Is Bitcoin Mining Figure Joshua Zipkin Responsible for the Bitcointalk Hack?

Journalist:
May 25, 2015

What follows is what you might call educated speculation. What we do know is that there are a lot of people, especially in the mining business, who’d have an interest in seeing the premiere Bitcoin forum, Bitcointalk, bite the dust.

Bitcointalk is a haven for free speech regarding Bitcoin and issues surrounding it. Support for figures like Ross Ulbricht and criticism of scam artists like Josh Garza are not uncommon within its pages. It is decidedly an arbiter of taste for the Bitcoin community, and to this day the number one place to make complaints. Recently it was issued a subpoena for matters surrounding the Butterfly Labs scandal, and it complied in the most limited way possible.

While the Reddit community also serves a segment, posts do not live forever on Reddit, with most people never getting past the first page. Reddit and Simple Machines Forum are fundamentally different platforms, something that was very intentional on the part of the designers of Reddit. Therefore the two have managed to co-exist in harmony, with links from the Bitcoin subreddit being posted occasionally to the Bitcointalk forum and vice versa.

Zipkin Implicated

Last August, CCN writer Rick Mac Gillis reported on a tip CCN received from part-time security researcher Tony Serrata about the doings of Joshua Zipkin, CEO of once-relevant AMT Miners. Serrata provided us with evidence then, and more recently, of Zipkin attempting to hire him to hack Bitcointalk. Serrata says of his involvement with Advanced Mining Technology, Inc.:

Based on what I was seeing happen with AMT and also various mining companies with massive delays and stalling tactics, I wanted to pitch in to see what I could do to speed up the delivery of miners to not just myself but for all of us AMT customers waiting. I have the skills to pitch in. I just volunteered my time to assist in this effort. In the end it was just more games from Joshua Zipkin of AMT to run off with everyone’s money. My goal was just to get us all our stuff, nothing more.

[…] Zipkin kept playing stall tactics and, in the end, shipped everyone broken miners. Anyone who got something, got it broken. […] I got two miners that were basically useless. $11,000 for 2TH/s that didn’t even work. […] He went to Dragon Miner and had them ship people more broken miners. […] So anyone who got replacements got defective miners that did not hash as advertised. Not even close.

[…] This is actually what fueled all the talk on Bitcointalk, and is why Zipkin wanted Bitcointalk to disappear, and tried to hire me to make that happen.

The Evidence

The following is some of the Skype transcript provided to CCN. The user “Opeium2” is Serrata, whereas “Joshua” is Joshua Zipkin.

[6/9/2014 8:36:34 PM] Joshua: eventually we’ll hack the forum completely
[6/9/2014 8:36:42 PM] Joshua: its a mission. :)
[6/9/2014 8:36:44 PM] Opeium2: Probably better to build something better

[…] [6/9/2014 8:37:29 PM] Opeium2: Build the site and draw in respected vendors FIRST
[6/9/2014 8:37:32 PM] Joshua: and then take the forum down and pay the $1200 a month for the
dedicated forum moderator to do it right
[6/9/2014 8:37:44 PM] Opeium2: I already have a plan for it.

[…] [6/9/2014 8:45:40 PM] Joshua: its effects life.. like I walked into wellsfargo the other day, because several clients bitched to TD and they closed our account, and the wells fargo rep went through the whole application and bla bla and everything was fine. right before i left he was like “i just did a google search and.. well we dont associate with crypto currency related companies.. etc”

[6/13/2014 11:19:39 PM] Joshua: Opeium2 ill give you 5k to hack bct
[6/13/2014 11:20:10 PM] Opeium2: lol nah. Not my bag. Seriously not even worth the time or
effort.
[6/13/2014 11:20:25 PM] Opeium2: It wont do any good
[6/13/2014 11:20:29 PM] Joshua: omg it will
[6/13/2014 11:20:38 PM] Joshua: that place is just trash

1 / 4 (click to enlarge)
2 / 4 (click to enlarge)
3 / 4 (click to enlarge)
4 / 4 (click to enlarge)

Clear Intent

It is clear from this transcript that “it’s a mission,” a top priority, of Joshua Zipkin to eliminate Bitcointalk from the Internet. He is not the first mining magnate to feel this way, but perhaps the first to express such clear, obvious intentions of violating the Computer Fraud and Abuse Act. Josh Garza had similar feelings, and invested significant sums of money into paying people to speak well of GAW miners on Bitcointalk. However, Garza had the decency to found his own forum, HashTalk.

All of the elements of a serious crime are here apparent: means (while Serrata is a “white hat” who will not engage in unethical hacking, there are many more out there who would take BCT down for money), motive (bad PR was having an effect on Zipkin’s life), and opportunity (Bitcointalk is currently hosted by a third-party, who was tricked into giving the attacker access.)

This last part is the most cunning. There was no high-level hacking going on, no brute force attack the administrators could have detected. The attack that was so coveted by Joshua Zipkin and others over the years (Bitcointalk was founded in 2011) was executed with the oldest, hardest-to-fix hack in the book: social engineering. In the words of Michael Marquardt, also known to Bitcointalk users as Theymos:

The forum’s ISP NFOrce managed to get tricked into giving an attacker access to the server […] you should act as though your password hashes, PMs, emails, etc. were compromised. The forum will probably be down for 36-60 hours for analysis and reinstall.

There are other suspects, surely. Butterfly Labs came to many people’s minds, with one Reddit user saying, in response to this Bitcoin subreddit post:

In order to get paid from Sonny Vleisides, Josh Zerlan and Jeff Ownby this scumbag attacks the forum.

At present, Bitcointalk has given no indication of who it suspects of having compromised its server. Most likely it is more concerned with getting it back online, securely. Hopefully the long-awaited replacement to Simple Machines Forum, epochtalk, will eliminate the possibility of such a hack happening again. Although, even if you had an impenetrable database, this attack could be repeated with another social engineering attack. Thus, it seems that not only will Bitcointalk in the future have to use its own, custom-built forum software, but also its own servers.

The author was unable to reach Joshua Zipkin for comment in time for this article.

Additionally, AMTMiners.com is presently resolving to a GoDaddy squatting page, indicating the company has either not paid for hosting or done anything with its domain recently. An archived version was available, though.

Last modified (UTC): May 25, 2015 19:46

P. H. Madore @bitillionaire

P. H. Madore has written for CCN since 2014. Please send breaking news tips or requests for investigation to bitillionaire+phm@gmail.com. He lives in Maine, USA. A single father of four young children, he does not discourage financial donations, provided they do not come with strings attached.