Bitcoin.X-files.

Bitcoin has always been a rather ambiguous phenomenon. Since its inception, it has attracted a certain audience, which is probably due to its private nature. With a large degree of confidence, we can say that many dedicated bitcoin users want to hide their financial transactions from outsiders. Another factor that makes bitcoin so mysterious is its Creator, Satoshi Nakamoto. Why? Because his name is a pseudonym, and Satoshi Nakamoto himself was never discovered. Satoshi led the development of bitcoin since late 2008 to April 2011. And then he disappeared and hasn't appeared until today. Some claim that it was found by intelligence in order to ensure national security, but there is no official statement on this matter.

But that's not all. Satoshi's legacy-bitcoin-is found in the darkest corners of the world wide web. One example – 42 500 bitcoin addresses, each of which contains at least 25 BTC and is not used for a long time. Billions of dollars, but they're out of reach. Some of these wallets have not been used for years. One of them contains 31 000 BTC, that is about $180 million at the current rate. It was last active on July 24, 2010. Someone once owned this address, maybe now, but he hasn't used it since that day. It is possible that its owner has died or lost access, but there is always the possibility that it will be used again. Something similar stirred up the bitcoin community recently, when the wallet containing 110 000 + BTC and sleeping since the beginning of 2014, suddenly showed activity in the middle of 2018. This caused a digital earthquake, because crypto investors around the world have long considered access to it lost and began to fear a Grand liquidation that could bring down the market. Another interesting event happened in 2013. On the night of November 22, someone moved 200 000 BTC or $150 000 000 at the exchange rate at that time, accompanied by the message: "a Fucking lot of money!"Although everyone sees this transaction in the blockchain, its participants remain unknown.Thus, bitcoin has always attracted quite strange users. Not only crazy fighters for personal freedom, but also criminals, hackers and others who are interested in the secret movement of money. The result of this was the formation of a rather dubious environment, which, fortunately, has recently experienced a qualitative transformation. Bitcoin knew many dramatic stories, especially in his early years. It is about them that blogger Jimi tells us.

May 2011-Ubitex - failed IPO, owner hiding, taking 1 138 BTC

In may 2011, the investment platform for global Bitcoin Stock Exchange or GLBSE startups operating in the bitcoin ecosystem conducted the initial public offering (IPO) of the Ubitex project. Its owner under the nickname Cuddlefish promised to help buyers and sellers of bitcoin to organize personal meetings with each other to make deals.

The bitcoin community has invested 1,138 BTC, but after that the story becomes quite vague. The service never started, and in August its owner disappeared. It was later revealed that the owner, Nathaniel Theis, was a minor and probably abandoned the project due to lack of motivation. Investors, however, did not see their money.

Damage in us dollars at the rate at the time of the incident: $15 515 / Suspect: Nathaniel Theis
13 June 2011 the Bitcointalk User “Allinvain” losing 25 000 BTC in the course of the alleged burglary

June 13, 2011 was the first known hacking in the history of bitcoin. User Bitcointalk Allinvain woke up in the morning, after several months of mining cryptocurrency, and found that one of his wallets, which previously were 25 000 BTC, is empty. Panicked, he reached out to Bitcointalk users for help, but received the expected discouraging response. The hacker and the bitcoins to find and could not. Some speculated that this was all a re-enactment of Allinvain itself, which could count on donations, however the fact that he was an early follower of bitcoin speaks against this version because he would hardly want to jeopardize the reputation of the cryptocurrency.

Damage in us dollars at the rate at the time of the incident: $445 688 / Suspect unknown

19 June 2011-Hacking MtGox.com - 2 643 BTC

The first ever hacking of the cryptocurrency exchange took place on June 19, 2011. Exchange Mt. Gox was hacked at 2,643 BTC during the transfer of assets using an account with administrative rights. The attacker and bitcoins were not found. Mt. Gox took responsibility for the hacking and compensated for the losses of the affected users.

