December 09, 2012 | Author: Mircea Popescu

This must be preserved for future generations.


13 June 2011 "Allinvain" announces the loss of ~25`000 BTC (all mined). The proximate cause would be the idiocy of Bitcoin-qt developers, who released about five versions of the thing before making the wallet encryptable. Consequently, for years, someone could lose all his coins simply by having one file read. Yes, they were that fucking stupid.

Total loss: 25k BTC (declared).


19 June 2011 - MtGoxi is hacked.

I have hacked into mtgox database. Got a huge number of logins password combos.
Mtgox has fixed the problem now. Too late, cause I've already got the data.

Will sell the database for the right price.
Send your offers to:
gfc06@hotmail.com

Amusingly, reports about the security such as it was having been breached were trickling in for weeks prior. Tis impossible to evaluate the actual loss with this one, but suffice it to observe that BTC was temporarily trading for 1 cent at the time.


26 July 2011 Bitomat.pl, mostly serving the Polish exchange market goes down because "human error".

On 26 July 2011 at about 11:00 PM, I noticed that bitcoin server was out of resources and I had to increase RAM. As a result of this operation, the virtual machine was deleted and all data lost, including bitcoin wallet and its backups.

I have established that data was lost because settings of the virtual machine were changed, although I didn’t change them myself. Amazon Web Services Company, which hosts our servers, says that the cleared machine has been set up to be irretrievably destroyed (including the data on the disks) at the shutdown.

I’m still trying to establish who has changed the settings and whether I will be able to recover the lost data. Unfortunately cooperation with Amazon Web Services is very difficult. As soon as I realized that my virtual machine was lost I have ordered AWS premium support, talked to the manager and asked for securing of the disk data. So far, without success.

Basically, the guy kept his wallet.dat in a ramdisk which went away.

Total loss : 17k BTC (declared). MtGox (under new-ish management) acquired the exchange for the value of the loss and made good to the customers.


Also in July 2011 Ubitex, one of the three scams then running on GLBSEii packed up and left. Yes, just like that.

Total loss : 1k BTC (estimated)


5 August 2011 Mybitcoin.comiii vanishes. A week later a mysterious Tom Williams announces that all ur BTC are belong to us.

On Friday of last week we noticed that one of our pooled holding servers was missing a large amount of Bitcoins. After a prompt investigation we realized that the security of our SCI (Shopping Cart Interface) system had been breached by an unknown attacker.

Our response was rash, but necessary. We simply switched the system off until we could have system-wide forensics performed. The forensics took some time, as the system is quite complex by nature.

After weighing all of our options, we have realized that we have no option but to go into receivership. We will settle all accounts with a online claim process that we are currently in the process of working out.

We will release more detailed information about the security breach, the claim process, and our balance sheet in the next few days.

Total loss : 100k BTC (estimated).


Oct 5th 2011 Bitcoin7iv announces

Dear User,
Please read carefully the following critical announcement.

On Oct 5th 2011 Bitcoin7.com became the victim of a number of pre-planned hacker attacks. While our investigation is still going, evidence reveals that the attacks originated from Russia and Eastern Europe.

The attack itself took action not only against the bitcoin7.com server but also against other websites and servers which were part of the same network. Eventually the hackers managed to breach into the network which subsequently lead to a major breach into the bitcoin7.com website.

As a result of the hacking, unknown individuals managed to gain full access to the site's main bitcoin depository/wallet and 2 of the 3 backup wallets.

In addition the hackers gained access to our user database.

Even though our faith in the bitcoin project and community remains as strong as it ever was, it is our responsibility to admit that the scale of the damage is far beyond our financial and physical capabilities.

This is why we have decided to cease the operation of bitcoin7.com and instead of investing in new technology and personnel that could possibly help us overcome this unfortunate situation, we decided that we'd rather gather all possible finances through all possible means and initiate a crisis plan for reimbursing the lost balances of our users.

This is also an open invitation to all interested investors which have interest in taking over the site at the only cost of recovering the stolen bitcoins.

The crisis plan will take action over the next 90 days. On behalf of the management of bitcoin7.com we want to apologize for this extremely stressful situation.

More specific updates will follow within the next 24 hours with detailed instructions about how to withdraw your funds.

