Restore coin security user information disclosure incident: hacker attack hacker?

According to coindesk today, the person who announced the KYC on the social network yesterday claimed that he did this in order to "cause the coin security to be a real behind-the-scenes", and he was a "white hat hacker" (White Hat Hacker). "" Since the 7,000 Bitcoin was stolen from the Mayan Exchange in May, he has been tracking the funds and found that the insiders of the money have been involved in the theft of the currency.

Event review: 7000 bitcoin stolen, customer information leaked

On May 8, 2019, the SEC hacker stole 7,000 bitcoins. Two days later, Chanan responded that it would make major adjustments to the API, 2FA (Google secondary verification) and the coin verification process, and also donated 1,000 YubiKeys to the user as compensation.

According to an article published today by coindesk, coindesk was contacted by a hacker named "Bnatov Platon" after the money was stolen, and has been in communication since July.

The article shows that Platon said that he has been tracking the stolen funds. He found that the hacker who steals the coin Bitcoin first accesses the user's account remotely through an API publicly disclosed by the insider, and then the hacker stores it. The user's API key, as well as private information such as email, passport, driver's license, etc., are placed in a folder.

Platon said that the customers involved in the hacker's stolen customer information were all opened in 2018-2019.

Then, Platon said that the hacker wrote a program that works by first buying a token called 'BlockMason Credit Protocol' and then converting those tokens into bitcoin.

There is also a copy of these files, Platon, of course, which he stole from hackers. The program written by hackers allows hackers to extract 0.002 bitcoins at a time. Through tracking, hackers have washed 2,000 bitcoins through Bitmex, Yobit, and Huobi, and exchanged $1 million in bitcoins per day.

Viktor Shpak, CTO of the blockchain development company VisibleMagic, also said: "This is very likely to be created by insiders to create a handler to access the user's API. Hackers can use this to access it. User data, then build a toolkit for processing."

In fact, Platon did confirm this. In addition, Platon also found that the stolen Bitcoin was stored in the Blockchain's wallet by the hacker, and the wallet was run on the exchange PIT that was launched on July 31.

Event tracking: 300 bitcoin is not required for the currency, public information

Coindesk's article shows that Platon contacted CGO Ted Lin of Coin's after discovering the hacker's whereabouts of the coin Bitcoin.

He said:

"I personally want to make Coin the world's first exchange to seize hackers, which will be extremely beneficial to the reputation of the currency. I told Ted Lin that I got inside information, including the details of this person, and The details of the outside world, and even the photos of this person. I also told him that I have detailed information about the hacker, including server information, their identity, their phone number, etc."

Later, Platon hopes to provide these valuable information to the currency, and then the money can provide him with a bonus. According to a public statement released yesterday by the company, Platon asked the currency to pay 300 bitcoins (about $30 million) as compensation for providing this information.

At first, Ted Lin also expressed his willingness to exchange bonuses for this information. But then Ted Lin said that "taking into account that you have already (disclosed some information to the media) caused losses, we will pay less for the information you provide."

The picture shows a screenshot of the two-person conversation revealed by the coindesk article.

Platon said that after about a month of negotiations, "the money is not paid for a penny." Then Platon threatens to disclose customer information.

According to the coindesk article, the threat became a reality on August 5th. He uploaded a KYC message containing 166 people and dumped a file with 500 photos to a file-sharing website called "guardian M". ".

Then, yesterday morning, Platon sent hundreds of personal photos with ID cards to a Telegram team, which caused an uproar.

Real motivation: "Warning people who trade in the currency"

Platon showed on Twitter the real motivation for revealing customer information:

"I want to warn those who trade on the currency."

At the same time he also explained that he is not for money:

"If I need money, I will not disclose the information, but will take it to the ground and sell it."

The picture shows the Platon tweet screenshot

In an interview with reporters, he also said that he is not interested in economic compensation:

“When I need money, I only need to crack a hacker's account and I can easily take out more than 600 or 700 bitcoins.”

However, from the conversation between Platon and Ted Lin revealed in the coindesk article, the meaning of “not for money” is exactly the opposite of what he said before.

The picture shows a screenshot of the two-person conversation revealed by the coindesk article.

Platon also replied to questions about his use of information for 300 bitcoins, but he did not respond directly, but said:

"For 10,000 images in exchange for 300 bitcoins? Coin should take a good look at how many (user's) photos will be uploaded to the Internet."

Source / 31QU organized from the network

Text / small shell