Damage in us dollars at the rate at the time of the incident: $ 47 123 / Suspect unknown

20 Jun 2011 — thefts from purses MyBitcoin.com — 4 019 BTC
The next day, the hacking was reported by many users of MyBitcoin wallet. With only various purses was derived 4 019 BTC. Coincidence? Don't think. Later it turned out that all these users had accounts on Mt. Gox, and on the exchange they used the same passwords as in MyBitcoin. So it became clear that the hacking of Mt. Gox also touched upon the exchange database, which was then successfully used to access MyBitcoin wallets.

About 1% of users used the same password. Mybitcoin operators remained anonymous, but someone "Tom Williams" published a message regarding the incident, in which he promised to compensate for the loss of users, but refused to disclose his real identity.

Damage in us dollars at the rate at the time of the incident: $ 71 656 / Suspect unknown

July 26, 2011-Polish exchange Bitomat.pl strangely loses access to the wallet file.dat-17 000 BTC

The following month, the Polish exchange Bitomat announced that it had accidentally deleted its own wallet. Administrator Bartek Sabat has released a statement on Reddit. All bitcoins (17 000), which were in storage, presumably, were lost. The exchange was put up for sale to cover the losses. August 11 Mt. Gox decided to buy Bitomat by absorbing its debt and integrating all users into its platform, thus trying to regain faith in bitcoin.

Damage in us dollars at the rate at the time of the incident: $231 570 / suspected exchange employees
July 29, 2011-Service MyBitcoin.com mysteriously disappears-154 406 BTC

3 days after Bitomat, a much larger incident occurred. Tom Williams walked away with all bitcoin MyBitcoin users with a value in excess of $1 million at the exchange rate at the time. The service completely disappeared from the Internet on July 29, 2011. Bitcointalk users immediately began to investigate, but found only an overseas server with an unknown owner. It seemed that hope was gone.

But on August 4, 5 days later, the website suddenly started working. The main page displayed a message supposedly written by Williams. He claimed that the service was hacked and 51% of all bitcoins (78 739) were stolen. The remaining funds were distributed among the legal owners, and the service declared bankruptcy.

The well-known bitcoin Evangelist Bruce Wagner, who was the host of the early cryptocurrency talk show OnlyOneTV, actively promoted the service among his friends and relatives before these events. He said that at that moment he kept all his 25 000 BTC in MyBitcoin wallet, and urged the victims of the attack to contact the FBI by his example.

But the story doesn't end there. It turned out that MyBitcoin used a rare and rather dubious Arvixe web hosting, which Bruce Wagner used for his talk show “OnlyOneTV”. Coincidence? Yeah, maybe. But another clue came later, when a user of another forum delved into the history of Bruce and found that he had in the past engaged in illegal business and was involved in several episodes from 1995 to 2002, associated with fraud in the field of trading and insurance. But most importantly, he was accused of mortgage fraud along with a firm called Bold Funding in 2004. The court banned Bruce from doing certain types of business and ordered him to pay $365,000 to the victims.
Someone write on BitcoinTalk. THIS HOLE HAS NO BOTTOM!”

Is that Bruce? Yes, that's him, as he confessed to it himself, trying to explain the story on Bitcointalk. What of it? Here the story takes an unexpected turn ... Users kept digging and found that Bold Funding, Bruce's fraudulent company, has a few reviews on the site freeadvice.com ahhh! Needless to say, given the nature of Bold Funding's business, all reviews were negative. All but one. Under a lot of indignation of the deceived clients we find one happy... “Todd Williams”.

"Todd" was a very satisfied customer, who was well served by Bold Funding. We already know that this is nonsense because the company was later found to be fraudulent. Obviously, we are dealing with an example of astroturfing, that is, the technology of artificial creation of public opinion by placing custom publications. We must admit that the community has done a great job to get all this information.

What we have? Promotion of the service among a wide audience, the use of the same rare and questionable hosting, the story of fraud, Todd and Tom Williams, the hype on the background of the incident (often used to divert suspicion from themselves). In the end, who will keep 25 000 bitcoins to this service, such as MyBitcoin, unless he is the owner?