It's not quite clear whether the hack was genuine or a set-up, hoping to cash in on the moral hazard brought about the bitomat.pl takeover.

Total loss : 10-15k BTC (estimated).


28 October 2011 Mt. Gox was mysteriously hacked, about 3`000 BTC of customer funds stolen in a couple dozen transactions. MtGox reimbursed customers so there is no loss.


Sometime in November 2011 another one of the three scams then running on GLBSE, this one under the guise of a mining farm (SkepsiDyne Integrated Node) finally decided to man up and take the "investor's" GPUs.

Total loss : 1k BTC (estimate)


18 January 2012 Yet another one of the scams then running on GLBSEv (this one under the guise of some sort of investment fund family, LIF.A, LIF.B, LIF.C, LIF.X) also packed. Selected quotes :

Quote from: Peter Lambert on January 18, 2012, 01:23:56 AM
For personal reasons, I have decided to get out of the bitcoin business. I have put up orders to buy back the outstanding shares of the LIF assets.

Unfortunately, my trading strategy seems to have been flawed, we lost a bunch of money.

Quote from: Nefario on January 28, 2012, 03:54:19 PM
I would like to thank Peter for fulfilling his obligations while winding up his company. I think he was a valuable part of the GLBSE community.

Quote from: teek on January 28, 2012, 03:54:19 PM
He didn't really fulfil much, he just paid a dividend equal to the amount he was offering for his shares. Which is roughly 15% of what they were the day before he made the announcement, a number alot of us were refusing to take.

Quote from: 2weiX
fucking shit.
NOT A SINGLE ONE of my investents on GLBSE is in the green.

Total loss : 2k BTC (estimated)


In February 2012 it was discovered that Andrew Nollan aka shakaru had been running a confidence/loan scam, borrowing large amounts from multiple people who didn't know about each other.

Total loss : 10k BTC (estimated)


Also sometime in February 2012 about 3`000 BTC of missing funds in Bitcoinicavi came to light. The entire thing was pretty hush-hush.

Total loss : 3k BTC (estimated)


2 March 2012 Linodevii was hacked (most likely an insider job, possibly just loose admin security policies) resulting in losses for two major BTC operations, Bitcoinica and Slush's pool (bitcoin.cz). This is the reason pretty much nobody should consider hosting with Linode.

Total loss : 47k BTC (declared)


7 March 2012 Tradehill, at the time the second largest Bitcoin exchange closes down, claiming Dwolla stole its customer funds and threatens to sue. Dwolla demures, suit goes nowhere. Jared Kenna makes secret payments to select users. Partners with Jonathan Ryan Owens (see above) creating 20 Moves, which somehow magically has the capital to start real estate development in San Francisco.

Total loss : 200k BTC (estimateviii)


11 April 2012 Betco.inix

server was hacked brutally. this time - not by stupid site bug, but something else. still looking.

it would be fine, since I never keep all coins on server, but hacker was able somehow to hack into my laptop and desktop through vpn i have between my home and server and wiped all wallets i had in there.. have no clue how it was done yet. all machines uses different passwords and different ubuntu distro versions.

still investigating. all money went there - http://blockexplorer.com/address/1L4kz6BA8mzi8KLV9VQ2pYcW8QQFVihWLg almost in the same time.

this was quite sophisticated attack i must say..

Doesn't seem that sophisticated by comparison, but anyway.

Total loss: 2.9k BTC (declared).


20 April 2012 Buyers on silkroadx were taken by one Tony for a good chunk of change.

Total loss: 20k BTC (declared).


12 May 2012 Bitcoinica in the news yet again, with yet another "hack" if it's what it was. Supposedly an insecure email address (being used for a mailing list) was escalating into somehow getting Bitcoins.

Total loss: 18k BTC (declared).


4 July 2012 Paul Mumby/Bitcoin Sindicate absconds with 2k BTC of GLBSE user funds. Or otherwise,

- I slept until noon, and when I woke up I was still not feeling well, so I went and checked my email.
- In my email I discovered that On July 4th 2012, at 14:34:19 GMT (10:34am EDT my local time) there was a withdraw from my mtgox account.
- I checked and an IP address 130.83.54.115 Initiated a withdraw from my account at this time.
- Someone had gained access to my account illegally, they sold off the USD for bitcoin, and withdrew the bitcoin while I slept.

