Bitcoin Forum
March 28, 2024, 04:56:33 PM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 [12] 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 »
  Print  
Author Topic: Bitcoinica MtGox account compromised  (Read 155928 times)
Vod
Legendary
*
Offline Offline

Activity: 3654
Merit: 3010


Licking my boob since 1970


View Profile WWW
July 13, 2012, 05:07:01 PM
 #221

did anyone else find it ironic that this happened on friday the 13th?  

Nope.  But I don't believe in a sky fairy either...

https://nastyscam.com - landing page up     https://vod.fan - advanced image hosting - coming soon!

OGNasty has early onset dementia; keep this in mind when discussing his past actions.
1711644993
Hero Member
*
Offline Offline

Posts: 1711644993

View Profile Personal Message (Offline)

Ignore
1711644993
Reply with quote  #2

1711644993
Report to moderator
"You Asked For Change, We Gave You Coins" -- casascius
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
wknight
Legendary
*
Offline Offline

Activity: 889
Merit: 1000


Bitcoin calls me an Orphan


View Profile WWW
July 13, 2012, 05:07:30 PM
 #222

Bitcoinica is a fucking joke

Mining Both Bitcoin and Litecoin.
muyuu
Donator
Legendary
*
Offline Offline

Activity: 980
Merit: 1000



View Profile
July 13, 2012, 05:15:22 PM
 #223

Fool me once, shame on you.
Fool me four times, I'm a fucking idiot  Cheesy

GPG ID: 7294199D - OTC ID: muyuu (470F97EB7294199D)
forum tea fund BTC 1Epv7KHbNjYzqYVhTCgXWYhGSkv7BuKGEU DOGE DF1eTJ2vsxjHpmmbKu9jpqsrg5uyQLWksM CAP F1MzvmmHwP2UhFq82NQT7qDU9NQ8oQbtkQ
doobadoo
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250


View Profile
July 13, 2012, 05:18:02 PM
 #224

Dont Get Zhou Tong'd!

https://www.youtube.com/watch?v=kdvTkddp1F0

Bam, Bam, Dilla!

"It is, quite honestly, the biggest challenge to central banking since Andrew Jackson." -evoorhees
tseale
Donator
Newbie
*
Offline Offline

Activity: 18
Merit: 0


View Profile
July 13, 2012, 05:18:05 PM
Last edit: February 27, 2013, 03:49:49 PM by tseale
 #225

Suffice to say that Mr Taaki's statement grossly misportrays circumstances of the theft and fails to acknowledge his ultimate responsibility.
aq
Full Member
***
Offline Offline

Activity: 238
Merit: 100


View Profile
July 13, 2012, 05:20:44 PM
 #226

Fool me once, shame on you.
Fool me four times, I'm a fucking idiot  Cheesy

There is probably a lot of truth in this.

whoBTCUSDTotal @5Total @7.75
BadBitcoin0500050005000
lonelyminer476602383035745
MemoryDealers248410124205192517.75
guruvan5000500500
ninjarobot??3862638626
Yankee (BitInstant)????
xjin50080001050011875
dizzy1500250387.5

Maybe we should ask why all those people had that much funds there...?
dancingnancy
Hero Member
*****
Offline Offline

Activity: 661
Merit: 500


View Profile
July 13, 2012, 05:23:33 PM
 #227

Fool me once, shame on you.
Fool me four times, I'm a fucking idiot  Cheesy

There is probably a lot of truth in this.

whoBTCUSDTotal @5Total @7.75
BadBitcoin0500050005000
lonelyminer476602383035745
MemoryDealers248410124205192517.75
guruvan5000500500
ninjarobot??3862638626
Yankee (BitInstant)????
xjin50080001050011875
dizzy1500250387.5

Maybe we should ask why all those people had that much funds there...?


