Bitcoinica MtGox account compromised

[Otoh]

So where is the wallet address of this BTC withdrawal ?

At the very least people can see where it goes and if it moves to an exchange to be sold eventually.

piuk posted the suspected TX in the blockchain.info thread.... It looks like they ran it through his servers.

Im not asking for suspected TX, I am asking for the withdrawal address that would be listed in MTGOX. No reason for anyone to speculate over where the funds went.

While you're waiting you could check the 100 BTC donation tx to ZT's personal restitution thread as that was from the hacker apparently, it was sent to:

1Lmb3fGLtizurD3mBq3QAKZ6mVb9kGMLSh

from:

http://blockexplorer.com/address/19X4nKW8Swm32UHLZ5LFuacCu9DBr1rfDJ

with 13798.9838 BTC in change

http://blockexplorer.com/tx/fd307e86985acf7aaa3634ce92f7920343ce6ef7ae61f1b693056c5a8741fcdb#o0

there's plenty in it & just follow it back a little, http://blockexplorer.com/address/1Cc7nc5Rgwnh5qfWc5jKymyn5d6Y1PcXjj had 40,000 BTC in it but it can be traced back further to more.

[1714223143]

1714223143

[1714223143]

1714223143

[1714223143]

1714223143

[ErebusBat]

So where is the wallet address of this BTC withdrawal ?

At the very least people can see where it goes and if it moves to an exchange to be sold eventually.

piuk posted the suspected TX in the blockchain.info thread.... It looks like they ran it through his servers.

Im not asking for suspected TX, I am asking for the withdrawal address that would be listed in MTGOX. No reason for anyone to speculate over where the funds went.

Can't you back trace it?  The 40,000 did just materialize in that TX.

[Otoh]

I think that this is the original 40,000 BTC withdrawal from Gox tx:

http://blockexplorer.com/tx/24f7c6836156e9d23cabde0db5dcbca3d95fde34f31673f2bce26c8c8e05ed5a#o0

to 100% taint address: http://blockexplorer.com/address/1Cc7nc5Rgwnh5qfWc5jKymyn5d6Y1PcXjj

Edit: actually I'm confused about this, there appears to be an additional 39998.9843 BTC also sent to this address, someone who knows how it all works better correct me about which tx is the original theft/withdrawal.

[Phinnaeus Gage]

<<SNIP>>

No. I received this email. I was still in the verify@bitcoinica.com mailing list.

I believe that the theft happened much earlier and no one discovered. No one cared about this spammy-look email either (or they don't check their mailbox).

From: Bitcoinica Sucks <bitcoinicasucks@hotmail.com>
To: verify@bitcoinica.com
Date: Friday, 13 July 2012 3:39:55 AM
Subject: Bitcoinica is done

THANK YOU FOR YOU SOURCE CODE.

BITCONICA IS NOW OFFICALY DONE!

LASTPAS PASWORD: c02e1a27-5524-449f-ba65-aff9581ddedc

Hacker, or somebody, can't spell or purposely misspelled word: LASTPAS; OFFICALY

Question: Did the hacker send the recent email to notify parties that an the alleged break-in occurred a while back and, since nobody took notice, he somehow felt cheated by not getting an extra 15 minutes of fame?

And the hacker used hotmail. Surely an IP can be traced via them/there.

Also...

No, I was merely stating a fact. I discovered something unusual and I emailed them. They promised an update. And that's it.

Do these people no have phones? 3-4 principles should have each other's phone numbers, shouldn't they, or did I miss that memo when the internet became mainstream?

~Bruno~

[Phinnaeus Gage]

<<SNIP>>

No. I received this email. I was still in the verify@bitcoinica.com mailing list.

I believe that the theft happened much earlier and no one discovered. No one cared about this spammy-look email either (or they don't check their mailbox).

From: Bitcoinica Sucks <bitcoinicasucks@hotmail.com>
To: verify@bitcoinica.com
Date: Friday, 13 July 2012 3:39:55 AM
Subject: Bitcoinica is done

THANK YOU FOR YOU SOURCE CODE.

BITCONICA IS NOW OFFICALY DONE!

