
How I snatched 153k Ether after a bad Tinder date - nerform
https://medium.com/@rtaylor30/how-i-snatched-your-153-037-eth-after-a-bad-tinder-date-d1d84422a50b
======
outsidetheparty
The "bad Tinder date" is completely irrelevant to the story, and is dispensed
with after the first paragraph -- but it's oddly effective clickbait; I think
this technique should be used more often:

* Apple releases iPhone X, after a bad Tinder date * Jamie Dimon Slams Bitcoin as a ‘Fraud’ after a bad Tinder date * Turkey Signs Russian Missile Deal, Pivoting From NATO after a bad Tinder date * Structure and Interpretation of Computer Programs, after a bad Tinder date

See? It works every time

~~~
maddyboo
Considering the fact that this was published under a pseudonym (as mentioned
by another comment), I wonder if the Tinder details were a bit of
misdirection.

This person purportedly stole ~41 million dollars from a number of parties.
Who knows who those people were? They could be some bad people, they could owe
money to some bad people, or they might be angered enough to become bad
people. That's not to mention the fact that law enforcement would likely be
interested in this. Or maybe some thugs might like to just beat them up until
they squeal?

Assuming the author is truly the thief, I wonder how many of the details
intermingled with their story are false.

Imagine you're the thief. You just stole $41MM. Now what?

You know _someone_ is gonna wonder where their money went - likely multiple
people. The blockchain is a public ledger. The victims are going to hire
people with expertise just like the author claimed to have in order to try
following the ETH as it is mixed and laundered. That's a lot of money to
launder successfully without making a single mistake. And I'd imagine a lot of
people will be watching.

However, the author surely knows all of this. So why write a blog post with so
much helpful information? Assuming all of it is true, we could easily deduce:

\---

> tinder user, went on a date w/ a creepy guy: author is likely either a
> straight female, or bi/gay male, single

> bastille day celebrations outside: lives in france

>has two living parents who own a house, has an older brother who does not
have a car, has a sister who is going/went to college

>has loans, does not own a house

\---

That's a lot of information, and isn't even all of it. Why just hand it out,
knowing you're likely a big target on a few people's radar?

~~~
Cthulhu_
> ~41 million dollars

Please don't use this term, use the actual stolen property, 153k Ether, whose
value will fluctuate daily (it gained and lost €100 in value in the past
month, which would make your estimate inaccurate with about €15 million).

------
jaclaz
Just for the record "Mitch Brenner" is the name of a character in the Alfred
Hitchcock's "The Birds", and the photo in the profile is of the australain
actor that played it, Rod Taylor.

[https://en.wikipedia.org/wiki/The_Birds_(film)](https://en.wikipedia.org/wiki/The_Birds_\(film\))

[https://en.wikipedia.org/wiki/Rod_Taylor](https://en.wikipedia.org/wiki/Rod_Taylor)

~~~
mannykannot
Do you think there is any significance to this choice of pseudonym (unless the
author's name is Mitch Brenner or Rod Taylor?) I cannot think of one, but I
don't know the film well.

Under 'Reception and Interpretation', the film's wikipedia entry says

"Humanities scholar Camille Paglia wrote a monograph about the film for the
BFI Film Classics series. She interprets it as an ode to the many facets of
female sexuality and, by extension, nature itself. She notes that women play
pivotal roles in it. Mitch is defined by his relationships with his mother,
sister, and ex-lover – a careful balance which is disrupted by his attraction
to the beautiful Melanie."

which isn't leading me anywhere (other than to think this analysis tells more
about Ms. Paglia's interests than the movie.)

[https://en.wikipedia.org/wiki/The_Birds_(film)#Reception_and...](https://en.wikipedia.org/wiki/The_Birds_\(film\)#Reception_and_interpretation)

~~~
jaclaz
>Do you think there is any significance to this choice of pseudonym

No idea.

Though I can say that often enough critics see in a work of art (be it a book,
a painting, a music or a movie) even more than what the Author actually meant.

The only thing that strikes me is that - though a classic - it is not among
the most reknown ones from Hitchcock among the "new generations", most
probably if you ask anyone younger than - say - forty the only Hitchcock's
film he/she will remember will be probably Psycho.

So, assuming that the author of the medium post is not that age or over it
(and according to the "if I can get enough money for a nice early 20s
retirement out of this" it should mean that the post author is twenty
something), it is a "strange" choice, contradicting - possibly on purpose -
other anecdata sparsed here and there (without any apparent reason), such as
the use of Tinder, the reference to Bastille Day fireworks, the notion that
253 ETH are roughly "half a year salary", and possibly a few more that I
overlooked and that seem "not needed" in the context.

The image conveyed is that of a single twentysomething (if male possibly gay,
since the reference of Tinder is to a "he" that turned our as a creep and
later there is a "I am not a rich guy") LEO (or however belonging to a
security related organization) IT specialist (specifically working on
monitoring coin exchanges of dubious nature), living in France (or however a
place where the 14th July is celebrated with fireworks) and with a yearly wage
around 120-140K US$, with a family composed of father and mother, an older
brother and a younger sister, that had a work trip on monday 17 July 2017.

IMHO (and as other people already noticed) "too good to be true" or "too many
data points" for someone that wishes to remain anonymous.

------
albertgoeswoof
This is a retelling of the Parity Multi-Sig Wallet hack, from the hackers
perspective:

[https://blog.zeppelin.solutions/on-the-parity-wallet-
multisi...](https://blog.zeppelin.solutions/on-the-parity-wallet-multisig-
hack-405a8c12e8f7)

We're talking about 40mn USD here so I doubt that this account was written by
the original hacker.

