Bitcoin Forum
December 10, 2016, 09:06:42 AM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 [17] 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 »
  Print  
Author Topic: Statement about the suspect of recent Bitcoinica hack  (Read 124667 times)
zhoutong
VIP
Hero Member
*
Offline Offline

Activity: 490


View Profile WWW
July 29, 2012, 04:14:14 AM
 #321

This is why I don't believe Zhou.

Zhou claimed:

That his business associate stole his password when he signed up on a website.
That his business associate had access to the source code prior to anyone else.
That his business associate knew who was Chris Heaslip!
That his business associate quickly decides to return funds when confronted!

Now replace the business associate with Zhou.. And it makes a lot of sense.

He had access to the email, which he havent used in a while.
Knew the password for lastpass and the source code.
Knew all the people in bitcoinica.
And of course had access to the stolen funds.


This is the evidence just from Zhou, not aurumxchange.

That email was protected with my weakest password that I reused everywhere and even shared with some other people. I didn't have to protect that email at all because it's meant to be semi-sockpuppet anyway.

He had access to source code after genjix released it.

Chris Heaslip's Mt. Gox account was stored alongside Wendon's in the LastPass. Obviously he didn't know which one had more money so he logged in to both.

I know a lot of his personal information (especially his and his wife's bank accounts and address), and I threatened to report to police if he didn't agree to refund.

I don't know where you got all the misleading information from.

Founder of NameTerrific (https://www.nameterrific.com/). Co-founder of CoinJar (https://coinjar.io/)

Donations for my future Bitcoin projects: 19Uk3tiD5XkBcmHyQYhJxp9QHoub7RosVb
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481360802
Hero Member
*
Offline Offline

Posts: 1481360802

View Profile Personal Message (Offline)

Ignore
1481360802
Reply with quote  #2

1481360802
Report to moderator
1481360802
Hero Member
*
Offline Offline

Posts: 1481360802

View Profile Personal Message (Offline)

Ignore
1481360802
Reply with quote  #2

1481360802
Report to moderator
dree12
Legendary
*
Offline Offline

Activity: 1232



View Profile
July 29, 2012, 04:21:34 AM
 #322

This is why I don't believe Zhou.

Zhou claimed:

That his business associate stole his password when he signed up on a website.
That his business associate had access to the source code prior to anyone else.
That his business associate knew who was Chris Heaslip!
That his business associate quickly decides to return funds when confronted!

Now replace the business associate with Zhou.. And it makes a lot of sense.

He had access to the email, which he havent used in a while.
Knew the password for lastpass and the source code.
Knew all the people in bitcoinica.
And of course had access to the stolen funds.


This is the evidence just from Zhou, not aurumxchange.
It would also make a lot of sense if you replace aurumxchange with Zhou.

Bitcoinica was a mass-marketing ploy. They are the same identity: notice how Bitcoinica offered aurumxchange as a service. Zhou/aurumxchange decided to initiate a mass-marketing campaign, and started Bitcoinica. After bootstrapping on Intersango's fame, aurumxchange became increasingly frustrated at the Consultancy's control, preferring to further advance aurumxchange's recognition. The Rackspace "hack" was initiated to regain control over Bitcoinica, and to create commotion. After the Consultancy refused to relinquish control, Bitcoinica was written off. Aurumxchange began contemplating the best time to begin mass-marketing with the remnants of it. Zhou/aurumxchange then decided to transfer a large amount of claimed funds, claiming theft. As Zhou's identity was written off along with Bitcoinica, aurumxchange continued arguing to gain exposure.
vampire
Hero Member
*****
Offline Offline

Activity: 574



View Profile
July 29, 2012, 04:24:55 AM
 #323

That email was protected with my weakest password that I reused everywhere and even shared with some other people. I didn't have to protect that email at all because it's meant to be semi-sockpuppet anyway.

He had access to source code after genjix released it.

Chris Heaslip's Mt. Gox account was stored alongside Wendon's in the LastPass. Obviously he didn't know which one had more money so he logged in to both.

I know a lot of his personal information (especially his and his wife's bank accounts and address), and I threatened to report to police if he didn't agree to refund.

I don't know where you got all the misleading information from.