Why the fuck is it your business?
proudhon
Legendary
*
Offline Offline

Activity: 2198
Merit: 1309



View Profile
July 13, 2012, 05:23:33 PM
 #228

Bitcoinica is a fucking joke

The bigger joke is on us, the community of bitcoin users, for putting so much value in a 3rd party service.  In our craze to accumulate more bitcoins we basically brushed off the one of the biggest features - that we can secure the money ourselves.  I was part of it for a time, regretfully.  I almost transferred over 1000BTCs to bitcoinica at one point, and then at the last minute decided it was too risky.  Not long after that everything went to shit.  I got extremely luck that I only had 170 or so bitcoins in there, and now more than ever I appreciate the value of being able to secure them myself.

Bitcoin Fact: the price of bitcoin will not be greater than $70k for more than 25 consecutive days at any point in the rest of recorded human history.
elux
Legendary
*
Offline Offline

Activity: 1458
Merit: 1006



View Profile
July 13, 2012, 05:24:42 PM
 #229

Dont Get Zhou Tong'd!

https://www.youtube.com/watch?v=kdvTkddp1F0

Bam, Bam, Dilla!


It would appear that a lot of misinformation has circulated since the date of my last post. Considering the many inconsistencies, I will assume astute readers here have already discounted the versions of facts presented by the Consultancy.

Since some of the story-telling is directed at me personally I wish to make a few things clear. I had no responsibility for Bitcoinica security ever. That would certainly be an improper role for me. I am not a security expert, nor have I ever claimed to be. My role was to oversee the investment in Bitcoinica and help facilitate the transfer to new management.

The Consultancy members accepted that responsibility on April 24 as operators and General Partners of Bitcoinica LP. There is ample written documentation to confirm this.  

Upon closing of that transaction, login credentials for all services were handed off to the Consultancy in person. All credentials were encrypted by a reputable password management service. I claim no expertise to judge the security of the master password but it was very long. Its status as a master password and its use in all respects were fully understood by the Consultancy upon acceptance.


You got Zhou Tonged, Tihan.
kokjo
Legendary
*
Offline Offline

Activity: 1050
Merit: 1000

You are WRONG!


View Profile
July 13, 2012, 05:25:30 PM
 #230

It would appear that a lot of misinformation has circulated since the date of my last post. Considering the many inconsistencies, I will assume astute readers here have already discounted the versions of facts presented by the Consultancy.

Since some of the story-telling is directed at me personally I wish to make a few things clear. I had no responsibility for Bitcoinica security ever. That would certainly be an improper role for me. I am not a security expert, nor have I ever claimed to be. My role was to oversee the investment in Bitcoinica and help facilitate the transfer to new management.

The Consultancy members accepted that responsibility on April 24 as operators and General Partners of Bitcoinica LP. There is ample written documentation to confirm this.  

Upon closing of that transaction, login credentials for all services were handed off to the Consultancy in person. All credentials were encrypted by a reputable password management service. I claim no expertise to judge the security of the master password but it was very long. Its status as a master password and its use in all respects were fully understood by the Consultancy upon acceptance.

If the Consultancy deemed this password to be unfit for ongoing use, they certainly had the opportunity and the duty to change it. Their reputation and claims of being security experts was a primary consideration for entrusting them with Bitcoinica's management.  

There are still a lot of unknowns surrounding recent events but the Consultancy's responsibility for Bitcoinica and its password security is not one of them. The fund will be considering all legal options.
would you please post here more offen? i would be good, the intersango/bitcoin consultancy/bitcoinica consultancy people, seems not to know shit about anything, and they are really good at fucking up PR...

also they said that you was fired? is it true? or just another lie from them?

"The whole problem with the world is that fools and fanatics are always so certain of themselves and wiser people so full of doubts." -Bertrand Russell
BadBitcoin (James Sutton)
Donator
Sr. Member
*
Offline Offline

Activity: 452
Merit: 252



View Profile
July 13, 2012, 05:25:35 PM
 #231

Fool me once, shame on you.
Fool me four times, I'm a fucking idiot  Cheesy

There is probably a lot of truth in this.

whoBTCUSDTotal @5Total @7.75
BadBitcoin0500050005000
lonelyminer476602383035745
MemoryDealers248410124205192517.75
guruvan5000500500
ninjarobot??3862638626
Yankee (BitInstant)????
xjin50080001050011875
dizzy1500250387.5

Maybe we should ask why all those people had that much funds there...?



