Bitcoin Forum
December 08, 2016, 12:14:02 AM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 [16] 17 18 19 20 »  All
  Print  
Author Topic: Public STATEMENT Regarding Bitcoinica account hack at MtGox  (Read 67292 times)
defxor
Hero Member
*****
Offline Offline

Activity: 530


View Profile
July 26, 2012, 08:16:56 PM
 #301

The phone number listed on nameterrific.com and the number Zhou said was his, is also listed on the whois for the domain.

I see nothing unusual about that domain contact info. Someone registered it many years ago, it's been sold and transfered a few times and at the moment "our" Zhou owns it - as shown by the DNS info and phone number which just reflects the current state. Very common for popular domain names (and Zhou Tong is a common name - http://en.wikipedia.org/wiki/Zhou_Tong_(footballer) ).




Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481156042
Hero Member
*
Offline Offline

Posts: 1481156042

View Profile Personal Message (Offline)

Ignore
1481156042
Reply with quote  #2

1481156042
Report to moderator
1481156042
Hero Member
*
Offline Offline

Posts: 1481156042

View Profile Personal Message (Offline)

Ignore
1481156042
Reply with quote  #2

1481156042
Report to moderator
Vod
Legendary
*
Offline Offline

Activity: 1862


Licking my boob since 1970


View Profile WWW
July 26, 2012, 08:23:18 PM
 #302

it's been sold and transfered a few times and at the moment "our" Zhou owns it

Where did you find this information?  Do you have a domaintools membership?
http://www.domaintools.com/research/whois-history/

I'm into creating universes, smiting people, writing holy books and listening to prayers.
If you want your prayers answered, you must donate to 1CDyx8AUTiYXS1ThcBU3vy4SJWQq6pdFMH
defxor
Hero Member
*****
Offline Offline

Activity: 530


View Profile
July 26, 2012, 08:28:28 PM
 #303

it's been sold and transfered a few times and at the moment "our" Zhou owns it

Where did you find this information?  Do you have a domaintools membership?
http://www.domaintools.com/research/whois-history/

No, I used archive.org and Occam's razor. If the content differs vastly it's likely due to different owners.

(And the QQ number on the page in 2004 doesn't match "our" Zhou's, the photos don't match etc - http://web.archive.org/web/20050307110628/http://www.zhoutong.com/ )

davout
Legendary
*
Offline Offline

Activity: 1358


1davout


View Profile WWW
July 26, 2012, 09:19:08 PM
 #304

Where did you find this information?  Do you have a domaintools membership?
http://www.domaintools.com/research/whois-history/
Are you a wizard?

sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
July 26, 2012, 09:36:29 PM
 #305

The phone number listed on nameterrific.com and the number Zhou said was his, is also listed on the whois for the domain.

I see nothing unusual about that domain contact info. Someone registered it many years ago, it's been sold and transfered a few times and at the moment "our" Zhou owns it - as shown by the DNS info and phone number which just reflects the current state. Very common for popular domain names (and Zhou Tong is a common name - http://en.wikipedia.org/wiki/Zhou_Tong_(footballer) ).


What exactly are they trying to match up that uyou are saynig does not? All the last 10 posts or so with domains and such are all owned or were by OUR ZT..

This is translated form the archive of china-zhoutong.com ;

Ryan Chau systems Machinery Co., Ltd. has a long history of enterprise, specialized in manufacturing all kinds of plastic machinery, plastic composite pipe full set of equipment, the company attaches great importance to product quality and after-sales service, the majority of customers have a good reputation.
    In the production of plastic machinery for many years on the basis of the introduction of international advanced level of production technology of the twenty-first century, the development of the production of aluminum-plastic composite pipe equipment, the device is technologically advanced, low cost, simple operation, easy maintenance, practical and reliable for China's national conditions of aluminum-plastic composite pipe production line equipment.
    Our aim: first-class quality, first-class service, provide users with comprehensive services, is willing to cooperate in good faith and the majority of users!


edit; and the head pic from zhoutong.com showing it as A.K.A. Ryan;


If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
dancingnancy
Sr. Member
****
Offline Offline

Activity: 407


View Profile
July 26, 2012, 09:39:41 PM
 #306

The phone number listed on nameterrific.com and the number Zhou said was his, is also listed on the whois for the domain.