Total loss: 2k BTC (declared).


13 July 2012 Yet another dubious Bitcoinica "hack" which might have been theft etc. Basically, Amir Taakixi "open sourced" proprietary code he sort of acquired or otherwise stole from Bitcoinica, which included a password which happens to have been reused on a high value email which could be leveraged and was leveraged to empty the hot wallet.

Amusingly enough, the stolen funds were identified on AurumExchange, in the accountxii of none other than "Zhou Tong", the purported 14 year old original author of the codebase & administrator of the site.

His explanation ? He was framed! He was framed by none other than Chinese millionaire/relic hunter Chen Jianhai, who (the story goes) admitted to this even, in a heartfelt face to face, when told to his suprise that "this is a matter of international intrigue" (and world diplomacy)xiii. And then paid the sum back. Yes, you have it right : the story is that the admin turned thief did not steal, but was framed by a millionaire who then disgorged his haul when told that "international".

Total loss : 45k BTC (declared).


31 July 2012 BTC-Exiv had its 16 character long secret API key broken. BTC-E declared about 4.5k BTC lost but covered for customers with their own funds.


16 August 2012 : A bunch of either scammers or idiots (sorted from the likeliest scammer to the likeliest idiot : Jonathan Ryan Owens, Alberto Armandi, Meni Rosenfeld, Matthew Neal Wright, Ben Malec, James McCarthy, Ludvig Öberg) created a number of supposed services/companies/GLBSE assets (sorted from most to least amusing, Bitdaytrade, Bitscalper, ZIP.A, Bitcoin Rebate, BDT, kronos.io). These failed in such a way that someone else from the remainder is to blame for it no matter how you select a subgroup of people/projects that doesn't include everyone and everything.

Total loss : 25k BTC (estimated).


18 August 2012 Bitcoin Savings and Trust, the largest ponzi in Bitcoin history finally croaked.

Total loss: 500k BTC (estimate, upper ceiling).


4 September 2012 Bitfloorxv found out it was storing an unencrypted wallet (see first item in this list) on a server.

Total loss : 24k BTC (declared).


6 September 2012 Independent miner and premier Bitcoin Savings and Trust supporter Hash King closes up shop. Scammer tag issued on the forum against his vague promise to repay BTC owed over three years if investors agree to 70% haircut.

Total loss: 100k BTC (estimate, upper ceiling).


9 September 2012 Matthew Neal Wright (mentioned above) had been offering interested parties bets on whether the Bitcoin Savings and Trust will fail or not. Numerous people took the bet, MNW failed to pay out when the collapse of that Ponzi scheme became fact. Consequently scammertagged in the forum.xvi

Total loss : 50k BTC (estimate)


11 September 2012 Ben Malecxvii announces his default in the funniest terms : he got out of pirate before it sunk which explains why it sinks him, he's going to make it right but please don't ask questions, he's got guns and something else. Literally :

I am defaulting on my BDK.BND debt. Beyond this, I will no longer be honoring the contract in the form I originally laid out. I previously intended to empty my non-legal wife's (we personally consider ourselves married, but legally, we are individual and thus have rights we'd otherwise forfeit) 401(k). I obviously did not want to do this, but it became clear it was necessary as I was looking at $200-250/wk interest on this single debt while having been financially raped by loans to various members of the community (No, Pirate is not the primary cause of my distress. Please don't turn this into some Pirate discussion.). After weeks of tha stress, on top of previous stress... heated arguments... -- this is no longer an option. I do not think her response to my actions is unreasonable (she's already effectively lost tens of thousands due to my actions), but this clearly affects my ability to repay within what I'd consider a reasonable time-frame. I currently have a negative net worth excluding my residence which would be protected under a personal bankruptcy filing which I will not pursue unless a suit is formally filed against me. I'd advise against taking action on potential cynicism, and suggest you give me at least a couple months to confirm I am indeed making a decent effort toward repaying what I owe.