More than half of the missing bitcoins (78 739) has not been found.

Damage in us dollars at the rate at the time of the incident: $1 072 570 / Suspect: Bruce Wagner
11 Sep 2011 — Moonco.in disappears with 4 000 800 000 BTC and SolidCoin

Describe hacking moonco.in is quite problematic because the amount of information available is limited. The site on 7 August 2011 leads to the conclusion that it was started as a project to play poker and betting on sports by means of such currencies as the bitcoin and Namecoin.

Two topics on bitcointalk.org explain how the developers of moonco.in created an exchange application, also suitable for working with SolidCoin, and started experiencing problems in September 2011. On September 6, the exchange was allegedly the victim of a DDoS attack. The main operator of the exchange "Mr Moon" last wrote on Bitcointalk.org this day. On September 9, 2011, the website went offline with all the assets that were in its vault at the time. Mr Moon appeared on Bitcointalk, but remained silent. On September 12, the exchange was activated for a short period of time, thus giving deceived users a little hope, but again went offline after a few minutes. On September 16, Bitcointalk received the last message from Mr Moon, transmitted through another user, in which He stated that the service had been hacked.

Anyway, the missing assets and the hacker were never found. SolidCoin collapsed in price on the background of these events. About 800,000 SolidCoin and 4,000 BTC were stolen from Moonco.in. Although Mr Moon went all out in 2011, in 2017 his account mysteriously began to show activity on the forums again Bitcointalk.org ahhh!

Damage in us dollars at the rate at the time of the incident: $22 346 / Suspect: Mr Moon

5 Oct 2011 — Bitcoin7 — 5 000 BTC (conservative estimate)

On October 5, the Bitcoin7 exchange published a message that it had been hacked and lost all the bitcoins that were in its storage. Initially, the exchange pointed to Russia and Eastern Europe, but the community is convinced of involvement in the incident of the company. The amount of damage is also controversial. Presumably, orders for 15 000 BTC were placed in the glass of the exchange at the time of the incident. According to the official statement, 5,000 BTC was stolen. The missing assets and the hacker were never found. Bitcoin7 closed after that. The domain and website code were sold in 2013 for $10,000 to an anonymous buyer, but the exchange did not resume operations.

Damage in US dollars at the exchange rate at the time of the incident: $15 980 is | are Suspected, the employees of the exchange
October 28, 2011-Mt. Gox accidentally destroyed 2 609 BTC by sending them to the wrong address

Whoops! The losses, however, turned out to be quite modest, and Mt. Gox, one of the biggest players in the cryptocurrency space at the time, made up for them without a problem.

Damage in us dollars at the rate at the time of the incident: $8 340 / Suspect missing

March 1, 2012 - hacking web hosting Linode-46 703 BTC

On March 1, 2012, a bug of the Linode web hosting support portal was used by hackers to gain access to Linode servers. They were then used to hack into all bitcoin-related sites that used Linode services. These included the exchange Bitcoinica operator Zhou Tong, who was at that time a teenager. Exchange lost 43 000 BTC that were in its hot wallet. According to available documents, a secretive investor firm called “LP” offered to compensate for the losses.

Another victim of hacking Linode was the operator of the portal Bitcoinmedia.com Marek Palatinus. He lost 3,000 BTC. Also suffered one of the main developers of bitcoin Gavin Andresen, who, with his own words, lost five bitcoins. Linode released a statement confirming the incident. Hackers and bitcoins were not found.

Damage in us dollars at the rate at the time of the incident: $223 278 / Suspect unknown

April 11, 2012-hacking Betco.in-3 171 BTC

Betco poker room.in, much like the site of the disappeared Mr Moon, was hacked in April 2012 (the owner unofficially announced it on April 13). A total of 3,171 BTC were stolen. Hacker and bitcoins were never found. Owner betco.in was not suspected by the cryptocurrency community.