I see nothing unusual about that domain contact info. Someone registered it many years ago, it's been sold and transfered a few times and at the moment "our" Zhou owns it - as shown by the DNS info and phone number which just reflects the current state. Very common for popular domain names (and Zhou Tong is a common name - http://en.wikipedia.org/wiki/Zhou_Tong_(footballer) ).


What exactly are they trying to match up that uyou are saynig does not? All the last 10 posts or so with domains and such are all owned or were by OUR ZT..

This is translated form the archive of china-zhoutong.com ;

Ryan Chau systems Machinery Co., Ltd. has a long history of enterprise, specialized in manufacturing all kinds of plastic machinery, plastic composite pipe full set of equipment, the company attaches great importance to product quality and after-sales service, the majority of customers have a good reputation.
    In the production of plastic machinery for many years on the basis of the introduction of international advanced level of production technology of the twenty-first century, the development of the production of aluminum-plastic composite pipe equipment, the device is technologically advanced, low cost, simple operation, easy maintenance, practical and reliable for China's national conditions of aluminum-plastic composite pipe production line equipment.
    Our aim: first-class quality, first-class service, provide users with comprehensive services, is willing to cooperate in good faith and the majority of users!


edit; and the head pic from zhoutong.com showing it as A.K.A. Ryan;



This is also the contact information listed on the website for the very same exact website that you are quoting from (I have listed this above)

Address: Ruian, Zhejiang Bridge East towel sub mountain road on the 5th (green plant)
Tel :0577 -6,562,153,065,620,658 Fax: 65620658
Mobile: 13506578868 13506561858 Zip: 325200
E-mail: zhoutong@zhoutong.com http://www.zhoutong.com www.china-zhoutong.com


Can you find any connection from this information?
sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
July 26, 2012, 09:42:54 PM
 #307

This is also the contact information listed on the website for the very same exact website that you are quoting from (I have listed this above)

Address: Ruian, Zhejiang Bridge East towel sub mountain road on the 5th (green plant)
Tel :0577 -6,562,153,065,620,658 Fax: 65620658
Mobile: 13506578868 13506561858 Zip: 325200
E-mail: zhoutong@zhoutong.com http://www.zhoutong.com www.china-zhoutong.com


Can you find any connection from this information?
connection to what exactly?

I'm fairly confident that a "very young entrepenuer and tech geek living in Melbourne and named Ryan" and our Zhoutong are one in the same. But, so what? What are you guys trying to figure out?

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
rjk
Sr. Member
****
Offline Offline

Activity: 420


1ngldh


View Profile
July 26, 2012, 09:43:36 PM
 #308

But, so what? What are you guys trying to figure out?
+1

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
dancingnancy
Sr. Member
****
Offline Offline

Activity: 407


View Profile
July 26, 2012, 09:45:34 PM
 #309

But, so what? What are you guys trying to figure out?
+1

I don't know.  I just want my coins back.  At this point I couldn't care less if it was ZT or Burt Reynolds.  But I would tip my cap to Burt Reynolds.
Vod
Legendary
*
Offline Offline

Activity: 1862


Licking my boob since 1970


View Profile WWW
July 26, 2012, 09:50:29 PM
 #310

But, so what? What are you guys trying to figure out?
+1

If he did spend the majority of the stolen coins on personal expenses, like mortgages, knowing who he is and where he lives will be very important.

