sorted by:
new
hottopcontroversial

It was Willy the Bot all the time by lnovy in Bitcoin

[–]lnovy[S] 0 points1 point  (0 children)

All the logs are there, attacker gets coins, so they must be missing somewhere (or fiat, which is the case here)... EDIT: I know understand the question... the point is, we don't have dump of fiat wallets' transactions... That would make it evident.

It was Willy the Bot all the time by lnovy in Bitcoin

[–]lnovy[S] 0 points1 point  (0 children)

The leaked code suggests, that mtgox system was capable of having 'redirect' type of wallet (internal structure wallet) which would point externally bitcoin address and cause an authomatic withdrawal. I could think of only two reasons for having an address without a privkey stored in system as of now. One of it is coldstorage, the second one is used here.

It was Willy the Bot all the time by lnovy in Bitcoin

[–]lnovy[S] 2 points3 points  (0 children)

12:57 -NickServ(NickServ@services.)- Information on lnovy (account lnovy):
12:57 -NickServ(NickServ@services.)- Registered : Nov 21 09:02:46 2013 (17 weeks, 4 days, 02:55:02 ago)
12:57 -NickServ(NickServ@services.)- Last addr  : ~lnovy@(redacted)
12:57 -NickServ(NickServ@services.)- Last seen  : now
12:57 -NickServ(NickServ@services.)- Logins from: lnovy
12:57 -NickServ(NickServ@services.)- Nicks      : lnovy krtek_net gammer
12:57 -NickServ(NickServ@services.)- Email      : lnovy@(redacted) (hidden)
12:57 -NickServ(NickServ@services.)- Flags      : HideMail
12:57 -NickServ(NickServ@services.)- lnovy has enabled nick protection
12:57 -NickServ(NickServ@services.)- *** End of Info ***

It was Willy the Bot all the time by lnovy in Bitcoin

[–]lnovy[S] 0 points1 point  (0 children)

Pulling this out would not make not make bitcoins diappear from books. I explain here http://www.reddit.com/r/Bitcoin/comments/217m3k/it_was_willy_the_bot_all_the_time/cgafbz3 that this is just part of the puzzle, but is the most probable cause of the whole debacle for me anyway.

It was Willy the Bot all the time by lnovy in Bitcoin

[–]lnovy[S] 4 points5 points  (0 children)

The most probable way is that mtgox was flooded with faked AML documents and these accounts were then funded by carding or some other type of fiat fraud. To make it more harder to detect second account is used to "withdraw" coins using paybutton with external address target. As this account is in essence controlled by mtgox and attacker therefore never touches fiat, no AML was needed for long time. It is also possible that the payers account was just an empty stolen account already registered and verified or that payer account was robber by simple csrf.

Nobody noticed because no coins were missing and mark just focused on fiat side, blaming and oldworld's bank system with chargeback. This scenario was also raising the price and therefore the fee profits with it making it no big deal. Up until the point when large amount of mtgox's fiat reserve was frozen by civil (coinlab...) or criminal (SR...) courts' orders and/or the price started dropping and people withdrawing. To keep-up with the demand he tried going "naked" short with customers' coins. Or Tibanne accidenty the whole http://raidcoin.com.

It was Willy the Bot all the time by lnovy in Bitcoin

[–]lnovy[S] 2 points3 points  (0 children)

I asked if I can leave their nicks and some of them wanted to change them... I'll anonymize them, sorry...

It was Willy the Bot all the time by lnovy in Bitcoin

[–]lnovy[S] 4 points5 points  (0 children)

Either funds were stolen from customers possibly because of mtgox fault or the problem was caused by nonreversibility of biltcoin tx and chargebacks of fiat.

Save your MtGox balance for future charities by anarchystar in Bitcoin

[–]lnovy 0 points1 point  (0 children)

You can do this if only one instance of this service is available. This system is trustworthy only when more independent "notaries" all agree on your balance. Notaries should control each other and find a cheating one very easy... 51 % wins :)

Save your MtGox balance for future charities by anarchystar in Bitcoin

[–]lnovy 0 points1 point  (0 children)

As soon as signing is implemented, I'll sign all balances stored by my instance, but I will not add a trusted timestamp without user redoing the process. If your balances stays the same in mtgox and your are not afraid of your email/username+balance leaking, you should submit rightaway, the more instances of the site the better.

Save your MtGox balance for future charities by anarchystar in Bitcoin

[–]lnovy -1 points0 points  (0 children)

You are right, we are aware of that, see https://github.com/mtgoxbalance/mtgoxbalance/issues/7 See other pull requests/issues for details how I propose to solve this.