LASTPAS PASWORD: c02e1a27-5524-449f-ba65-aff9581ddedc

Hacker, or somebody, can't spell or purposely misspelled word: LASTPAS; OFFICALY

Question: Did the hacker send the recent email to notify parties that an the alleged break-in occurred a while back and, since nobody took notice, he somehow felt cheated by not getting an extra 15 minutes of fame?

Also...

No, I was merely stating a fact. I discovered something unusual and I emailed them. They promised an update. And that's it.

Do these people no have phones? 3-4 principles should have each other's phone numbers, shouldn't they, or did I miss that memo when the internet became mainstream?

~Bruno~

the email does seem very very odd....

You think that's odd? Wait till I start linking concerns prior to them supposedly meeting up only recently--before Bitcoin was conceived which starts with C and rhymes with D as in deceive and that spells doom. ~The Music Man

~Bruno~

[sadpandatech]

I think that this is the original 40,000 BTC withdrawal from Gox tx:

http://blockexplorer.com/tx/24f7c6836156e9d23cabde0db5dcbca3d95fde34f31673f2bce26c8c8e05ed5a#o0

to 100% taint address: http://blockexplorer.com/address/1Cc7nc5Rgwnh5qfWc5jKymyn5d6Y1PcXjj

Edit: actually I'm confused about this, there appears to be an additional 39998.9843 BTC also sent to this address, someone who knows how it all works better correct me about which tx is the original theft/withdrawal.

this makes it easier to visulize; http://blockchain.info/address/1Cc7nc5Rgwnh5qfWc5jKymyn5d6Y1PcXjj
the 39k~ one was change from a 1~ BTC tx

if you trace back some of those to mywallet you can see they were popping it out of there in like 4k chunks, mostly unmixed; http://blockchain.info/address/19EHKZhD4zPXHJ783Y4H4rkcXUigWgF3jh

[Herodes]

What the fuck was 40 000 bitcoins doing sitting at mt gox. After the first hack it was claimed 80% of funds were sitting in cold storage.

Someone told lies about this too. Can someone dig up the original thread where they promised the coins were in cold storage ?

The funds were in the cold storage. But apparently someone transferred that to Mt. Gox account to be ready for refunds.

It would be interested to know the reason for transferring funds to MtGox for refunds. AFAIK bitcoins can be sent from any bitcoin client to any other bitcoin client, and fiat money can be transferred from any bank account to any other bank account. I do not understand why these funds would need to move to MtGox to be 'ready' for payout.

I guess some people without any ethics, moral or regards for anyone else is 'laughing' a lot these days. <sarcasm>I hope they're happy and sleep well at night. </sarcasm>

I felt particularily sorry for the person that lost 2 years worth of saving in this thread, but there's a lot of people that are owed a lot of money.

I'd like to say a lot more as well, but I think most of what I'd like to say has already been said in this thread.

[Phinnaeus Gage]

Let me get this straight. The poor guy is not eating well, isn't sleeping well, there's a major debacle going on, and he's the key player making sure that people get their money back with the use of an outdated computer. But he's able to attend a hacking convention in Berlin which, if I still remember my geography, is not in the UK.

Genjix moved to Berlin some months ago - that's not a vacation. Also the Bitcoin-hackathon there was long since planned and announced by him.

L.I.B.! Berlin is in the UK, possibly outside London.

We are in London = higher quality conference. That's all that matters to me. Build the highest quality schedule and topics. Bring together the best and brightest.

Our organisation's (Bitcoin Consultancy) mission statement is:
"In April 2011, we formed this consultancy as a collaborative effort to take bitcoin outside the world of tech geeks and hobbyists into the real world."

This conference's mandate is:
"To bring bitcoin to a global financial centre, and be a turning point bringing bitcoin to the fore of the mainstream. It is here that bitcoin will leave its perilous infancy, as the new world briefly meets the old before displacing it."

If you notice the actions of our group, everything is aligned with these statements. From our outreach (Bitcoin Media), to the exchange (Intersango to spread BTC) and our development (libbitcoin to enable people to build lots of bitcoin applications). This conference will be no different, and you will see it designed accordingly. We want to grow bitcoin through the vehicle of this conference. It will be a serious pensive arrangement with deep discussions, not a fun-community weekend piss-up.

