Bitcoin Forum
December 05, 2016, 10:42:56 AM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 [33] 34 35 36 37 38 39 40 41 »
  Print  
Author Topic: Bitcoinica MtGox account compromised  (Read 145729 times)
repentance
Hero Member
*****
Offline Offline

Activity: 840


View Profile
July 21, 2012, 02:17:52 AM
 #641

So Tihan owns bitcoin.com ?

Yep! Since last year. Remember Tradehill? At the moment, I put myself on my paper (a southern phrase), therefore I'll refrain from connecting further dots.

~Bruno~


This is one reason why I wonder about the nature of Wendon's contribution to the Bitcoinic LP partnership.  It might not have been capital, but rather the right to use the domain and the IP.

All I can say is that this is Bitcoin. I don't believe it until I see six confirmations.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Bitcoin Oz
Hero Member
*****
Offline Offline

Activity: 700


Wat


View Profile WWW
July 21, 2012, 03:07:11 AM
 #642

So Tihan owns bitcoin.com ?

Yep! Since last year. Remember Tradehill? At the moment, I put myself on my paper (a southern phrase), therefore I'll refrain from connecting further dots.

~Bruno~


I wonder about icehill and kronos....

Phinnaeus Gage
Legendary
*
Offline Offline

Activity: 1302


Bitcoin: An Idea Worth Spending


View Profile
July 21, 2012, 03:11:08 AM
 #643

So Tihan owns bitcoin.com ?

Yep! Since last year. Remember Tradehill? At the moment, I put myself on my paper (a southern phrase), therefore I'll refrain from connecting further dots.

~Bruno~


I wonder about icehill and kronos....

Don't force me to add at least six more names to your such-a-short-list.

~Bruno~
imsaguy
General failure and former
VIP
Hero Member
*
Offline Offline

Activity: 574

Don't send me a pm unless you gpg encrypt it.


View Profile WWW
July 21, 2012, 06:58:53 PM
 #644

Don't force me to add at least six more names to your such-a-short-list.

~Bruno~


Either do it or don't, but all of these "don't make me" posts are just a waste to read.

Coming Soon!™ © imsaguy 2011-2013, All rights reserved.

EIEIO:
https://bitcointalk.org/index.php?topic=60117.0

Shades Minoco Collection Thread: https://bitcointalk.org/index.php?topic=65989
Payment Address: http://btc.to/5r6
Ente
Legendary
*
Offline Offline

Activity: 1834



View Profile
July 23, 2012, 11:26:27 AM
 #645

I can't believe I just finished to read through 34 pages. It took me several days. And amazingly little facts came around, oh-so-much speculation, and a bit of drama too. There were more drama in the last few drama, however, so "well done!" :-)

Ente

/subscribed
LoupGaroux
Sr. Member
****
Offline Offline

Activity: 420



View Profile
July 23, 2012, 05:48:27 PM
 #646

Wow. Take a few days off for a family issue and I come back to this train wreck? Bitcoinica is now well and truly outed as a criminal conspiracy, and using the same tired "oh noes, we had yet another password hacked!" excuse? Seriously? Does this disgusting company of scoundrels, con-men and criminals really think that there are no intelligent people left in the world?

It is time to bring every legal action possible against every single one of these bastards. Tie every asset they have in any country up. This is nothing more than a well planned and executed theft, committed on a world-wide scale. Every single bastard involved in this is guilty as sin, and deserves to spend time at hard labor for their illegal activities.

54Gh/s bASIC Bitcoin Mining Devices
Pre-Order Yours Today!     
Only $1069.99 ! @ http://www.BitcoinASIC.com


Look^^ I'm selling my soul too!
paraipan
Legendary
*
Offline Offline

Activity: 924


Firstbits: 1pirata


View Profile WWW
July 23, 2012, 05:56:54 PM
 #647

Wow. Take a few days off for a family issue and I come back to this train wreck? Bitcoinica is now well and truly outed as a criminal conspiracy, and using the same tired "oh noes, we had yet another password hacked!" excuse? Seriously? Does this disgusting company of scoundrels, con-men and criminals really think that there are no intelligent people left in the world?

It is time to bring every legal action possible against every single one of these bastards. Tie every asset they have in any country up. This is nothing more than a well planned and executed theft, committed on a world-wide scale. Every single bastard involved in this is guilty as sin, and deserves to spend time at hard labor for their illegal activities.