What you mean misleading, it's from YOUR post here! Mine interpretation, but the facts are yours.



The source code was leaked after the hack as far we know. No one in this forum knew about the source code prior to genjix posting it and then deleting it.
Now this hacker dude gets off easily because he sends money back? Why don't you file a police report now?


vampire
Hero Member
*****
Offline Offline

Activity: 574



View Profile
July 29, 2012, 04:27:30 AM
 #324

It would also make a lot of sense if you replace aurumxchange with Zhou.

Bitcoinica was a mass-marketing ploy. They are the same identity: notice how Bitcoinica offered aurumxchange as a service. Zhou/aurumxchange decided to initiate a mass-marketing campaign, and started Bitcoinica. After bootstrapping on Intersango's fame, aurumxchange became increasingly frustrated at the Consultancy's control, preferring to further advance aurumxchange's recognition. The Rackspace "hack" was initiated to regain control over Bitcoinica, and to create commotion. After the Consultancy refused to relinquish control, Bitcoinica was written off. Aurumxchange began contemplating the best time to begin mass-marketing with the remnants of it. Zhou/aurumxchange then decided to transfer a large amount of claimed funds, claiming theft. As Zhou's identity was written off along with Bitcoinica, aurumxchange continued arguing to gain exposure.

I don't know what you've just said. I am operating on facts.


The fact is: I have no idea what aurumxchange does. Never visited the site. So far they've failed to market whatever products they want sell to me. I assume they do some kind of exchange...

zhoutong
VIP
Hero Member
*
Offline Offline

Activity: 490


View Profile WWW
July 29, 2012, 04:28:16 AM
 #325

That email was protected with my weakest password that I reused everywhere and even shared with some other people. I didn't have to protect that email at all because it's meant to be semi-sockpuppet anyway.

He had access to source code after genjix released it.

Chris Heaslip's Mt. Gox account was stored alongside Wendon's in the LastPass. Obviously he didn't know which one had more money so he logged in to both.

I know a lot of his personal information (especially his and his wife's bank accounts and address), and I threatened to report to police if he didn't agree to refund.

I don't know where you got all the misleading information from.

What you mean misleading, it's from YOUR post here! Mine interpretation, but the facts are yours.



The source code was leaked after the hack as far we know. No one in this forum knew about the source code prior to genjix posting it and then deleting it.
Now this hacker dude gets off easily because he sends money back? Why don't you file a police report now?




The hacker didn't steal from me. Why should I file a police report?

I'm obviously more pissed off because of AurumXchange, and people like you, rather than the hacker or Bitcoinica.

The source code is the direct cause for the hack, because the LastPass master password was not redacted.

The hack happened on July 12, and the source code was released a few days before that.

Founder of NameTerrific (https://www.nameterrific.com/). Co-founder of CoinJar (https://coinjar.io/)

Donations for my future Bitcoin projects: 19Uk3tiD5XkBcmHyQYhJxp9QHoub7RosVb
zhoutong
VIP
Hero Member
*
Offline Offline

Activity: 490


View Profile WWW
July 29, 2012, 04:31:49 AM
 #326

Another disclosure:

I detected two vulnerabilities in ExchB (hope you guys still remember this exchange) last year and I returned the money I "stole" from them actively after the hack.

I also wanted to test whether Mt. Gox had the same problem, so I created the account using my stevejobs email. I didn't want to use my own account for this testing. And Mt. Gox was secure enough that I failed to exploit.


Founder of NameTerrific (https://www.nameterrific.com/). Co-founder of CoinJar (https://coinjar.io/)

Donations for my future Bitcoin projects: 19Uk3tiD5XkBcmHyQYhJxp9QHoub7RosVb
Coinoisseur
Sr. Member
****
Offline Offline

Activity: 252


View Profile
July 29, 2012, 04:32:01 AM
 #327

Because they involved your account in the crime and also, according to you (Zhou Tong) used it for credit card fraud. People file police reports for much, much smaller thefts. Insurance companies have people file reports as a sign of honesty. Lots of reasons to file a report.