I read the entire TOS, I felt protected.

The level of personal security of each account was an order of magnitude higher than my banks, I had a 24 character password that was essentially a hash key, as well as a google authenticator with my smart phone, best part?
 I was using bitcoinica as an exchange, I just deposited my money in my account and was planning on turning into btc that same day for an investment with starfish BCB, then the hack happened.

I did my due dilligence on the company, and the risk of the company becoming insolvent was low at that time, please don't get angry at me for believing personal security measures was enough.
Luceo
Sr. Member
****
Offline Offline

Activity: 350
Merit: 250


Per aspera ad astra!


View Profile
July 13, 2012, 05:34:38 PM
 #232

So glad that I bypassed this nightmare of a service, personally.

I'm sorry to say that I foresee a long and bloody legal battle ahead for all those involved with Bitcoinica. I fully expect this to be the basis of the first Bitcoin class action lawsuit.

You do not handle a million dollars without insurance, lessons will be learned and the users should not be the ones paying for your gross negligence.

defxor
Hero Member
*****
Offline Offline

Activity: 530
Merit: 500


View Profile
July 13, 2012, 05:42:50 PM
 #233

All credentials were encrypted by a reputable password management service. I claim no expertise to judge the security of the master password but it was very long. Its status as a master password and its use in all respects were fully understood by the Consultancy upon acceptance.

If the Consultancy deemed this password to be unfit for ongoing use, they certainly had the opportunity and the duty to change it.

Who created that account and configured it to use that particular master password?

If it was someone with basic security knowledge, it's a setup to be able to claim plausible deniability later.

If it wasn't, well, then it's just bad security practices not having changed it knowing its origin.

caveden
Legendary
*
Offline Offline

Activity: 1106
Merit: 1004



View Profile
July 13, 2012, 05:45:51 PM
 #234

https://bitcointalk.org/index.php?topic=53315.msg635291#msg635291

I thought you needed a YUBIKEY to withdrawal that amount!

PLAN B

Doesn't this make the case right here?  It was admitted they needed a YUBIKEY to make a withdrawal from MT Gox in that post.

The post says that they had two accounts, one with Yubikey, another without, and that they were trying to get the limits of the one without Yubikey raised...
aq
Full Member
***
Offline Offline

Activity: 238
Merit: 100


View Profile
July 13, 2012, 05:49:05 PM
 #235

I read the entire TOS, I felt protected.

The level of personal security of each account was an order of magnitude higher than my banks, I had a 24 character password that was essentially a hash key, as well as a google authenticator with my smart phone, best part?
 I was using bitcoinica as an exchange, I just deposited my money in my account and was planning on turning into btc that same day for an investment with starfish BCB, then the hack happened.

I did my due dilligence on the company, and the risk of the company becoming insolvent was low at that time, please don't get angry at me for believing personal security measures was enough.
So it was no issue for you that they had been hacked a few times before?
Slowly I am starting to understand why they still believe that they can continue running Bitcoinica in the future. In a year from now, everyone will say "yes, they got hacked some 20 times, but I feel that it wont happen again".
hazek
Legendary
*
Offline Offline

Activity: 1078
Merit: 1002


View Profile
July 13, 2012, 05:50:18 PM
 #236

The fund will be considering all legal options.

Uh oh

That's exactly what my reaction was.

My personality type: INTJ - please forgive my weaknesses (Not naturally in tune with others feelings; may be insensitive at times, tend to respond to conflict with logic and reason, tend to believe I'm always right)

If however you enjoyed my post: 15j781DjuJeVsZgYbDVt2NZsGrWKRWFHpp
cypherdoc
Legendary
*
Offline Offline

Activity: 1764
Merit: 1002



View Profile
July 13, 2012, 05:50:36 PM
 #237

i'm so glad i avoided Bitcoinica like a plague as well.  i spent 2 solid months late last yesterday grilling Zhou on his Bitcoinica threads and pointing out flaws in his trading algorithm.  turns out his security skills were just as bad.
iCEBREAKER
Legendary
*
Offline Offline

Activity: 2156
Merit: 1070


Crypto is the separation of Power and State.


