Blog of Mark Karpeles Hacked; Mt. Gox Database Leaked
17 replies, posted
[quote]The latest twist in the fall of Bitcoin exchange Mt. Gox is here, as CEO Mark Karpeles, personal blog, MagicalTux.net (along with his Tumblr and Reddit accounts) has apparently been hacked. Whoever has control now used them to post a "MtGox2014Leak.zip" that claims to show "relevant database dumps, csv exports, specialized tools, and some highlighted summaries compiled from data." We wouldn't recommend downloading the file or running its included executable (pictured above, it claims to be from Mt. Gox parent company Tibanne Ltd.), but some already have. Several posters on Reddit and Twitter report they've verified their personal account balances with the data in it -- also available as an Excel spreadsheet -- tied to the user id included in their first Mt. Gox registration e-mail.[/quote]
Source: [url]http://www.engadget.com/2014/03/09/bitcoin-mark-karpeles-mt-gox-blog-hack-database/[/url]
The post (down for me ATM): [url]http://blog.magicaltux.net/2014/03/09/mtgox-2014-hack-database-revealed-live-from-mark-karpeless-reddit-account/[/url]
You can find the torrent with a quick google search; I won't link to it as I'm not sure if it's bannable. The leak also hints that there's 951,116BTC actually deposited at Mt. Gox, far from the couple thousand they claim.
Well shit. Even the passport scans and divers licence scans are there apparently. I wonder if that includes bank account numbers and routing numbers.
[URL="http://webcache.googleusercontent.com/search?q=cache%3Ahttp%3A%2F%2Fcache.nevkontakte.com%2Fproxy.html#!go/http%3A%2F%2Fblog.magicaltux.net%2F2014%2F03%2F09%2Fmtgox-2014-hack-database-revealed-live-from-mark-karpeless-reddit-account%2F"]http://webcache.googleusercontent.com/search?q=cache%3Ahttp%3A%2F%2Fcache.nevkontakte.com%2Fproxy.html#!go/http%3A%2F%2Fblog.magicaltux.net%2F2014%2F03%2F09%2Fmtgox-2014-hack-database-revealed-live-from-mark-karpeless-reddit-account%2F[/URL]
Google cache of the deleted blog if anyone wants to look at it
[QUOTE]Balance SUM for ALL USERS by currency.
[][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]
Currency: AUD Balance: 924,124.65121
Currency: BTC Balance: 951,116.21905382 <– That fat fuck has been lying!!
Currency: CAD Balance: 320,184.36558
Currency: CHF Balance: 99,487.07308
Currency: CNY Balance: 297,775.78994
Currency: DKK Balance: 112,264.56207
Currency: EUR Balance: 5,634,625.59531
Currency: GBP Balance: 921,892.96793
Currency: HKD Balance: 740,519.14894
Currency: JPY Balance: 384,885,150.13700
Currency: NOK Balance: 91,346.00305
Currency: NZD Balance: 58,224.95320
Currency: PLN Balance: 1,645,194.67364
Currency: RUB Balance: 551,162.54477
Currency: SEK Balance: 15,335.84383
Currency: SGD Balance: 43,193.59706
Currency: THB Balance: 666,464.33497
Currency: USD Balance: 30,611,805.67481[/QUOTE]
Damn that is a lot of money
[QUOTE=peepin;44196358]Damn that is a lot of money[/QUOTE]
The big question is whether that accurately represents their Bitcoin supply or whether their database and actual supply were out of sync (which is what you'd probably get if there really was a bug that caused a loss of coins).
[QUOTE=supersnail11;44197874]The big question is whether that accurately represents their Bitcoin supply or whether their database and actual supply were out of sync (which is what you'd probably get if there really was a bug that caused a loss of coins).[/QUOTE]
This
It doesn't really show they actually have that money, it just shows how much their system thought they had
I.E. if people rob all the money out of a bank vault in the middle of the night the system will still assume it had the money in there. Even if it doesn't in reality
[QUOTE=gamefighterx;44196289][URL="http://webcache.googleusercontent.com/search?q=cache%3Ahttp%3A%2F%2Fcache.nevkontakte.com%2Fproxy.html#!go/http%3A%2F%2Fblog.magicaltux.net%2F2014%2F03%2F09%2Fmtgox-2014-hack-database-revealed-live-from-mark-karpeless-reddit-account%2F"]http://webcache.googleusercontent.com/search?q=cache%3Ahttp%3A%2F%2Fcache.nevkontakte.com%2Fproxy.html#!go/http%3A%2F%2Fblog.magicaltux.net%2F2014%2F03%2F09%2Fmtgox-2014-hack-database-revealed-live-from-mark-karpeless-reddit-account%2F[/URL]
Google cache of the deleted blog if anyone wants to look at it[/QUOTE]
you can even download the zip file on here!
I'm glad I never got around to linking my bank account to Gox, but my account has a picture of my old license attached to it. I guess I need to be a lot more hesitant of services I use. It is becoming more and more apparent that companies are too lazy to hire proper infosec employees and think that security is something that can be google'd.
So why is it called Mt. Gox? Is the person's name Gox or what?
[QUOTE=SGTNAPALM;44201768]So why is it called Mt. Gox? Is the person's name Gox or what?[/QUOTE]
Magic The (.) Gathering Online eXchange. Went from a place to trade cards to a place to trade currencies, which was probably not the best thing.
[QUOTE=The freeman;44201838]Magic The (.) Gathering Online eXchange. Went from a place to trade cards to a place to trade currencies, which was probably not the best thing.[/QUOTE]
How was that not an instant red flag for people?
They couldn't even be arsed to buy a new domain name, yet you're going to trust them with your bank account info and virtual money?
It just doesn't ever stop
[QUOTE=sloppy_joes;44204399]How was that not an instant red flag for people?
They couldn't even be arsed to buy a new domain name, yet you're going to trust them with your bank account info and virtual money?[/QUOTE]
No one really thought it was going to take off; this was back when Bitcoins were a few dollars at most. He made the site in literally a week and launched it. It's only after people realized that it was successful that Karpeles bought it.
[editline]11th March 2014[/editline]
[quote=Jed McCaleb]I created mtgox on a lark after reading about bitcoins last summer. It has been interesting and fun to do. I’m still very confident that bitcoins have a bright future. But to really make mtgox what it has the potential to be would require more time than I have right now. So I’ve decided to pass the torch to someone better able to take the site to the next level.[/quote]
Yeah but a new domain name costs almost nothing, but makes it seem so much more legitimate. Having the same domain name as your previous venture just makes it seem like youre doing it as a quick side project or potentially a quick grab for cash.
[QUOTE=bord2tears;44195754]Well shit. Even the passport scans and divers licence scans are there apparently. I wonder if that includes bank account numbers and routing numbers.[/QUOTE]
And I am guessing there is not much we can do about this...
[QUOTE=sloppy_joes;44204969]Yeah but a new domain name costs almost nothing, but makes it seem so much more legitimate. Having the same domain name as your previous venture just makes it seem like youre doing it as a quick side project or potentially a quick grab for cash.[/QUOTE]
A quick side project is exactly what it was.
And would you trust a quick side project to store your money? Where did all the money go?
That's the point.
[QUOTE=sloppy_joes;44205797]And would you trust a quick side project to store your money? Where did all the money go?
That's the point.[/QUOTE]
It turned into a real thing after it got popular, but you can't change the brand at that point.
Sorry, you need to Log In to post a reply to this thread.