The hacker didn't steal from me. Why should I file a police report?

vampire
Hero Member
*****
Offline Offline

Activity: 574



View Profile
July 29, 2012, 04:33:27 AM
 #328

]

The hacker didn't steal from me. Why should I file a police report?

I'm obviously more pissed off because of AurumXchange, and people like you, rather than the hacker or Bitcoinica.

The source code is the direct cause for the hack, because the LastPass master password was not redacted.

The hack happened on July 12, and the source code was released a few days before that.

Like me stating facts? Whoops, like a fact:

That the hacker stole your identity and used it to steal funds from your (ex-) company? That's a crime.


As I said in this forum, we had no idea about the source code leak. Where is your prove that the source code was leaked to the Chinese bitcoin community, and then that some co-worker of the hacker told him so?
Rarity
Full Member
***
Offline Offline

Activity: 182


Look upon me, BitcoinTalk, for I...am...Rarity!


View Profile
July 29, 2012, 04:33:58 AM
 #329

It would also make a lot of sense if you replace aurumxchange with Zhou.

Bitcoinica was a mass-marketing ploy. They are the same identity: notice how Bitcoinica offered aurumxchange as a service. Zhou/aurumxchange decided to initiate a mass-marketing campaign, and started Bitcoinica. After bootstrapping on Intersango's fame, aurumxchange became increasingly frustrated at the Consultancy's control, preferring to further advance aurumxchange's recognition. The Rackspace "hack" was initiated to regain control over Bitcoinica, and to create commotion. After the Consultancy refused to relinquish control, Bitcoinica was written off. Aurumxchange began contemplating the best time to begin mass-marketing with the remnants of it. Zhou/aurumxchange then decided to transfer a large amount of claimed funds, claiming theft. As Zhou's identity was written off along with Bitcoinica, aurumxchange continued arguing to gain exposure.

I don't know what you've just said. I am operating on facts.


The fact is: I have no idea what aurumxchange does. Never visited the site. So far they've failed to market whatever products they want sell to me. I assume they do some kind of exchange...



If you are operating on "facts" maybe you should learn enough about this situation to know who the major players in it are before you accuse people of being thieves.

"Money is like manure: Spread around, it helps things grow. Piled up in one place, it just stinks."
vampire
Hero Member
*****
Offline Offline

Activity: 574



View Profile
July 29, 2012, 04:38:52 AM
 #330

Another disclosure:

I detected two vulnerabilities in ExchB (hope you guys still remember this exchange) last year and I returned the money I "stole" from them actively after the hack.

I also wanted to test whether Mt. Gox had the same problem, so I created the account using my stevejobs email. I didn't want to use my own account for this testing. And Mt. Gox was secure enough that I failed to exploit.



So the fact is that you were actively exploiting exchanges for bugs. While of course forgetting to secure your own.

Keep adding evidence against yourself.
repentance
Hero Member
*****
Offline Offline

Activity: 840


View Profile
July 29, 2012, 04:51:20 AM
 #331

Many people have voiced the suspicion that the Rackspace intrusion was an inside job from the moment it was announced.  Even if people accept at face value the extraordinary claims regarding the MtGox breach, it's not going to extinguish suspicion about the Rackspace compromise.

At this point in time, the only way that those involved with Bitcoinica are going to be freed from suspicion of having been involved in the Rackspace intrusion and/or MtGox compromise is if somebody else is identified as being responsible for those events by an independent investigation.  Attributing the crimes to a third party who can't be held accountable means fuck all in the absence of actual evidence of their involvement.

Quote
The source code is the direct cause for the hack, because the LastPass master password was not redacted.

The hack happened on July 12, and the source code was released a few days before that.

You said yourself that the Rackspace intruder got all the information necessary to breach the MtGox account.  The source code leak is not the only possible explanation for how it was compromised.  There is no verifiable evidence of who hacked the MtGox account, only of where the funds from the intrusion were sent.

I agree with Matthew that the information which AurumXchange gathered should not have been made public.