Damage in us dollars at the rate at the time of the incident: $15 543 / Suspect unknown
April 20, 2012-Tony76 tricked Silk Road users into 30,000 BTC

Here's a pretty outstanding case. Users ceased to exist illegal marketplace Silk Road in vain believed in the reliability of a permanent supplier of drugs under the name Tony76. On April 20, Tony announced a promotion, during which he offered his goods with big discounts. Users gave him 30 000 BTC as payment, then he has successfully fled. No bitcoins, no product users never saw. Some speculated that he might have been arrested, but most likely he just decided to have a “parachute” before retiring.

Damage in us dollars at the rate at the time of the incident: $146 944 / Attacker: Tony76

May 11, 2012-hacking of Bitcoinica exchange-18 547 BTC

Remember Zhou Tong? The teenager who opened the Bitcoinica exchange. 2 months after the Linode incident, Zhou Tong is back in the middle of the action. Bitcoinica's database was hacked on may 11, resulting in the theft of 18,547 BTC from her hot wallet. Bitcoinica has published a notice on its website. Again, a secretive investor LP agreed to take the costs. Some believe that there was a staging by the administration of the exchange, but this version has remained without evidence. No bitcoins were found.

Damage in us dollars at the rate at the time of the incident: $38 527 / suspected exchange employees

July 13, 2012-Bitcoinica Hacking-40 000 BTC and $40 000

The history of incidents of Bitcoinica exchange does not end there. She still has bitcoins, which, apparently, are stored in the account of the exchange Mt. Gox, created earlier by Zhou Tong. To July 13, Zhou Tong, probably, have ceased to engage in the exchange, and was supervised by Donald Norman, Patrick Stratman and Amir Taak.

On July 13, someone went to the account of Bitcoinica on The MT exchange. Gox and immediately withdrew the maximum possible amount-40 000 USD and 40 000 BTC or a third of the remaining assets of the exchange. Did the same hacker Rob Bitcoinica a third time? Amir Taaki released an official statement on Bitcointalk.org July 13th. No one knows who's behind the last attack. Amir, however, draws attention to the fact that a hacker already familiar to them could withdraw funds at any time after the hack on may 11, however, this happened only after the publication of the source code of Bitcoinica, which was posted in the public domain a few days before the last attack, that is, anyone can stand behind it (it is unlikely that it was a hacker who carried out the previous attack, because he would hardly wait so long). So, Bitcoinica has been hacked for the third time in months, which is at least suspicious. The crypto-currency community starts a "witch hunt" and does not skimp on accusations.

The situation is commented by several prominent figures of the crypto space. Ethereum Creator Vitalik Buterin suggested on July 17 that while the victims of Bitcoinica are talking about the likely organizer of the attack, behind the scenes, Bitcoinica business participants are also looking for the “extreme” who should have been responsible for improving security after the previous incident. Some point to Zhou, but Buterin does not share this opinion.
But on July 26 three bitcoin exchanges-Mt. Gox, Bitinstant, and AurumXchange provide new evidence that indicates that the attacker in the last episode is still Zhou Tong himself. Shortly after the break-in, $ 40,000 was transferred to the AurumXchange, which was subsequently withdrawn to the Bank account of... Zhou Tong. In addition, the email address that was used on AurumXChange and to register a Bitcoinica account on the Mt exchange coincided. Gox.

Zhou was not prepared for such a turn and began to defend himself in the same discussion, where he admitted that he had sent a personal transaction to a friend, but it had nothing to do with the missing money. The situation is getting complicated. In the same topic, he writes that it would be rather stupid on his part to carry out such an obvious fraud, given his close ties with the bitcoin community. There's something about that.

Soon after, Zhou reports that he had investigated his own connections and concluded that someone he knew might have had access to his password. Users suggested that Zhou could be lying, and the dollar transfer, because it is easy to track, could be used to divert eyes from the real attacker. Good theory. But Zhou had already confirmed that this transaction was “full”, sent by him for a friend. So it wasn't the intruder who sent it.

On July 26, Zhou created a new discussion at Bitcointalk, where he presented his point of view. He claims that the break-in was carried out by his multimillionaire friend from China and an Antiques collector named “Chen Jianhai”.