^this is the same way I feel, although I would've done better with words

BTCitcoin: An Idea Worth Saving - Q&A with bitcoins on rugatu.com - Check my rep
Phinnaeus Gage
Legendary
*
Offline Offline

Activity: 1302


Bitcoin: An Idea Worth Spending


View Profile
July 23, 2012, 06:10:03 PM
 #648

Wow. Take a few days off for a family issue and I come back to this train wreck? Bitcoinica is now well and truly outed as a criminal conspiracy, and using the same tired "oh noes, we had yet another password hacked!" excuse? Seriously? Does this disgusting company of scoundrels, con-men and criminals really think that there are no intelligent people left in the world?

It is time to bring every legal action possible against every single one of these bastards. Tie every asset they have in any country up. This is nothing more than a well planned and executed theft, committed on a world-wide scale. Every single bastard involved in this is guilty as sin, and deserves to spend time at hard labor for their illegal activities.

^this is the same way I feel, although I would've done better with words

He normally does write better than that, but give him a couple days and he'll be back up to speed. It doesn't matter if I agree with him or not, I simply love his writing style.

~Bruno~
rjk
Sr. Member
****
Offline Offline

Activity: 420


1ngldh


View Profile
July 23, 2012, 06:11:46 PM
 #649

^this is the same way I feel, although I would've done better with words
By "better" you mean "not quite as well"? Yes, that's what I thought.

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
kiba
Legendary
*
Offline Offline

Activity: 980


View Profile
July 23, 2012, 06:18:31 PM
 #650

Why go through the trouble of telling people about hacks and passwords and staying where you are when you can just quietly shut down and run far far away with the money from where you live? Why the complicated gambit of appearing legit and why risk jailtime for your robbery?

Let me tell ya, it isn't really an inside job. It's really just extreme incompetence. There's no conspiracy, because if there was, it was an extremely unbelievable conspiracy with a well executed unnecessary complicated gambit.

And it won't make you feel better knowing what I said.

MrTeal
Legendary
*
Offline Offline

Activity: 1246


View Profile
July 23, 2012, 06:34:16 PM
 #651

Why go through the trouble of telling people about hacks and passwords and staying where you are when you can just quietly shut down and run far far away with the money from where you live? Why the complicated gambit of appearing legit and why risk jailtime for your robbery?

Let me tell ya, it isn't really an inside job. It's really just extreme incompetence. There's no conspiracy, because if there was, it was an extremely unbelievable conspiracy with a well executed unnecessary complicated gambit.

And it won't make you feel better knowing what I said.

Granted I don't use lastpass so I'm taking other people's word for it here, but my understanding is that lastpass will only let you make 3 incorrect attempts to log in and download the password file before locking the account. It might seem obvious in retrospect, but how likely is it that some hacker stumbled upon the leaked source code and was able to glean from it that the API key would be the lastpass PW? Baring something else that we haven't been told about like a keylogger installed on someone's machine, I have a hard time believing that story.

Did anyone from Bitcoinica Consultancy contact LastPass to attempt to get the IP address of the person who logged into their account? Or will that be done around the same time as the police report getting filed?
kiba
Legendary
*
Offline Offline

Activity: 980


View Profile
July 23, 2012, 06:39:08 PM
 #652

Last time I check, MtGox doesn't prevent people from trying as many time as they want. It should be something they fix, but don't.

MrTeal
Legendary
*
Offline Offline

Activity: 1246


View Profile
July 23, 2012, 06:42:28 PM
 #653

Last time I check, MtGox doesn't prevent people from trying as many time as they want. It should be something they fix, but don't.

That's not the story that was presented.
repentance
Hero Member
*****
Offline Offline

Activity: 840


View Profile
July 23, 2012, 07:24:43 PM
 #654


Granted I don't use lastpass so I'm taking other people's word for it here, but my understanding is that lastpass will only let you make 3 incorrect attempts to log in and download the password file before locking the account. It might seem obvious in retrospect, but how likely is it that some hacker stumbled upon the leaked source code and was able to glean from it that the API key would be the lastpass PW? Baring something else that we haven't been told about like a keylogger installed on someone's machine, I have a hard time believing that story.

Did anyone from Bitcoinica Consultancy contact LastPass to attempt to get the IP address of the person who logged into their account? Or will that be done around the same time as the police report getting filed?

From what Zhou posted, the Rackspace hacker would have gained the information needed to access the MtGox account. The source code leak may have confirmed to the Rackspace hacker that the password likely hadn't been changed, or they may have already been waiting for funds to be transferred into the MtGox account to make repayments and decided that it was worth seeing if the credentials they had still had access.  It's far less likely that someone who randomly viewed the leaked source code just lucked in.

