EXCLUSIVE: Interview with barbarianbob of “The Hole Seekers”, hacking group that took down BitcoinTalk forums.
On the day of October 2nd in the year of our Lord Two Thousand and Thirteen, something amazing happened. In the wake of the shocking news that Silk Road had been shut down and that it’s fearless leader Sir Captain Dread Pirate Roberts was totally fucked, BitcoinTalk was once again the subject of a full breach of their forums and code was injected into every webpage. This is the exact same hack that happened nearly 2 years ago when Bill Cosby graced our screens inviting us to join the exciting new world of CosbyCoins. The attackers didn’t leave much information about how or why this was done but it’s probably our favorite moment ever on Buttcoin.
Being the serious investigative journalists we are, we decided to track down and find out who was behind the “Hole Seekers” hack this time. We got our hands on the source code (all 7000 lines of it!) and followed the rabbit hole as far as we could go until we finally got in contact with someone who called themselves barbarianbob. barbarianbob is the leader of the “Hole Seekers” hacking crew and agreed to meet us in a dark parking garage outside of the Mt. Gox headquarters and grant us a brief QA session.
This is the story of the BitcoinTalk Hole Seekers hack, told from the man who made it happen.
Who are “The Hole Seekers”?
A team of like-minded security-savvyists who enjoy finding security holes and exploiting them. We seek out and penetrate any holes we can find, no matter how tight the security, and we won’t stop until we’ve filled them with the long-arm of thick-headed justice.
What motivated you do this?
Have you read the forums? Why wouldn’t you want to fuck with them? The Hole Seekers are always looking to plant a pole into whatever cracks we can find, and if we can have some fun doing it then why not? The Hole Seekers will be a bigger name than Kirk Johnson someday.
Did you do the Cosbycoin thing too?
Due to pending litigation, I cannot comment on such matters.
How did you do it?
After the site was moved from the Mt. Gox. servers to a new server with nginx+phpfpm, the backdoor was still there.
Did you or thermos bring the site down?
Either he realized what happened and brought the site down or his server couldn’t handle it. We didn’t bring the site down ourselves, we worked too damn hard on it. Use Cloudflare next time!
Did you steal any personal info?
No, what would we do with any of that crap? Renew their subscriptions to Reason magazine?
How long did it take to make those amazing graphics?
I slaved away in front of a hot mining rigs for weeks making those. My undying love for bitcoin is never truly recognized.
Will thermos actually fix the exploit or is he an idiot?
Sounds like he actually found everything, but who knows. SMF is full of bugs and holes, it’s what you expect from a free forum software. What ever happened to that $600k thermos collected for a new forum software?
Are you going to turn yourself in for the 50 BTC bounty?
Turns out thermos is so smart he claimed he found the exploit so he’s paying himself, way to go buddy
Why do you hate bitcoins?
I don’t, but man the community is fucked up.
Missed the hack the first time around? Click here to see what it was like!