-----BEGIN PGP SIGNED MESSAGE-----
* On Friday, July 13 I was notified by MtGox that somebody had gain unauthorized access to Bitcoinica's MtGox account. I was also notified that most of the redeemable codes used in the heist were exchanged through AurumXchange on July 12.
* At the time I was on an extended weekend vacation with very limited internet access. I immediately notified Mark Karpeles at MtGox as well as Charlie Shrem at Bitinstant that I would take a closer examination of the situation on Tuesday upon my return.
* Upon closer examination of our database on Tuesday, I discovered that the hacker had indeed exchanged the MtGox coupons to Liberty Reserve through our instant exchange facility. The hacker had also exchanged Liberty Reserve back to MtGox presumably in an effort to conceal and/or "launder" the funds.
* Over all, the hacker exchanged a total of $61,875 USD from MtGox to Liberty Reserve, and a total of $17,500 Liberty Reserve to MtGox, for a grand total of $44,375 MtGox to Liberty Reserve. After our fees, this number amounts to approximately $40,000 USD.
* These orders were placed on our systems between 2012-07-12 11:46:48 and 2012-07-12 19:41:27 UTC.
* The IP addresses used by the hacker belong to TOR exit nodes to my understanding, and are as follows:
* The Liberty Reserve account used by the hacker is U9236056.
* The email address used by the hacker was firstname.lastname@example.org
* To my surprise, upon further examination of our order system, I found an order from Zhou Tong to sell Liberty Reserve to us for the amount of USD 40,000, requesting a wire to his bank account in Singapore. The amount for the order closely matches the total USD exchanged through us (after fees) using the MtGox USD codes stolen from the Bitcoinica account.
* This order was placed the next day the hacking attempts occurred. In addition, it should be noted that Zhou Tong has never dealt with us before as an exchange customer.
* This information was immediately sent to our two biggest trusted business partners: MtGox and Bitinstant in an effort to join forces to further investigate this situation.
* Mark Karpeles indicated that there was an account opened at MtGox using the email email@example.com
sometime in 2011.
* Mark replied stating that there was activity on this account, that the account was opened using an IP address belonging to Microsoft Singapore, that Zhou Tong was known to have worked for said company at said location, that the email firstname.lastname@example.org
have been verified, and that ALL activity on this account is linked to the MtGox account belonging to Zhou Tong.
* Mark has also indicated that the very first operation on the MtGox account opened with email email@example.com
was the redeeming of a 10 BTC MtGox code generated from Zhou Tong's account.
* Charlie indicated that Erik Vorhees (a well known member of this community) has emails he exchanged with Zhou using the email address firstname.lastname@example.org
At this time, it appears that there is an overwhelming amount of evidence linking Zhou Tong personally to the Bitcoinica account hack at MtGox. Our legal department has advised us to freeze the funds for the exchange order mentioned above until further investigation by the authorities and/or legal proceedings are concluded.
Both Charlie and Mark have informed the current Bitcoinica owners of the situation and advised to start legal proceedings as soon as possible.
Posts corroborating this information from both MtGox and BitInstant will follow. I am technically on vacation until mid august with limited internet access, however, I will attempt to answer any questions the community might have as often as possible. Please understand that some information will not be released until all legal proceedings have been concluded.
The AurumXchange Companyhttps://www.aurumxchange.com
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----