View Profile WWW
July 13, 2012, 05:51:31 PM
 #238


As far as Mt.Gox is concerned and as Genjix explained, we did not suffer any breach or any hack, all other account are safe and the thief only targeted Bitconica's account. Mark (MagicalTux) has been in contact with many Bitcoin players since this announcement and offered any help we can give, but unfortunately all funds (USD & BTC) are no longer within our reach.

Once again, someone with a US IP succeed to get Bitcoinica's account credential which did not trigger any alarms since they were fully identified. Since Bitconica's account was a verified account the owner of this account asked (This happened when Zhou was still controlling Bitconica) to have his limits lifted to the maximum possible, giving the possibility to the thief to move Bitcoinica's assets to another external account (External to MtGox).

Despite our effort on securing Mt.Gox and protecting everyone's asset I would like to remind everyone that it is also your responsibility to secure your account with a very strong password and use either a Yubikey or Google Auth (You can even use both at the same time).

Mt.Gox

-- EDIT --

We would like to stress that Mt.Gox Verified Bitconica as a Company and NOT as an Individual.



██████████
█████████████████
██████████████████████
█████████████████████████
████████████████████████████
████
████████████████████████
█████
███████████████████████████
█████
███████████████████████████
██████
████████████████████████████
██████
████████████████████████████
██████
████████████████████████████
██████
███████████████████████████
██████
██████████████████████████
█████
███████████████████████████
█████████████
██████████████
████████████████████████████
█████████████████████████
██████████████████████
█████████████████
██████████

Monero
"The difference between bad and well-developed digital cash will determine
whether we have a dictatorship or a real democracy." 
David Chaum 1996
"Fungibility provides privacy as a side effect."  Adam Back 2014
Buy and sell XMR near you
P2P Exchange Network
Buy XMR with fiat
Is Dash a scam?
Phinnaeus Gage
Legendary
*
Offline Offline

Activity: 1918
Merit: 1570


Bitcoin: An Idea Worth Spending


View Profile WWW
July 13, 2012, 05:52:37 PM
 #239

You stupid mother fucker! I am so sorry that my oversized font fucks with you head, but the size of the font honestly reflects how I feel. Please forgive me, all, if it seems out of line. I wasn't doing it for kicks, but will keep it down now that it's been brought to my attention.
Yeah, please don't do that, additionnaly calling others names does nothing but make you look like an idiot.

You're right, bud. I just got back in to pick up where I left off. Please accept my humblest apologies, all.

~Bruno~
BadBitcoin (James Sutton)
Donator
Sr. Member
*
Offline Offline

Activity: 452
Merit: 252



View Profile
July 13, 2012, 05:55:52 PM
 #240

I read the entire TOS, I felt protected.

The level of personal security of each account was an order of magnitude higher than my banks, I had a 24 character password that was essentially a hash key, as well as a google authenticator with my smart phone, best part?
 I was using bitcoinica as an exchange, I just deposited my money in my account and was planning on turning into btc that same day for an investment with starfish BCB, then the hack happened.

I did my due dilligence on the company, and the risk of the company becoming insolvent was low at that time, please don't get angry at me for believing personal security measures was enough.
So it was no issue for you that they had been hacked a few times before?
Slowly I am starting to understand why they still believe that they can continue running Bitcoinica in the future. In a year from now, everyone will say "yes, they got hacked some 20 times, but I feel that it wont happen again".

After the initial hack, I was extremely put off by bitcoinica and completely avoided them, however upon returning to their site I could see that they began (at least facetiously) taking security very seriously, and I

 decided that they had a reputation to match mtgox (another hacked website, however is still widely traded on). I decided to use them for a wire transfer because they had an easier bank name to input at the

bank vs. mtgox's japanese bank, please stop harassing people that lost their shirt in a "semi reputable" business, I don't just throw my money around willy nilly, and your assumption that I do is insulting.
Pages: « 1 2 3 4 5 6 7 8 9 10 11 [12] 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!