London is our avenue for doing that. For building the best conference, we are here and have our support network here. It is where we can best perform. Berlin is foreign unfamiliar non-English speaking territory for us. It's not like to create a conference you just rent out a church hall and throw some plastic chairs in. There is a lot of micromanagement and behind the scenes organisation.

And saying you boycott us until you get a sunnier location of your choosing, when this is our highest quality offering is simply childish and ungrateful. I'm not getting paid working 14 hour days, and the rest of my group is also overworked and underpaid. We are in this because we are lovers of bitcoin (and opensource in my case ). And you want to punish us? Come on, I know you're above that as a human being.

And just prior to the last major attack, this...

0i!

I'm in Berlin for a while. I'm doing a Bitcoin intro at c-base. If you want to do a talk, then email me (genjix@riseup.net) and I'll add you to the schedule.

11th May (Friday) at 20:00
http://maps.google.com/maps?q=c-base,+berlin&hl=en&sll=37.0625,-95.677068&sspn=44.069599,69.082031&hq=c-base,&hnear=Berlin,+Germany&t=m&z=15
U-bahn Jannowitzbrucke (1 away from Alexanderplatz)

[Herodes]

L.I.B.! Berlin is in the UK, possibly outside London.

That's right, it's just around the corner at the local pub two blocks away from the North Woolwich train station.

[Phinnaeus Gage]

PS: Please forgive for posting so often in this thread with what looks like on the surface to be nonsense but, because of the nature of this beast, it's warranted.

It's really not, though. It's like your life revolves around finding some drama in the bitcoin community. Give it a rest go outside and play some golf or whatever old people do these days. Spare us your verbal diarrhea. Your conspiracies and "gotcha" posts are uninformed and universally wrong. I'll leave you with two of my favorite quotes.

"A wise man speaks because he has something to say; a fool because he has to say something."

&

"Conspiracy is easier to understand than complexity"

I take it you're also not a fan of Al the Alpaca.

Seriously, I take the time to apologize, and you find within yourself to stick it up my ass, when all I'm trying to do is help. To be totally honest, I will give you this: I've never been one to engulf myself with drama, but, yes, I have done just that quite a few times here on this forum. In the past year, I have changed. Changed, directly and indirectly.

Once again, I apologize, but will not stop for there's a lot at stack.

~Bruno~

[Phinnaeus Gage]

PS: Please forgive for posting so often in this thread with what looks like on the surface to be nonsense but, because of the nature of this beast, it's warranted.

...
"A wise man speaks because he has something to say; a fool because he has to say something."
...

(+1 It's annoying to follow threads with such posters in it. When someone has 6k+ posts, and has only been in the forum a year, it's likely that most of those posts were brief blurbs of nonsense...

I think Phinnaeus Gage will be the first member on my ignore list.  )

As for the topic, my sympathies for all who were damaged. I was hoping that after the 2011 Magic the Gathering Online Xchange hack, the BtCex.com affair, the MyBitcoin scam, and appearance of things like 2-factor and paper wallets, such incidents would be behind us...

May all of you be well! There is, obviously, more to Life than Bitcoin... 

I'm now hurt after reading this post. I have never ignored anybody on this forum. Everything I do is for the betterment of Bitcoin. I am sorry that this episode may have brought out the worst of me in your eyes, but I do have a lot at stake here. Please reconsider your position.

~Bruno~

[phantitox]

Damn, lot of money 

should add this to the end of the first post



 

[sd]

How many excuses are you people going to listen to?


Either:

1) Forget about the money you lost.

2) Between you organize getting a professional Singapore lawyer to take Zhou Tong to court in the first instance and any secondary parties in the second instance. Zhou Tong wants you lot to believe he can legally pass the buck on this but if he sold Bitcoinica without communicating this clearly he is likely still personally responsible. You will likely get something back but it may or may not cover court costs. At worst you still get to stick it to the guy who did you wrong.


Or you could just listen to excuse after excuse moaning about each one in turn on a web forum while the people who were at best accessories to criminal negligence and at worst thieves keep money that's rightfully yours.

[Phinnaeus Gage]

What the fuck was 40 000 bitcoins doing sitting at mt gox. After the first hack it was claimed 80% of funds were sitting in cold storage.

Someone told lies about this too. Can someone dig up the original thread where they promised the coins were in cold storage ?

The funds were in the cold storage. But apparently someone transferred that to Mt. Gox account to be ready for refunds.