"Chen Jianhai is my former business partner. He is well versed in credit card fraud and, according to my observations, takes an active part in the life of black financial markets. He doesn't know much about technical issues, but he works with a lot of tech-savvy people every day. He heard about bitcoin from me last year during one of the random conversations. I haven't talked to him this year."
Recognized if Zzanga guilt?

"Surprisingly, Yes. At first, he unlocked, but completely changed the line of behavior when I told him that this is a crime of international scale, which involved the investigation of Internet users from around the world."

Where's the money?

"He is a multi-millionaire, lives with his family in China. I don't know how much of his income comes from illegal sources, but he has a genuine interest in antique collections and made a lot of money out of it. After I approached him, he didn't want to return the money. But when I told him that I would give the information to the police, he more or less agreed to return the money to the users of Bitcoinica, if the exchange refuses to prosecute (Bitcoinica has now refused) and I will not distribute his personal data.

At present, I am doing my best to assist the investigation, because this is the only way I can prove my innocence. However, the lack of response from Bitcoinica is indeed worrisome. I've gathered some data to assess what can be requested from Chen Jianhai:
USD: About $140 000 + $5 000, which are frozen at AurumXchange;
BTC: About 20,000 BTC."
It's a funny story, considering we're talking about $ 350,000 missing. An antique collector? How did he even get here? In any case, it must be borne in mind that at the time of writing this confession Zhou was only 17 years old and he has a rich imagination. He claims to have collaborated with a certain “antique collector” who agreed to return 20,000 BTC and $145,000 a few hours after the charges were filed. The facts are not in Zhou's favor, but what if he's not lying?
Discussion is quickly becoming very popular. Zhou receives the following answers:
Davout:"I Recommend you go to the police."
Vampire:"I Think the police already know about Zhou."
SomeoneWeird: "When did China get into this story?»
Greyhawk: "who can I buy the rights to this story from?»
Lanyu: "Zhou Tong, you're talking shit. I've been through a similar situation. I think you should get out with the money and live in Russia for a couple of years until the hype dies down."
The topic gained more than 50 pages of similar comments. What we have? According to Zhou's statement, he was able to magically knock out $145 000 + 20 000 BTC from a certain Chen Jianhai. It's July 28, and he continues to stick to this version. Meanwhile, Bitcoinica operators Donald, Amir and Patrick remain silent.

On July 28, Zhou writes that Bitcoinica continues to make payments in connection with the previous incident. Since the price of bitcoin has increased during this time, the amount of payments reached $700 000.

July 29, lenders ask Bitcoinica Zhou immediately transfer the assets it holds, known to the lawyer Patrick the Measure. Since the exchange Bitcoinica no one wants to represent, Patrick will be engaged in the distribution of funds in favor of their legitimate owners. At least something.

After a few hours, Zhou really sent a Measure of 15 000 BTC and said that he was resolving the issue with dollars. On this development stalled, as the participants in the process began to decide how the mysterious Chen Jianhai can legally pass Fiat Merc. At the same time Zhou arguing with the victims, who blame him for the organization of burglary.

On August 1, there is a message from a certain Tikhan Sila, one of the investors of Bitcoinica. He writes that Patrick, Amir and Donald refuse to be responsible for the exchange and will not communicate with the victims. They also do nothing to distribute assets in favor of the victims of the previous attack. Bitcoinica investors are going to declare the exchange bankrupt, which is not consistent with the interests of the affected users.

On August 3, Zhou publishes another statement in which he tries to justify himself.
On August 14, Patrick Merck announces on Bitcointalk that Zhou gave him over $100,000 and 20,000 BTC. Users begin to resent the fact that the resulting amount of $40 000 less than promised. Coincidence or not, that's how much Zhou “sent to a friend.” Why he promised $140 000, but transferred only $100 000?

After the liquidation of Bitcoinica, Zhou opened a new company called CoinJar. In this regard, he held a session of “questions and answers” on Reddit, but users of Bitcoinica did not forget what happened and began to demand from him to tell about his role in the fiasco of the exchange.