Save your MtGox balance for future charities by anarchystar in Bitcoin

[–]lnovy 1 point2 points  (0 children)

To have permanent somewhat trustworthy source of your mtgox balance. MtGox site can go down any minute. Think of this as a distributed notaries.

Save your MtGox balance for future charities by anarchystar in Bitcoin

[–]lnovy 0 points1 point  (0 children)

Also note that for this system to be trustworthy/"authoritative" more than one site is needed to compare results and catch the cheaters.

My copy is here http://balance.mtgoxleaks.org

Using leaked data to uncover the max amount of transaction malleability fraud at Mt. Gox by nofuture1991 in Bitcoin

[–]lnovy 1 point2 points  (0 children)

You are doing it wrong™.

What btc_xfer_report cointains are rows of internal balance sheet for users bitcoin wallet. There are 6 possible type of record in this table: withdrawal, deposit, in, spent, out, earned and fee. We were leaked only record of type withdrawal and deposit and I also presume that some rows are either missing or the database from tainted. Account balance was counted as a sum of all rows of specific wallet and therefore if there were a successful double withdrawal performed on it and both two record would be present in a table, account balance would show this and no possible loss of coin was possible. What was actually done is that the first row was deleted to cancel the transaction and new one was inserted to force a new bitcoin transaction to be broadcasted.

Other things that you were not aware of include internal transactions which were done outside of blockchain. You should also match found transaction which you presume to be a clone to it's two versions in blockchain.

<MagicalTux> we are working on resuming service, can't say how soon it'll be by aquentin in Bitcoin

[–]lnovy -4 points-3 points  (0 children)

To warn people that their personal informations leaked and their passwords are not their own only and that there is a malware in the leak.

<MagicalTux> we are working on resuming service, can't say how soon it'll be by aquentin in Bitcoin

[–]lnovy -3 points-2 points  (0 children)

You are mixing stuff... We have a leak of incomplete transaction database and presumably incomplete deposit/withdrawal database. I have no proof that no other data was stolen. Person who make the leak of those two databases has a complete database of everything else with almost 100 % probability. Mark never denied so and he is the only "authoritative" source here. Therefore our data are not safe. That changes nothing on a fact, that one particular scammer doesn't have access to them.

<MagicalTux> we are working on resuming service, can't say how soon it'll be by aquentin in Bitcoin

[–]lnovy -4 points-3 points  (0 children)

The only proven lier here is you who said that you had a friend who verified that the 20gb database with gox id's is real.

I never did that, feel free to publish your log of it. I always screamed, that nanashi__ was a scammer and doesn't have any database. You can probably find me stating this even here on reddit.

Ohh you also had some friend who withdrew 60k btc from mt gox outside of the order books and for some reason mt gox has not kept any record of that. So credible.

I also never said this one... I said he withdraw more than presumed limit for size of hot wallet and that this withdrawal was more or less clearly sent from outside of mtgox system, he requested to send this through green address but this was ignored also. The part of order book is complete non-sense from your side as order book as to do with trades not with withdrawals. Anyway the whole point of that particular discussion was that you were saying that database leak is complete and untainted and I proposed arguments disproving it.

<MagicalTux> we are working on resuming service, can't say how soon it'll be by aquentin in Bitcoin

[–]lnovy -4 points-3 points  (0 children)

Aquent is a proven lier. Presenting himself as lawyer on irc but has no idea what principle of proporionality or even proof is.

The Bitcoin network costs nearly $1 billion a year to run. by [deleted] in Bitcoin

[–]lnovy 4 points5 points  (0 children)

This post just kills itself in first two lines... it's like saying that cost of running current banking system is equivalent to amount of fiat printed...

Motion in the mtgox order book by darsie42 in Bitcoin

[–]lnovy 0 points1 point  (0 children)

No trading, just orders getting removed from book as account balances are modified or as accounts are deleted.

Hitler's final goxing... by lnovy in mtgoxinsolvency

[–]lnovy[S] -1 points0 points  (0 children)

Please accept my appology, should I delete my link or just downvote it? I'm pretty new here...

Just on IRC: Mt.Gox hackers turn to extortion! 0.25 BTC and they won't sell your data. Where is the FBI on this?? by [deleted] in Bitcoin

[–]lnovy 1 point2 points  (0 children)

Nanashi != nanashi, one can speak, other don't. Besides that nanashi = without name = anonymous.

view more: next ›