I'm into creating universes, smiting people, writing holy books and listening to prayers.
If you want your prayers answered, you must donate to 1CDyx8AUTiYXS1ThcBU3vy4SJWQq6pdFMH
ErebusBat
Hero Member
*****
Offline Offline

Activity: 560

I am the one who knocks


View Profile
July 26, 2012, 09:51:01 PM
 #311

Where did you find this information?  Do you have a domaintools membership?
http://www.domaintools.com/research/whois-history/
Are you a wizard?
<dumbledore voice>
Harry Potter?
</dumbledore voice>

░▒▓█ Coinroll.it - 1% House Edge Dice Game █▓▒░ • Coinroll Thread • *FREE* 100 BTC Raffle

Signup for CEX.io BitFury exchange and get GHS Instantly!  Don't wait for shipping, mine NOW!
defxor
Hero Member
*****
Offline Offline

Activity: 530


View Profile
July 26, 2012, 09:51:43 PM
 #312

What exactly are they trying to match up that uyou are saynig does not?

That he's owned that domain since almost 10 years back.

disclaimer201
Legendary
*
Offline Offline

Activity: 1316


View Profile
July 26, 2012, 09:51:52 PM
 #313

Relevant?

Session Time: Fri Jul 13 00:00:00 2012
[00:49] * phantomcircuit (~phantomci@c-67-188-9-35.hsd1.ca.comcast.net) has joined #intersango
[00:49] * ChanServ sets mode: +o phantomcircuit
[01:01] * phantomcircuit sets mode: -o phantomcircuit
[01:01] * phantomcircuit is now known as steve_bobs

Session Time: Fri Jul 13 00:00:00 2012
[00:49] * phantomcircuit (~phantomci@c-67-188-9-35.hsd1.ca.comcast.net) has joined #bitcoinconsultancy
[01:01] * phantomcircuit is now known as steve_bobs

Session Time: Fri Jul 13 00:00:00 2012
[00:49] * phantomcircuit (~phantomci@c-67-188-9-35.hsd1.ca.comcast.net) has joined #bitcoinica
[01:01] * phantomcircuit is now known as steve_bobs

Huh? Wtf Huh
If this log is real, this guy's got some explaining to do

I just read through all of this and missed if there was a follow-up to this post?

The IP in question is an american one, which doesn't necessarily mean anything. But it seems from that log (if legit), that phantomcircuit is given op privilegies, which means he should be identified with NickServ? AFAIK, you can authenticate from any ip, so if phantomcircuit's e-mail was compromized earlier on (as was stated on this forum), then his IRC personality could be compromized as well, for all we know, his computer(s) may be backdoored.

Googling ~phantomci@c-67-188-9-35.hsd1.ca.comcast.net gives some results, but I'm not going to do anymore research, if anyone feels up to it, go ahead.

I don't know Zou Thong, but personally I would've never have sold my operations to any 'security expert' that's previously been inolved in cracking said operations and boasting on it in a public forum...

http://bitcoinstats.com/irc/bitcoin-dev/logs/2011/09/12/4
http://bitcoinstats.com/irc/bitcoin-dev/logs/2011/09/12/5

Did some research anyway:
41 days ago, the same identity was used by a user called phantomcircuit:
http://pastie.org/4096261

Aparently he's discussing the pay back process rather grumpily on that occasion.



Yes. He was quite pissed off at me in particular. I raised questions very early on after signing into this forum the first time - why the fuck do people trust this guy who has been known to hack competitors' sites?

phantomcircuit is one of the least trustworthy people
I know in bitcoin. He is a calculating, deceitful, and dishonest person. Getting him to tell the truth is nearly impossible. I find it highly suspect that he left after the last hack. I found it highly suspect that the first hack happened not long after he had access to bitcoinica.

But, now ZT's bullshit story of the "friend" calls that motive into question. I have to wonder if there aren't MULTIPLE parties looting bitcoinica.

It has been my opinion since the hack, that the hack that closed bitcoinica was premeditated and intended to cover up the significant losses of customer funds due to "bad hedges" (or, more likely, looting already in progress)

What I am pretty damn sure of at this point: I have lost my $500 and position to an inside job.

