|
stdset (OP)
|
 |
February 16, 2015, 08:45:26 AM |
|
There are already several threads about the hack. I suggest to post here info backed by something more than pure speculation, conclusions which could be made from blockchain analysis, your constructive thoughts. Here is what I posted in another thread: Looking at Bter's 'cold wallet' address: https://blockchain.info/address/1M2bv6sypZSp6uAEC9U4Gzvgp6jd29F87e we see two outgoing transactions 8 minutes before the hack. Funds were sent to 17o5zDFGNvP5H2iWd7aWbhacwS1HKDE4i9 which probably is one of Bter's hot wallet addresses, because there were more outgoing transactions from 1M2bv6sypZSp6uAEC9U4Gzvgp6jd29F87e to that address before, and 17o5zDFGNvP5H2iWd7aWbhacwS1HKDE4i9 has huge turnover. Before Feb 14th, the most recent outgoing transaction from 1M2bv occured on Feb 2nd, again funds were sent to 17o5z. And before Feb 2nd the last outgoing transaction from 1M2bv happened on Jan 27th, i.e. outgoing transactions were quite rare, what makes me believe, they indeed were using that address for cold storage. If their cold wallet wasn't very cold, and they were infected with a trojan, that likely happened between Feb 2nd and Feb 14th. If it indeed was cold, the funds were stolen by somebody who had access to the wallet, especially during last several days before the hack. |
|
|
|
moug
Newbie
 Offline
Activity: 52
Merit: 0
|
|
February 17, 2015, 01:45:27 AM |
|
17o5zDFGNvP5H2iWd7aWbhacwS1HKDE4i9
yes it is a Bter address
It has been collecting a lot of little funds from change address's
|
|
|
|
|
|
stdset (OP)
|
|
February 18, 2015, 09:40:43 AM
Last edit: February 18, 2015, 09:55:36 AM by stdset |
|
Soon after the hack, the thief (or somebody who received coins from him) distributed the smallest (170 BTC) of chunks he created, to several addresses in an interesting transaction: https://blockchain.info/address/1812GWjALf17QPvn4pRRkpSJ3Qt6kx7w2eMost of the addresses where the coins were sent to were used again and again either before or after the transaction from the thief. I think it's hardly a mixer, since a good mixer absolutely should not reuse addresses. It could be e.g. another exchange (for example BTC-e, because they have plenty of fiat withdrawal options and they don't ask lots of questions like some other exchanges where fiat is present), anyway it could be helpful in chasing the thief. |
|
|
|
jtalk
Legendary
Offline
Activity: 1610
Merit: 1004
|
|
February 18, 2015, 12:00:50 PM |
|
There is no doubt that this was an insider who had access to the cold storage wallet . This is hard to define that if he did it by his own or many people were involved in this act.
|
|
|
|
|
stdset (OP)
|
|
February 18, 2015, 12:14:57 PM |
|
There is no doubt that this was an insider who had access to the cold storage wallet.
Why are you so sure? |
|
|
|
|
verdun2003
|
|
February 18, 2015, 02:51:00 PM |
|
I asked BTER to provide proof they went to the police to file a complaint but my mails went unanswered, I suggest we all send them tweets ( https://twitter.com/btercom) or write them e-mails to provide such information ( support@mail.bter.com). Suspecting fool play as it was an alleged "cold wallet hack". Wouldn't be the first exchange to do so... |
|
|
|
moug
Newbie
Offline
Activity: 52
Merit: 0
|
|
February 20, 2015, 12:09:16 AM |
|
Soon after the hack, the thief (or somebody who received coins from him) distributed the smallest (170 BTC) of chunks he created, to several addresses in an interesting transaction: https://blockchain.info/address/1812GWjALf17QPvn4pRRkpSJ3Qt6kx7w2eMost of the addresses where the coins were sent to were used again and again either before or after the transaction from the thief. I think it's hardly a mixer, since a good mixer absolutely should not reuse addresses. It could be e.g. another exchange (for example BTC-e, because they have plenty of fiat withdrawal options and they don't ask lots of questions like some other exchanges where fiat is present), anyway it could be helpful in chasing the thief. To the mixer: http://www.walletexplorer.com/wallet/fea18c17bd397803?from_address=1812GWjALf17QPvn4pRRkpSJ3Qt6kx7w2e |
|
|
|
|
|
stdset (OP)
|
|
February 20, 2015, 06:56:38 AM |
|
It's a useful block explorer, thanks. |
|
|
|
cazkooo
Legendary
Offline
Activity: 1540
Merit: 1013
|
|
February 20, 2015, 01:27:08 PM |
|
I asked BTER to provide proof they went to the police to file a complaint but my mails went unanswered, I suggest we all send them tweets ( https://twitter.com/btercom) or write them e-mails to provide such information ( support@mail.bter.com). Suspecting fool play as it was an alleged "cold wallet hack". Wouldn't be the first exchange to do so... yeah right, cold wallet hacked is really an old fashion way of saying we are shutting down, but taken by their action to refund their customer, it could be really hacked, but we dont know for sure until full report shown |
|
|
|
|
|
scott btc
|
|
February 23, 2015, 04:38:23 AM |
|
It is so fucking sad to see people involve themselves with problem like this.