All I can say is that this is Bitcoin. I don't believe it until I see six confirmations.
shockD
Member
**
Offline Offline

Activity: 93


View Profile
July 29, 2012, 04:54:17 AM
 #332

haha!!! Goddamn, Zhou, you really really should heed the advice of people telling you to zip your fucking trap and be quiet. You aren't helping yourself remotely.
Yankee (BitInstant)
Legendary
*
Offline Offline

Activity: 1078


Charlie 'Van Bitcoin' Shrem


View Profile WWW
July 29, 2012, 05:17:00 AM
 #333

Hmm. BitInstant (whom Roger Ver is part owner of), MtGox and AurumXchange start a thread about how Zhou Tong is a hacker and a thief (advised by their attorney) which breaks all of their privacy agreements of their own companies and is basically libel.

MtGox listens to the advice of BitInstant's attorney, someone who doesn't even work for them.

They the whole boys club suddenly decides that Roger Ver, Charlie Shrem and company's attorney should be the one holding ALL customer funds for Bitcoinica with a vague condition of "until things get worked out" or something to that degree (which could be that Patrick Murck independently decides that Roger Ver should get paid out first, 100%, everyone else paid later for all we know).

It's obvious that Bitcoinica's lack of accountability and management of this issue is appalling, but come on guys-- you don't think there is any problem with this picture?

Excuse me. Please consult with me first before throwing stupid rumors across the forums.

BitInstant is not holding the funds nor has any part of this. I was consulted after it was done.

As far as I understand, the funds are being held in some kind of trust account.

Your free to speak to Patrick Murck about it yourself.

-Charlie



Bitcoin pioneer. An apostle of Satoshi Nakamoto. A crusader for a new, better, tech-driven society. A dreamer.

More about me: http://CharlieShrem.com
stochastic
Hero Member
*****
Offline Offline

Activity: 532


View Profile
July 29, 2012, 05:21:15 AM
 #334


I know a lot of his personal information (especially his and his wife's bank accounts and address), and I threatened to report to police if he didn't agree to refund.


Actually, you have to release the information to the authorities or you are an accomplice.  These were not your funds he stole.

Introducing constraints to the economy only serves to limit what can be economical.
dancingnancy
Sr. Member
****
Offline Offline

Activity: 407


View Profile
July 29, 2012, 05:43:24 AM
 #335

This is why I don't believe Zhou.

Zhou claimed:

That his business associate stole his password when he signed up on a website.
That his business associate had access to the source code prior to anyone else.
That his business associate knew who was Chris Heaslip!
That his business associate quickly decides to return funds when confronted!

Now replace the business associate with Zhou.. And it makes a lot of sense.

He had access to the email, which he havent used in a while.
Knew the password for lastpass and the source code.
Knew all the people in bitcoinica.
And of course had access to the stolen funds.


This is the evidence just from Zhou, not aurumxchange.

That email was protected with my weakest password that I reused everywhere and even shared with some other people. I didn't have to protect that email at all because it's meant to be semi-sockpuppet anyway.

He had access to source code after genjix released it.

Chris Heaslip's Mt. Gox account was stored alongside Wendon's in the LastPass. Obviously he didn't know which one had more money so he logged in to both.

I know a lot of his personal information (especially his and his wife's bank accounts and address), and I threatened to report to police if he didn't agree to refund.

I don't know where you got all the misleading information from.

It isn't that I do not believe you ZT, but these are bold claims.  I hope you will be able to back all of this up if you have to.  I trust that you wouldn't state this about having her information if you really didn't.  In my mind there is still a small possibility you are involved, of course no one here as a regular member has all the information, but I suggest if you are telling stories to talk to your parents about what you have done.  They may be held responsible somehow if you are a minor - not really sure how all that works.  Regardless, you will bring them trouble.  No reason to shame your family over this.  It will be very newsworthy I would imagine.
stochastic
Hero Member
*****
Offline Offline

Activity: 532


View Profile
July 29, 2012, 05:53:14 AM
 #336

This is why I don't believe Zhou.

Zhou claimed:

That his business associate stole his password when he signed up on a website.
That his business associate had access to the source code prior to anyone else.
That his business associate knew who was Chris Heaslip!
That his business associate quickly decides to return funds when confronted!

Now replace the business associate with Zhou.. And it makes a lot of sense.

He had access to the email, which he havent used in a while.
Knew the password for lastpass and the source code.
Knew all the people in bitcoinica.
And of course had access to the stolen funds.