+1 and fully agree

sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
July 26, 2012, 09:52:38 PM
 #314

But, so what? What are you guys trying to figure out?
+1

I don't know.  I just want my coins back.  At this point I couldn't care less if it was ZT or Burt Reynolds.  But I would tip my cap to Burt Reynolds.


:/ aye, you and a lot of other people, m8. I'm sorry for anyone in this situation. Especially ZT's hacker buddy if he does not get him to hand over the coins within the next 24 hours. I will personally take action against him and ZT for not following through with what they said last night!!!

I wasn't trying to bust your guys chops. I was just not sure if you were trying to figure out other address for him, or name aliases or what.

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
July 26, 2012, 09:55:03 PM
 #315

What exactly are they trying to match up that uyou are saynig does not?

That he's owned that domain since almost 10 years back.



ahh, missed the age on that web archive;
MAR  AUG DEC 
      8   
    2002

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
July 26, 2012, 09:59:00 PM
 #316

Relevant?

Session Time: Fri Jul 13 00:00:00 2012
[00:49] * phantomcircuit (~phantomci@c-67-188-9-35.hsd1.ca.comcast.net) has joined #intersango
[00:49] * ChanServ sets mode: +o phantomcircuit
[01:01] * phantomcircuit sets mode: -o phantomcircuit
[01:01] * phantomcircuit is now known as steve_bobs

Session Time: Fri Jul 13 00:00:00 2012
[00:49] * phantomcircuit (~phantomci@c-67-188-9-35.hsd1.ca.comcast.net) has joined #bitcoinconsultancy
[01:01] * phantomcircuit is now known as steve_bobs

Session Time: Fri Jul 13 00:00:00 2012
[00:49] * phantomcircuit (~phantomci@c-67-188-9-35.hsd1.ca.comcast.net) has joined #bitcoinica
[01:01] * phantomcircuit is now known as steve_bobs

Huh? Wtf Huh
If this log is real, this guy's got some explaining to do

I just read through all of this and missed if there was a follow-up to this post?

The IP in question is an american one, which doesn't necessarily mean anything. But it seems from that log (if legit), that phantomcircuit is given op privilegies, which means he should be identified with NickServ? AFAIK, you can authenticate from any ip, so if phantomcircuit's e-mail was compromized earlier on (as was stated on this forum), then his IRC personality could be compromized as well, for all we know, his computer(s) may be backdoored.

Googling ~phantomci@c-67-188-9-35.hsd1.ca.comcast.net gives some results, but I'm not going to do anymore research, if anyone feels up to it, go ahead.

I don't know Zou Thong, but personally I would've never have sold my operations to any 'security expert' that's previously been inolved in cracking said operations and boasting on it in a public forum...

http://bitcoinstats.com/irc/bitcoin-dev/logs/2011/09/12/4
http://bitcoinstats.com/irc/bitcoin-dev/logs/2011/09/12/5

Did some research anyway:
41 days ago, the same identity was used by a user called phantomcircuit:
http://pastie.org/4096261

Aparently he's discussing the pay back process rather grumpily on that occasion.



Yes. He was quite pissed off at me in particular. I raised questions very early on after signing into this forum the first time - why the fuck do people trust this guy who has been known to hack competitors' sites?

phantomcircuit is one of the least trustworthy people
I know in bitcoin. He is a calculating, deceitful, and dishonest person. Getting him to tell the truth is nearly impossible. I find it highly suspect that he left after the last hack. I found it highly suspect that the first hack happened not long after he had access to bitcoinica.

But, now ZT's bullshit story of the "friend" calls that motive into question. I have to wonder if there aren't MULTIPLE parties looting bitcoinica.

It has been my opinion since the hack, that the hack that closed bitcoinica was premeditated and intended to cover up the significant losses of customer funds due to "bad hedges" (or, more likely, looting already in progress)

What I am pretty damn sure of at this point: I have lost my $500 and position to an inside job.