|
|
|
|
|
mishax1
Legendary
Offline
Activity: 2898
Merit: 1017
|
|
February 23, 2015, 08:24:40 AM |
|
If he used fog, then it might say 2 things: 1. He won't get his stoled btc back. 2. He is bitcoinfogs' operator. lol !! SCAM !! 10 days passed, more than 1000 confirmations, more than 25 BTC.. they are selective scammers, definetely. when i try to withdraw small sums like 0.1-0.2 BTC it's ok, but the real big money didn't even shown on my dep. BITCOIN FOG = SCAMMERS, they only let small balances out, but don't even try to send'em more than 5-10 BTC.. Am I the only one who waits so long time?.. Also, it should be easy to get the stolen BTER bitcoins new addresses Do you keep logs?
We keep logs for 1 week for debugging and troubleshooting purposes. After that they are automatically deleted. ALL logs are taken care of. Even the bitcoin client we use is purged every week, starting with a fresh installation of only the block chain, and importing all the addresses we need at that point automatically. That way, if you have received a payment from us a month ago, not even the address will be left on our server. If any service tells you that they don't keep any logs at all, they are most probably lying, becauase when clients come asking for funds they think are missing, not having any history is like turning our backs on them and not being able to provide any support.
Bitcoin Fog: the service will from now on have a new url: http://foggeddriztrcar2.onion |
|
|
|
|
|
tee-rex
|
|
February 23, 2015, 11:51:23 AM
Last edit: February 23, 2015, 12:14:58 PM by tee-rex |
|
If he used fog, then it might say 2 things: 1. He won't get his stoled btc back. 2. He is bitcoinfogs' operator. lol !! SCAM !! 10 days passed, more than 1000 confirmations, more than 25 BTC.. they are selective scammers, definetely. when i try to withdraw small sums like 0.1-0.2 BTC it's ok, but the real big money didn't even shown on my dep. BITCOIN FOG = SCAMMERS, they only let small balances out, but don't even try to send'em more than 5-10 BTC.. Am I the only one who waits so long time?.. Also, it should be easy to get the stolen BTER bitcoins new addresses Do you keep logs?
We keep logs for 1 week for debugging and troubleshooting purposes. After that they are automatically deleted. ALL logs are taken care of. Even the bitcoin client we use is purged every week, starting with a fresh installation of only the block chain, and importing all the addresses we need at that point automatically. That way, if you have received a payment from us a month ago, not even the address will be left on our server. If any service tells you that they don't keep any logs at all, they are most probably lying, becauase when clients come asking for funds they think are missing, not having any history is like turning our backs on them and not being able to provide any support.
Bitcoin Fog: the service will from now on have a new url: http://foggeddriztrcar2.onionVery strange name for a public service indeed. Also, I don't believe that all the logs are automatically deleted after one week (whatever they might try to persuade you in). Most obviously they are archived and written to some storage media like CDs or whatever. |
|
|
|
|
|
BitcoinDistributor
|
|
February 23, 2015, 11:57:10 AM |
|
Personally I don't know why you wouldn't just do the following if you were the hacker:
Split up the 7000 into 100 or 200 increments of BTC in each address.
Send to bitmixer.io and do a selective, different fee each time. Do one address (of 100-200 BTC) every couple of days, in no predictable fashion. Set a random time delay on each mix to also prevent time delay.
And boom. Coins mixed. Now sell them.
|
I'm a lover not a hater. I'm a scam buster misunderstood. However, this forum is full of haters which is why you see my trust. They can't handle my success so they try to stop me...BUT NO ONE STOPS MY SUCCESS! ....Find Quickseller annoying? Click the "ignore" button below his name! You're welcome!
|
|
|
|
|
|