I am unable to pay interest on my current BDK.BND debt. It's impossible for me to keep up with that, living expenses, and interest on other debts which are small enough where I can close them - and I apologize, in a sense, for the unfairness of how this is being handled. BDK.BND-holders, who I've always wanted most protected from risk, are now getting the shaft. I cannot subject my wife to more loss, and will be forcing BDK.BND holders to suffer as a result of my unwillingness to liquidate my residence. I apologize for the trust I've violated, the business mismanagement, and this default as a result. If I were unable to compartmentalize, I would be unable to write this. I am truly and deeply sorry. I also apologize for not having the emotional fortitude to prevent what I'm also about to announce: I will not be communicating much, if at all. I will likely not read anything written in this thread beyond this post for months. I just can't handle it when there are many things I need to do to get the situation in order. I will not be responding to phone calls, Skype messages, nor responding to emails. I will not be clarifying what I've written, and will not be responding to questions. I just can't right now, and understand how bad that looks and is. Again, I apologize. I will post an impersonal message each time I make a dividend payment.

All BTC I currently own will go toward BDK.BND payments. These will come in the form of irregular, unannounced dividends -- there will no longer be .001BTC/bond dividends each week. I will never buy BDK.BND back, and that section of the contract can be considered practically void. I can do nothing but assure everyone that I have no intent to make any purchases of BDK.BND units, and will allow them to trade freely on GLBSE as people value them given I have absolutely no information on when, and in what amount, these bonds will be repaid. However, I promise I will repay the debt as it stands, as I'm able. So long as GLBSE is active, I am alive, and earning income, I will continue to make dividend payments on BDK.BND units as a gesture of goodwill (and appreciation for not suing me into bankruptcy) beyond the .101BTC "hard debt" I currently consider as existing. Basically - I will be making larger, more rapid payments until dividends beyond this date reach .101BTC/bond. After that time, I will continue paying irregular dividends in a way which is appropriate for the gratitude I owe, and possible for the amount I need to live. I am unable to provide a repayment schedule or dividend schedule. Essentially - I'm giving what I can without forcing an unreasonable amount of loss (beyond what I've currently caused) onto my non-legal wife, and I naively hope everyone trusts me to be doing exactly what I'm saying I will. I'll provide instructions in my will to give an update (with death certificate) on this forum in the event of my death. Though things have been pretty poo poo lately, I am not at all suicidal -- just gave the info in that last sentence as an FYI.

-Ben

(Additionally... Someone may remember I recently posted assets/liabilities on my side. This included many of my non-legal wife's assets. The CU/bank assets have been largely emptied to repay CD-holders and my mother, who fronted us money to purchase this house [I've since defaulted on that loan, too, after a partial repayment so I could repay CD-holders]. There is still one outstanding CD-holder who has been excessively generous in providing me time to repay.)

(Many individuals have my home address [NOT the Spring Arbor address. That is a family member's house. DO NOT release that address.]. I would prefer my home address not be released publicly, but would also not consider public release of that information unwarranted. If you are coming for a visit, I would like at least a voice message a day or two prior. Harm toward family's off-limits, and I would physically object to bodily harm which may result in my stay in a hospital, as that'd further impede repayment. I am armed, so please keep ideas of physical violence in check.)

Lengthy read but quite worth it as an illustration of the intellectual capacity of the average drama source.

Total loss : 30k BTC (estimated).


11 September 2012 nckrazzexviii went under. Pirate exposure. Scammer tag in forum. Some funny quotes :

Quote from: nckrazze on May 15, 2012, 09:41:24 PM
Though I have a great deal of personal savings that are invested with pirate, none of the coins deposited to NCKRAZZE's Deposits were used to deposit into BTCST.

Quote from: nckrazze on September 10, 2012, 04:26:43 AM
Mostly due to bad planning on my part as well as a large flow of coins at once and the rising difficulty rate, I was unable to continue my mining project and ended up liquidating most of it. Around July 18th, I had completely liquidated all of the mining hardware that belonged to the Deposits Service. I kept a bit over 2000$ worth of hardware for myself (which were my personal assets), to continue generating coins with. My funds remained dormant until August 6th, when I decided that the magnitude of the payouts was too great for the coins to be sitting around for. For this reason, I chose to place all the funds with pirate and continue to payout weekly interest until terms were over. As terms ended, I would not offer term renewals, and would return all of the coins to the depositors.

Total loss : 5k BTC (estimate).


Mid September 2012 it came out that then-CEO of Butterfly Labsxix, one Sonny Vleisides had in fact been convicted of fraud.