------
spuz
I think the key to understanding this article is this:

> But Mitch, isn’t this wrong? No.

Let's suppose the hacker really did feel no remorse for stealing 153k Ether
then it seems they might not feel it necessary to keep their identity hidden.
They might also feel proud enough that they feel it is worth the risk to
publicly disclose their actions. Given that, it seems that perhaps some of
what the author wrote might actually be true.

Despite that it seems that there is more than enough information here to
identify them. There is only one country that celebrates Bastille day, they
are apparently interested in men so either a gay/bi male or a straight female,
they work for a security research company, they have excellent command of
English, they are in their early 20s, they apparently have a fast and loose
attitude. It seems those criteria would narrow down to only a handful of
people.

~~~
JetSetWilly
Presumably whoever did it is a clever person. If I were in that position, I
think it would be a fairly obvious step to season the article with subtle
misdirections that send people on a wild goose chase. In fact it would be
quite fun to do. So I wouldn't take the "information" in the article at face
value at all.

~~~
prklmn
I don't think being clever with code necessarily equates to having common
sense. If he had common sense, he would have went on his merry way without
bragging on the internet...

~~~
C4stor
You possibly vastly underestimate how important it is for people commiting
"perfect" crimes to tell the world it was them. There's a lot of stories about
forgers including subtle clues in their forgeries to be able to claim their
"art" and prove they duped people.

~~~
keerthiko
This. This is also essentially the premise for (the original) Death Note
(except a God complex rather than proving they pulled a fast one).

------
module0000
This isn't a real story, it's sensationalized fiction loosely based on
reality. I wish they would put it in huge letters at the top of the story so
you know that going in.

~~~
mannykannot
Then I would like a spoiler alert before that statement.

------
farresito
Are you really untraceable if you switch from ETH to BTC and then to dollars
or euros? I don't really know how Ethereum works, but if every transaction is
recorded, whichever exchange he used would have the origin ETH and destination
BTC wallets and whichever bank account it's going to, wouldn't it? I would
appreciate some insight on that.

~~~
6127qz17
And also what happen when your dollar or euro bank account takes +30 millions
in few days ? Do banks have alerts when someone's account activity is unsual
compare to historic usage ?

~~~
the_stc
Your account will almost certainly be frozen until you show up and convince
the bank you're not a money launderer. Given the complexity of AML laws, you
probably actually are at that point. And therefore the conversation with the
bank might not go in your favor.

------
maxehmookau
The real kicker here is the tip jar at the end of the article.

------
insomniacity
So, is this an admission? Or a theoretical? Or only part of the story?

Is the writer using a pseudonym?

~~~
pygy_
I agree this reads like fiction, and it would be idiotic to admit it.

If real, the people he stole from may be even less ethical than he is (and
they must have noticed the ETH were gone, and at what time). This could paint
him as a murder target, a position I wouldn't want to be in...

~~~
celticninja
except it is possibly a grey area, the contracts are written such that
extracting the money is only possible if you fulfill the contract, if you find
a loophole and fullfill the contract and take the money did you really steal
it?

~~~
sgift
With the usual caveats (IANAL, this may vary per country/jurisdiction) laws
and contracts are usually about intent, not pure semantics. And you'd probably
have a hard time to argue that this way of 'fulfilling' the contract was the
intended way.

~~~
celticninja
I understand that contracts are usually written this way but an ethereum smart
contract is a different kettle of fish. It is written to be a program so if
you can get the program to respond to your inputs then you have fulfilled the
requirements of the smart contract as it was written. Of course it may be that
it was poorly worded but that is an issue for the contract writer.

~~~
davidivadavid
Because whoever invented them called them "smart contracts" doesn't mean
they're considered as such in the jurisdiction where people using the said
"smart contract" are living. Matt Levine has written extensively about the
subject.

------
Tepix
I'm curious why the attacker converted his ETH into BTC. Why not Monero first?
Once the money is converted into Monero, it should be untraceable, right?

~~~
jpatokal
Liquidity. There's enough demand for ETH-BTC that you can convert $30m worth
pretty fast; for ETH straight to Monero, you would be in for a much longer
wait.

~~~
the_stc
Monero is also not quite untraceable with the defaults. It requires
understanding Monero a bit, and spending days churning your coins. The idea
that Monero is so unlinkable is horrible marketing and is going to get someone
busted.

------
gedaxiang
lol at this guy putting a tip jar at the bottom of the post

~~~
beaugunderson
it's a ropsten (testnet) address

------
sunstone
William Gibson was doing this in the 80's.

------
chirau
Out of curiosity...is this a man or a woman?

EDIT: What's with the oversensitivity here? Is there anything wrong in asking
a person's sex? What if it's for studying inclination towards certain decision
making criteria? Geez folks, not every question is sinister. If you don't want
to answer it, just move on. No one is being attacked here.

~~~
albertgoeswoof
> EDIT: What's with the oversensitivity here?

It's not oversenstivity, there's literally no reason to care about the sex of
the person who wrote this. It's completely offtopic and irrelevant.

What does "studying inclination towards certain decision making criteria" mean
anyway? Reading between the lines it sounds like you think women behave one
way and men the other way (which is fine if you think that btw), but wanting
to "study" that using this article is just dumb.

~~~
Nuzzerino
Note that the question was phrased as "Out of curiosity...". This is
essentially a disclaimer that it _is_ an off-topic and irrelevant question.
From the way I see it, your comment is even less reasonable in this context.

~~~
albertgoeswoof
You mean like if I used the same disclaimer and asked you this:

"Out of curiousity, are you male?"

Can you not see what that implies?

------
whipoodle
I was in a bad mood before I read this. Great read! Thanks.