You'd think that would be the end of the story, but it's not. After 3 years on YouTube there was a video with the analysis of movement of the cryptocurrency assets stolen from Bitcoinica.

It turned out that some of the bitcoins were on Zhou's personal wallet. In addition, 80 BTC was transferred to no one "Theymos", aka Michael Marquardt, moderator Bitcointalk.org and Reddit. This is rather suspicious; there was probably some bribery going on, and Zhou still played a more significant role in the whole story. However, he was never brought to justice, despite the existence of very convincing evidence against him.

Damage in us dollars at the rate at the time of the incident: $315 133 / Suspect: Zhou Tong

July 31, 2012-Hacker created dollars from nothing on BTC-e — 4 500 BTC exchange

The BTC-e exchange was first discredited on July 31, 2012, when a hacker invaded its system and was able to Deposit an unlimited amount of dollars into its account. He used them to buy all the bitcoins available, while the sellers were left with nothing. As a result, the price of bitcoin on BTC-e temporarily rose from $8 to $45. The organizer of the attack later withdrew the received bitcoins.

User Bitcointalk under the nickname "Goxed" noticed an unusually high deviation of the bitcoin exchange rate on BTC-e and hurried to warn the others, suggesting that the exchange could be hacked. BTC-e reacted to these events and suspended all trading. Later, it reimbursed the losses of the affected traders.

Damage in us dollars at the rate at the time of the incident: $35 452 / Suspect unknown
August 17, 2012-Bitcoin Savings & Trust closes

It is known that the legendary Satoshi Nakamoto can have more than a million bitcoins, but his savings quietly lie on the wallets for many years without movement. In 2012, there was another legendary member of the bitcoin community, the user Bitcointalk under the nickname Pirateat40, who had at least half of the named amount.

Pirateat40 was the sole operator of the Bitcoin Savings & Trust Fund or BTCST. BTCST Fund was a classic pyramid scheme, which opened in November 2011 and offered investors daily payments of 1% of the Deposit. Pirateat40 quietly collected users from Bitcointalk until April 2012, until several people found it suspicious that it provided a total annual income of x37 from the Deposit. Obviously, Pirateat40 has treated its customers well up to this point, many of whom were amazed at the level of service.

In July 2012, user Vandroiy detailed why BTCST is a pyramid. This led to a split of the community into supporters and opponents of the scheme. At some point, the user organofcorti has offered to make a bet between Pirateat40 and Vandroiy. Both had to Deposit 5,000 BTC each to an escrow wallet, and if Pirateat40 had bankrupted BTCST by October 2013, all the money would have gone to Vandroiy. Otherwise, the Bank would have taken Pirateat40.

A few weeks later, on July 24, Pirateat40 offered Vandroiy to bet and promised to transfer 10,000 BTC to charity if He agreed. Vandroiy refused. The forums continued to fill the recommendations of concerned users, who urged investors to leave BTCST before it was too late.

On July 25, Pirateat40 reported that the withdrawal is delayed. On August 17, he makes a long-awaited announcement: BTCST is closing! The community is furious because Pirateat40 is supposedly left with more than 500,000 BTC in its hands. He promises to make payments within a week. Meanwhile, Vandroiy wins and gets his 10,000 BTC.

August 30 Vitalik Buterin published an article about the events. People, however, did not receive the payments due to them. What a surprise. On September 12, a Bitcointalk user wrote that he contacted Ted Shavers, the father of Trendon Shavers, also known as Pirateat40. On September 17, Pirateat40 said that anyone who tries to sue him, will not receive payment, and began to threaten lawyers. On September 24, the U.S. securities and exchange Commission (SEC) intervened; victims were asked to send complaints to the regulator. Almost a year later in July 2013, the SEC published a document in which it reported that Trendon Shavers was found guilty of organizing a financial pyramid. Shavers pleaded guilty in 2015, and in 2016 was sentenced to 18 months in prison.
Damage in us dollars at the rate at the time of the incident: $4,500,000 / Attacker: Trendon Shavers / amount of bitcoins appropriated: 193,319.