


~Bruno~


To be fair, many international students from the Asia-Pacific region who studying at Australian universities go home for the mid-year break.  

All I can say is that this is Bitcoin. I don't believe it until I see six confirmations.
Transisto
Donator
Legendary
*
Offline Offline

Activity: 1624



View Profile WWW
July 14, 2012, 06:55:10 AM
 #440

Quote from: self
How can 40k BTC + 18k BTC be untraceable or easily spendable ?

Why don't we instead agree to give the hacker an honest and untainted 30% of the BTC he moved ?
By honest I mean we know who he is, we know what he did, we're happy with it, and we respect him for both getting into your gox account and returning funds.
This "hacker" is a "somewhat" tech-savvy person that achieved something worth being rewarded for.

This is not a home invasion or a physical robbery, as much as some may hate it, if we get anything stolen because of a weak password or weak security policy then we should have no-one but our-self to blame.

I think this concept should be well understood by this community.

In all, I'm saying, It's not like the hacker stole BTC from a respected member of the community.

It was completely their fault for not securing enough.

Given what I said, If hacker don't agree to this, it is 90%+ likely an inside job.
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 [22] 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!