LulzSec rogue suspected of $9M Bitcoin hack

amateursurgeon

amateursurgeon

Hot Metal and Methedrine
Apr 2, 2007
3,855
124
0
The Uncanny Valley
I don't know how much of this story is usual overhyped media bullshit, but has some pretty interesting points:


LulzSec rogue suspected of Bitcoin hack | Technology | guardian.co.uk

Cliff notes:

  • Someone tried to sell $7m of bitcoins on MtGox in one go
  • They clearly didn't understand economics because this drove the spot price down to zero, causing trading to be suspended.
  • Botnets have allegedly been put to work mining a shitload of bitcoins (This is a fucking brilliant idea. Why didn't I think of this? ) 1. Hire botnet for $100 a day. 2. Mine bitcoins. 3. Bahahahaha
  • Whoever hacked it bypassed the entire peer to peer security cleverness of bitcoins, and just went for a single point of failure - a SQL injection attack on the MtGox server
  • Another bitcoin broker says most of this is bollocks, but the paper printed it anyway 'cos it sounds cool.

Something that occurred to me - why the fuck didn't the designer of bitcoin build in a revocation mechanism. It's pretty pisseasy to do using PKI principles? It would pretty much make stolen bitcoins useless as soon as the theft is detected.


Otherwise... this whole Lulszec saga has the makings of a great film script in the right hands :smokin:
 


I like everything I've heard so far about Lulzsec. They have a great sense of humor and they have fun while showing the world just how insecure most of our websites and computer networks are.

Every important institution from classified government networks to our fucking banks have tied into this cesspool of a net. We're just asking for serious trouble.

Lulzsec is providing a great service for free IMO. It's the hackers that don't tell you what they're doing that you need to worry about.
 
amateursurgeon said:
Something that occurred to me - why the fuck didn't the designer of bitcoin build in a revocation mechanism. It's pretty pisseasy to do using PKI principles? It would pretty much make stolen bitcoins useless as soon as the theft is detected.
Click to expand...

Think about it for 10 seconds. I know you can find a flaw in this yourself.
 
Hatsune said:
Think about it for 10 seconds. I know you can find a flaw in this yourself.
Click to expand...

What? Malicious revocation?

You have a revocation keypair, the private key of which is kept separately to the bitcoin wallet.

(If you store them both in the same place, you're too stupid to own bitcoins.)

Or did you have something else in mind?
 
LulzSec-007.jpg
 
Lulzsec is only giving a case for government regulation/killswitch/logging. Fucktards are gonna ruin it for everyone LULZ
 
The group LulzSec, short for LulzSecurity, appears to a be a similar organization to Anonymous, a group of hacktivists without a leadership structure. Currently the group is allying itself with Anonymous on a campaign called “AntiSec,” anti-security, presumably with the intention of cracking online security structures various businesses and government agencies if they cross them.
 
You must log in or register to reply here.
Top Bottom