The BFL board was reshuffled quietly and the matter is presently being ignored to the best of everyone's ability. Consequently, there's no loss to associate with this item as of yet. The previous scam which resulted in the fraud conviction did cost the general public 19 million USD.


17 September 2012 Mybitcointrade.comxx operated anonymously went away.

Total loss : 2k BTC.


Somewhat later, OBSI.*xxi went away.

Total loss : 3k BTC.


28 September 2012 Oliver Richman, aka Serena, Usagi & al had been operating a number of various assets (NYAN.A, .B, .C purporting to be some sort of bonds ; CPA purporting to be some sort of insurer ; BMF purporting to be some sort of mining thing). Appaling accounting practices, cross-deals and inter-asset gifts in disregard of shareholder's rights, solidly reinforced by completely insane business moves (buying things known to be worthless for singificant premiums etc) pretty much ensured a complete loss for investors.

The holder proceeded to have a complete mental meltdown in the forum (posts since deleted), declared famously that milk is a scammer, possibly made some efforts to repay his investors out of selling his guitar and in any event was conveniently rescued by the collapse of GLBSE and ensuing drama the next week.

Total loss : 1k BTC (estimated).

Late September 2012 Patrick McFarland aka DiabloD3xxii came up with the idea of a "million BTC company" sometime in April. This was going to be some sort of mining venture then modified to datacenter then eventually further modified to include electricity generation and other lines.

The subsequent GLBSE ipo yielded roughly 10k BTC for 10k shares. Unable to complete the original plan McFarland devised his own system for valuating miner bonds and proceeded to trade on the open market according to it, impervious to warnings that both his system was broken and that in any event his implementation is defective.

Once he unavoidably ran out of cash he proceeded to issue more shares, deeply diluting existing shareholders (new shares were issued for values at times below even 1% of what early investors had paid). Eventually GLBSE took control of the asset and forced a motion. At the time GLBSE management was acting in such an inept and erratic manner however (delisting spontaneously some other asset) that McFarland was returned as CEO. The audit promised by GLBSE never materialised and in any event the implosion of GLBSE a few weeks later sealed the deal.

Total loss : 10k 2kxxiii BTC (estimate).


6 October 2012 GLBSE is abrubptly closed, apparently by James McCarthy acting against the orders of shareholders. About three dozen assets worth in total maybe 30k BTC find themselves suspended in limbo. Another ~5k of user funds is thus frozen. Later McCarthy issues most of the customer funds and partial lists of beneficial owners for most assets, in such a way that the data can't actually be trusted or used safely (plaintext over email).

Total loss : 10k BTC (estimated).


14 October 2012 Clipsexxiv defaulted on its promises to miners (seems to be BST related).

Total loss : 2k BTC (estimated).


2 November 2012 : Consequent of his default to the MPCD seriesxxv, my PR asks for and a couple weeks later receives a scammer tag in the forum for Patrick Harnett, who had been operating a purported ratings agency, was one of the backers of GLBSe listings of Bitcoin Savings and Trust toxic paper and ran yet another Bitcoin "bank".

Total loss : 25k BTC (estimated)


8 December 2012 Bitcoin Magazine, a scam in itself (having produced a total of 4 issues in about two years, many of which of appalingly poor quality and content) originally announces selling itself to a consortium of Bitcoin corps including BFL (see above) and 20 Mission (the Kenna-Owens partership mentioned above). One shareholder and ex manager (Vladimir Marchenko) claims the current manager (Mihai Alisie) stole the company. Mihai Alisie responds by claiming Vladimir Marchenko stole from the company, and also failed to steal ~65k USD from a third party which could have been stolen in his estimation.

Total loss : 3k BTC (estimated)


And that pretty much brings us up to date! Quite the ride, isn't it.

For the actuarially inclined, the total losses to theft, fraud and stupidity plus anything in between amount to 1.296 million BTC. That comes to about 75k BTC monthly average for the ~18 months we've discussed.

Considering an average monetary mass of 7mn BTC for the interval, the aggregate of theft, fraud and stupidity registers as about 18%. Considering fiat monetary mass is somewhere on the order of magnitude of 5 trillion USD, proportionally the same levels of loss would come to about 900 billion total or roughly 50 billion a month. Shockingly enough, this figure is not quite that far off the mark (provided we discount government actions from the "stupidity" label).