It would be interested to know the reason for transferring funds to MtGox for refunds. AFAIK bitcoins can be sent from any bitcoin client to any other bitcoin client, and fiat money can be transferred from any bank account to any other bank account. I do not understand why these funds would need to move to MtGox to be 'ready' for payout.

I guess some people without any ethics, moral or regards for anyone else is 'laughing' a lot these days. <sarcasm>I hope they're happy and sleep well at night. </sarcasm>

I felt particularily sorry for the person that lost 2 years worth of saving in this thread, but there's a lot of people that are owed a lot of money.

I'd like to say a lot more as well, but I think most of what I'd like to say has already been said in this thread.

That's the exact point I was trying to make early on. Why was cash sitting in Mt Gox? Could the answer be that it was staged there?

(Note to self: Only use 10pt font, don't post diarrhea, and take up golf.)

~Bruno~

[Jan]

(Jan tries to dodge the flames thrown by eWallet developers)

...flames...

Actually wouldn't MyWallet qualify?  Except maybe the user decided when to upgrade?

Yes. It is the most secure web based wallet we have. Ben did a really good job.
There are two things that stick out:
1. The end user does not decide when to upgrade the javascript that handles private keys.
2. The server has all the encrypted private keys.
I don't see a good way around this without an external piece of software running on a user controlled device.

[ErebusBat]

(Jan tries to dodge the flames thrown by eWallet developers)

...flames...

Actually wouldn't MyWallet qualify?  Except maybe the user decided when to upgrade?

Yes. It is the most secure web based wallet we have. Ben did a really good job.
There are two things that stick out:
1. The end user does not decide when to upgrade the javascript that handles private keys.
2. The server has all the encrypted private keys.
I don't see a good way around this without an external piece of software running on a user controlled device.

Personally I think that the keys being on the server is more secure than a standard satoshidice install.  To get my wallet you would have to steal my phone and my password. As opposed to just sitting at my desk for a couple of mins.

[Raoul Duke]

(Jan tries to dodge the flames thrown by eWallet developers)

...flames...

Actually wouldn't MyWallet qualify?  Except maybe the user decided when to upgrade?

Yes. It is the most secure web based wallet we have. Ben did a really good job.
There are two things that stick out:
1. The end user does not decide when to upgrade the javascript that handles private keys.
2. The server has all the encrypted private keys.
I don't see a good way around this without an external piece of software running on a user controlled device.

Personally I think that the keys being on the server is more secure than a standard satoshidice install.  To get my wallet you would have to steal my phone and my password. As opposed to just sitting at my desk for a couple of mins.

Oh... MEGA LOL

You better stop gambling your bitcoins, son, you're becoming obsessed

[ErebusBat]

(Jan tries to dodge the flames thrown by eWallet developers)

...flames...

Actually wouldn't MyWallet qualify?  Except maybe the user decided when to upgrade?

Yes. It is the most secure web based wallet we have. Ben did a really good job.
There are two things that stick out:
1. The end user does not decide when to upgrade the javascript that handles private keys.
2. The server has all the encrypted private keys.
I don't see a good way around this without an external piece of software running on a user controlled device.

Personally I think that the keys being on the server is more secure than a standard satoshidice install.  To get my wallet you would have to steal my phone and my password. As opposed to just sitting at my desk for a couple of mins.

Oh... MEGA LOL

You better stop gambling your bitcoins, son, you're becoming obsessed

DOH!  Damn You Auto Correct!

Funny, I hadn't thought I typed satoshidice that much.

[ninjarobot]

I will post another update once I know more. I'm guessing that payments will have to take a forced 30% cut.

No updates in the last 24hrs... I know it is a Saturday but I assume that by now you guys (all Bitconica LP partners) must have had a crisis meeting and made some concrete decisions on how to proceed following this latest MtGox compromise? Please don't leave your customers guessing.

[repentance]

...but I assume that by now you guys (all Bitconica LP partners) must have had a crisis meeting and made some concrete decisions on how to proceed following this latest MtGox compromise? Please don't leave your customers guessing.

LOL.  Based on past posts since this whole clusterfuck began, they hardly every communicate with each other except via the occasional email.  I don't think there've been too many all night Skype sessions going on.