This is the evidence just from Zhou, not aurumxchange.

That email was protected with my weakest password that I reused everywhere and even shared with some other people. I didn't have to protect that email at all because it's meant to be semi-sockpuppet anyway.

He had access to source code after genjix released it.

Chris Heaslip's Mt. Gox account was stored alongside Wendon's in the LastPass. Obviously he didn't know which one had more money so he logged in to both.

I know a lot of his personal information (especially his and his wife's bank accounts and address), and I threatened to report to police if he didn't agree to refund.

I don't know where you got all the misleading information from.

It isn't that I do not believe you ZT, but these are bold claims.  I hope you will be able to back all of this up if you have to.  I trust that you wouldn't state this about having her information if you really didn't.  In my mind there is still a small possibility you are involved, of course no one here as a regular member has all the information, but I suggest if you are telling stories to talk to your parents about what you have done.  They may be held responsible somehow if you are a minor - not really sure how all that works.  Regardless, you will bring them trouble.  No reason to shame your family over this.  It will be very newsworthy I would imagine.

Maybe we should contact ZT's parents.  Do they live in Guangzhou?

Introducing constraints to the economy only serves to limit what can be economical.
MrTeal
Legendary
*
Offline Offline

Activity: 1246


View Profile
July 29, 2012, 05:57:25 AM
 #337

That email was protected with my weakest password that I reused everywhere and even shared with some other people. I didn't have to protect that email at all because it's meant to be semi-sockpuppet anyway.
Ahem...
* Mark Karpeles indicated that there was an account opened at MtGox using the email stevejobs807@gmail.com sometime in 2011.
* Mark replied stating that there was activity on this account, that the account was opened using an IP address belonging to Microsoft Singapore, that Zhou Tong was known to have worked for said company at said location, that the email stevejobs807@gmail.com have been verified, and that ALL activity on this account is linked to the MtGox account belonging to Zhou Tong.
* Mark has also indicated that the very first operation on the MtGox account opened with email stevejobs807@gmail.com was the redeeming of a 10 BTC MtGox code generated from Zhou Tong's account.
* Charlie indicated that Erik Vorhees (a well known member of this community) has emails he exchanged with Zhou using the email address stevejobs807@gmail.com.
Might want to look into protecting the accounts you use at financial exchanges in the future.
repentance
Hero Member
*****
Offline Offline

Activity: 840


View Profile
July 29, 2012, 06:06:15 AM
 #338


Maybe we should contact ZT's parents.  Do they live in Guangzhou?

I think that's a terrible idea.  If further investigation by competent authorities implicates Zhou then his parents will find out soon enough.  Harassing his parents is way out of line and should be rejected as an option if only because Maria made similar threats and nobody should see stooping to her level as acceptable.

All I can say is that this is Bitcoin. I don't believe it until I see six confirmations.
stochastic
Hero Member
*****
Offline Offline

Activity: 532


View Profile
July 29, 2012, 06:12:10 AM
 #339


Maybe we should contact ZT's parents.  Do they live in Guangzhou?

I think that's a terrible idea.  If further investigation by competent authorities implicates Zhou then his parents will find out soon enough.  Harassing his parents is way out of line and should be rejected as an option if only because Maria made similar threats and nobody should see stooping to her level as acceptable.

When a 17 year old kid knocks a baseball through my window and tries to blame someone else I would go talk to the 17-year kid's parents.  I don't see why they would not be contacted for this.

Introducing constraints to the economy only serves to limit what can be economical.
Bigpiggy01
Hero Member
*****
Offline Offline

Activity: 616



View Profile
July 29, 2012, 06:16:09 AM
 #340


Maybe we should contact ZT's parents.  Do they live in Guangzhou?

I think that's a terrible idea.  If further investigation by competent authorities implicates Zhou then his parents will find out soon enough.  Harassing his parents is way out of line and should be rejected as an option if only because Maria made similar threats and nobody should see stooping to her level as acceptable.

When a 17 year old kid knocks a baseball through my window and tries to blame someone else I would go talk to the 17-year kid's parents.  I don't see why they would not be contacted for this.

+1

Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 [17] 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!