Finally, here's a nice little monthly graph :

btc-scams-graph

Should we be expecting something like 1 mn BTC default in about a couple of months ?

Later Edit (as suggested by Reddit) :

The only really amazing thing to me is that we haven't seen this entry on the list:

"Shady ROMANIAN character opens up unregistered bitcoin options exchange (complete with HTML from 1993) on his personal website (which also hosts porn) and charges exorbitant fees just to join, while constantly accusing pretty much everyone else in the bitcoin community of being a scammer, and, along with his (possibly virtual) -PR lackey, acts like a loudmouthed douchebag ... but apperantly scams no one." (yet?)

Thank you Mircea for your services to the bitcoin community and for apparently being an honest and trustworthy entrepreneurial businessman. (Making you perhaps the only honest and trustworthy Romanian I know.)

Moral of the story? It can be hard to judge people.

———
  1. Ex pokemon-trading website turned into BTC exchange. Not worth as much as MPEx. []
  2. The Global Scam Exchange, owned and operated by a collection of Bitcoin's funniest []
  3. Probably the first web wallet []
  4. An exchange I never heard of. []
  5. The third one of the triplet above (dishwara) went rogue at some point in this interval creating much drama in the forum, but having never taken in sufficient money to be worth the mention it quietly joins irrelevant scammer-wannabe's a la ciuciu etc. []
  6. MPOE and Bitcoinica were born the same week, in that order. MPOE traded options, Bitcoinica was a sort of forex-y bucket shop. []
  7. A VPS provider []
  8. Note this is disputed and may well be as low as 25k BTC. []
  9. BTC poker site. []
  10. Tor-based pill swapping/trading site. []
  11. From his vanity page :

    Amir Taaki was born 6 February 1988 in London, the eldest of three children of a Scottish-English mother and an Iranian father. From an early age Taaki took an interest in computer technology, teaching himself computer programming. After briefly attending several British universities, Taaki gravitated to the free software movement. Taaki assisted in the creation of SDL Collide, an extension of Simple DirectMedia Layer, an open source library used by video game developers. In 2006, Taaki became heavily involved in Crystal Space development under the pseudonym of genjix. He also developed a number of video games making use of free software, including the adventure game Crystal Core and the futuristic racer game Ecksdee. Taaki was also a participant in the Blender project Yo Frankie!. His experience with online gambling attracted him to the Bitcoin project. He founded a UK Bitcoin exchange called "Britcoin", which was succeeded in 2011 by a new British exchange called Intersango, in which he is a principal. In April 2011, Taaki and Donald Norman established the Bitcoin Consultancy, a group focused on bitcoin project development.

    []

  12. Same email as one used to open a known MtGox account, which makes identification pretty certain - are you starting to see a pattern here by the way ? []
  13. This may sound like I'm making it up just to paraphrase Seinfeld. I am not. []
  14. Exchange. []
  15. Yet another exchange. []
  16. It has been perhaps rightly argued that this entry doesn't belong here on the grounds that unlike all others, MNW accepted no coins from others, merely made stupid promises. []
  17. Famous for, in the words of Something Awful,

    So let me get this straight... The guy basically robbed his girlfriend of tens of thousands of dollars and defaulted on a mortgage after using the money his mother gave him... on imaginary internet money?

    or otherwise for being an unemployable jerkoff with delusions of self importance. []

  18. Yet another forum "bank". []
  19. Famous for having taken pre-orders months in advance for delivering FPGAs, then missing the delivery date by about four months and delivering chips that were significantly below the original quoted specs but getting away with it because at least they delivered something, which did work for its intended purporse - a rare sight in BTC land. Famous for having taken even more pre-orders even more months in advance for delivering ASICs, then missing the delivery date by two months and counting. []
  20. Apparently some sort of HYIP flavour. []
  21. A scammy/HYIP-y GLBSE asset run anonymously []
  22. Known for having written the first java miner for Bitcoin []
  23. Even if the original plan was to sell one million shares for one BTC each, it'd seem even 1% is too high an estimate of the sharecount actually sold. []
  24. Mining pool []
  25. 500 BTC principal, for the curious []
Category : Bitcoin  | 38 responses.