+1 and fully agree

Not been on IRC in years but wouldn't this;
[00:49] * ChanServ sets mode: +o phantomcircuit
[01:01] * phantomcircuit sets mode: -o phantomcircuit
[01:01] * phantomcircuit is now known as steve_bobs

indicate that someone logged in with the spoofed ident of phantiom and was de-oped because their mac id did not truely match?  Just seems odd he would de-op himself otherwise..

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
MagicalTux
VIP
Hero Member
*
Offline Offline

Activity: 617


Working on new MtGox features


View Profile WWW
July 26, 2012, 10:09:18 PM
 #317

Not been on IRC in years but wouldn't this;
[00:49] * ChanServ sets mode: +o phantomcircuit
[01:01] * phantomcircuit sets mode: -o phantomcircuit
[01:01] * phantomcircuit is now known as steve_bobs

indicate that someone logged in with the spoofed ident of phantiom and was de-oped because their mac id did not truely match?  Just seems odd he would de-op himself otherwise..

Or maybe he was tired of being contacted by dozens of people and decided to go under a different nick temporarily?

ErebusBat
Hero Member
*****
Offline Offline

Activity: 560

I am the one who knocks


View Profile
July 26, 2012, 10:11:03 PM
 #318

Not been on IRC in years but wouldn't this;
[00:49] * ChanServ sets mode: +o phantomcircuit
[01:01] * phantomcircuit sets mode: -o phantomcircuit
[01:01] * phantomcircuit is now known as steve_bobs

indicate that someone logged in with the spoofed ident of phantiom and was de-oped because their mac id did not truely match?  Just seems odd he would de-op himself otherwise..

First of all it isn't mac address (i think you meant IP address).
Second FreeNode servers would not all him to be logged in that long without authenticating.
Third he used that IP more than once.  See my previous post: https://bitcointalk.org/index.php?topic=95738.msg1056652#msg1056652 which has a history of this.

░▒▓█ Coinroll.it - 1% House Edge Dice Game █▓▒░ • Coinroll Thread • *FREE* 100 BTC Raffle

Signup for CEX.io BitFury exchange and get GHS Instantly!  Don't wait for shipping, mine NOW!
ErebusBat
Hero Member
*****
Offline Offline

Activity: 560

I am the one who knocks


View Profile
July 26, 2012, 10:12:06 PM
 #319

Or maybe he was tired of being contacted by dozens of people and decided to go under a different nick temporarily?
Still seems very odd that he would pick the same 'throw away' nick as the 3rd hacker though....

░▒▓█ Coinroll.it - 1% House Edge Dice Game █▓▒░ • Coinroll Thread • *FREE* 100 BTC Raffle

Signup for CEX.io BitFury exchange and get GHS Instantly!  Don't wait for shipping, mine NOW!
sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
July 26, 2012, 10:16:03 PM
 #320

Not been on IRC in years but wouldn't this;
[00:49] * ChanServ sets mode: +o phantomcircuit
[01:01] * phantomcircuit sets mode: -o phantomcircuit
[01:01] * phantomcircuit is now known as steve_bobs

indicate that someone logged in with the spoofed ident of phantiom and was de-oped because their mac id did not truely match?  Just seems odd he would de-op himself otherwise..

First of all it isn't mac address (i think you meant IP address).
Second FreeNode servers would not all him to be logged in that long without authenticating.
Third he used that IP more than once.  See my previous post: https://bitcointalk.org/index.php?topic=95738.msg1056652#msg1056652 which has a history of this.

No, I meant what I typed.

so freenode would not allow +op for 12 minutes without being authenticated? aye, i was suggesting phantom was logged in and then someone else may have bumped him off. was just an idea. I do not even know what you are trying to prove or figure out...

I can make it look like I am any fucking IP i want on IRC. I was under the impression they checked your true mac address and not just went by what was shown in the chat.  my finger info would read *Sadpandatech(~Sadpandatech@lickmysack.microsoft.com)

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 [16] 17 18 19 20 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!