All I can say is that this is Bitcoin. I don't believe it until I see six confirmations.
kiba
Legendary
*
Offline Offline

Activity: 980


View Profile
July 23, 2012, 08:23:36 PM
 #655

That's not the story that was presented.

You can check it for yourself. They really don't try to block you after 3 tries. It probably doesn't have anything to do with how the hacker guess it but it could help.

MrTeal
Legendary
*
Offline Offline

Activity: 1246


View Profile
July 23, 2012, 08:44:01 PM
 #656

That's not the story that was presented.

You can check it for yourself. They really don't try to block you after 3 tries. It probably doesn't have anything to do with how the hacker guess it but it could help.
I created account and entered the password incorrectly 5 times. It locked my account and sent me this email.

Hi,

This is an advisory notice letting you know that your account has been temporarily locked because of repeated failed login attempts from xxx.xxx.xxx.xxx.

If you were attempting to login, you should wait 5 minutes and try again.
If you still are unable to regain access to your account, please try these steps.

If you did not attempt to log into LastPass, you have no reason to worry.
But if you are not using a strong master password, we suggest you change it now.



Thanks,
The LastPass Team
kiba
Legendary
*
Offline Offline

Activity: 980


View Profile
July 23, 2012, 10:36:02 PM
 #657

Hi, you misunderstood me. I was talking about mtgox, not LastPass.

bitcoinBull
Legendary
*
Offline Offline

Activity: 826


rippleFanatic


View Profile
July 23, 2012, 10:57:19 PM
 #658

Hi,

Sorry for the hiatus, but I had to take a break to preserve my mental sanity. Here's the update (also in the OP):

Quote
Update: here's the facts from my point of view:

- Patrick quit.
- Zhou quit.
- Tihan was fired, and no longer acting on behalf of Bitcoinica LP.
- Bitcoinica Consultancy were the new operators coming onboard, and the company was formed after the compromise to facilitate payments out.
- Bitcoinica LP is the owner.

The payments process is at a deadlock. Technically when a company is in debt, and cannot pay off its debtors in full, it hands the process to the government (called receivership). Bitcoinica LP would have to make a police report, and hand over the payments process as the owners.

That's it basically. Just a standstill.

Thanks for the update genjix. Even if you were responsible for leaking the source code (which would be irony of ironies), I'm extremely disappointed in Patrick. First for not ensuring that the LastPass master password was a secure one (if he didn't change it, he should've at least asked Tihan about it), among other measures like enabling two-factor auth on MtGox. But Patrick's behavior afterwards is even more despicable, quitting as though to disown any and all responsibility.

At least you, genjix, are still here giving updates, and thanks for that.

College of Bucking Bulls Knowledge
disclaimer201
Legendary
*
Offline Offline

Activity: 1316


View Profile
July 23, 2012, 11:00:13 PM
 #659

Why go through the trouble of telling people about hacks and passwords and staying where you are when you can just quietly shut down and run far far away with the money from where you live? Why the complicated gambit of appearing legit and why risk jailtime for your robbery?

Let me tell ya, it isn't really an inside job. It's really just extreme incompetence. There's no conspiracy, because if there was, it was an extremely unbelievable conspiracy with a well executed unnecessary complicated gambit.

And it won't make you feel better knowing what I said.

Or it would be a perfect way to make everyone believe one is innocent precisely because one showed good intention to pay back funds. I'm not sure if they'd be so smart though. My personal theory is that someone in this circle might have screwed the others over and ran with the money, carefully cleared all tracks of evidence and is trying to get away with it.

Clipse
Hero Member
*****
Offline Offline

Activity: 504


View Profile
July 23, 2012, 11:05:27 PM
 #660

Anyone still buying into any of the excuses/updates/bullshit presented should really look in the mirror since they are beyond a goof ball.

If none of the big bitcoinica account holders actually move forward to make these so called experts get what they deserve then Im affraid the bitcoin world is essentially cluttered with a bunch of kids who cant do the right thing when they need to.

What you see now is the stalling game coming to an end, whoever took the money within this group have now successfully cleared and run away.

...In the land of the stale, the man with one share is king... >> Clipse

We pay miners at 130% PPS | Signup here : Bonus PPS Pool (Please read OP to understand the current process)
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 [33] 34 35 36 37 38 39 40 41 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!