This page has been archived and commenting is disabled.
Phishing Out The Goldman Code Fishers
Still out in the boonies, so a few more days without extended analysis. In the meantime, some more amusement on GoldmanGate: Cryptogon has created a piece of html code that Google queries latch on to when searching for "Goldman Sachs Code Torrent", allowing the sysadmin to track which IPs and firms are querrying this keyword. Interesting results. From the website:
I have not seen as much activity from Goldman Sachs as I thought I would on my little honey pot. This is all so far. Then again, this hasn’t even been up 24 hours yet:
204.4.131.140 2009-07-07 12:01:17
/?paged=2
Referrer: http://www.google.com/search?hl=en&rls=com.microsoft%3A*&q=Mr.+Aleynikov+strat&aq=f&oq=&aqi=
Hostname: cflodc1.gs.com*
SEARCH ENGINE: Google (page: 1)*
KEYWORDS: Mr. Aleynikov strat
Other interesting visits:Citadel Investment Group
64.22.160.1 2009-07-07 11:53:59
/?p=9712
Referrer: Direct hit
Hostname: cit1.citadelgroup.com
InfoNgen is the first Discovery Engine for business, finance and information professionals that knows what’s critical to you. Extracts relevant and timely information buried on the web, within emails, in desktop documents or on network drives. Identifies trends and connections between topics, companies or products that might not otherwise be apparent. And delivers results in real time.63.87.234.186 2009-07-07 05:12:58
/?p=9712
Referrer: Direct hit
Hostname: host186.infongen.com
—
Batterymarch is a global equity specialist, investing in approximately 50 countries for clients around the world. Our unique quantitative strategies combine the power of technology with the wisdom of experienced fundamental investors.199.58.12.24 2009-07-07
21:12:51
/?p=9712
Referrer: http://www.google.com/reader/view/
Hostname: smtp.batterymarch.com
—
U.S. Army
128.190.125.2 2009-07-07 17:59:55
/?p=9712
Referrer: Direct hit
Hostname: wks125-2.belvoir.army.mil
—
Clough Capital74.201.46.1 2009-07-07 17:38:18
/?p=9712
Referrer: Direct hit
Hostname: host1.cloughcapital.com
—
Microsoft131.107.0.101 2009-07-07 17:09:44
/?p=9712
Referrer: From your blog
Hostname: tide531.microsoft.com
—
The Benefit Company66.184.209.18 2009-07-07 16:20:15
/?p=9712
Referrer: Direct hit
Hostname: 66.184.209.18
—
At ECBridge™, we know that information is the lifeblood of today’s business. Our experienced, international team helps clients plan, implement and manage innovative e-business solutions. We can help
your firm gain competitive advantage, by extending the reach of your company’s information.207.111.251.165 2009-07-07 16:12:14
/?p=9712
Referrer: Direct hit
Hostname: mail.ecbridge.com
—
New York City Police Department206.212.185.216 2009-07-07 12:49:12
/?p=9712
Referrer: From your blog
Hostname: 206.212.185.216
—
City of Houston
204.235.227.149 2009-07-07 12:05:43
/?p=9712Referrer: From your blog
Hostname: 204.235.227.149
—
Note: U.S. Department of HomelandSecurity is obsessed with this post, and with Cryptogon, today. There are at least a couple of DHS employees who read Cryptogon as a matter of routine, but the activity over the last 24 hours shows 10 visits, 43 page views from five different hosts/IPs:
sbcp5.dhs.gov 204.248.24.164
bcp1.cbp.dhs.gov 63.167.255.151
bcp3.cbp.dhs.gov 63.167.255.153
sbcp6.dhs.gov 204.248.24.165
sbcp3.dhs.gov 204.248.24.162
Not sure how long Cryptogon will be able to keep this page up, so check it out while you can. And let other comparable games begin.
hat tip Dora
»
- 9580 reads
- Printer-friendly version
- Send to friend
- advertisements -
Keep up the good work !
LOLLLLLLLL I searched the pirate bay to see if I got lucky ... nothing yet LOL
Give it time, lol
LOL, Fort Belvoir is the home of several spooky Department of Defense agencies.
I'm just waiting for Booz Allen Hamilton to show up in the logs
I was also searching for this code *grin*! BTW: I beleieve it is an ugly piece terribly intermingled C++. Typically only one or two poeple know, what is really going on in this code. Frequently also these two guy's have false imaginations, what their own code really does. Moreover I think that program trading is largely overestimated. Of course there are tricks to manipulate the stock prices. But a simple code which sells and buys due to signals of a random generator may generate a positive payoff too ;). And there exists superstition concerning computers. Nevertheless this GS code plot is a delightful story. Thanks for your reports.
It was me.
That is brilliant...although people are unlikely to d/l torrents at work.
If GS was as on top of this as they'd like to believe they are, they'd be posting some phony code on Pirate Bay as we speak to redirect everybody's attention.
they would post code to get everyone to buy Citi
hiiiiiiilarious stuff. Thanks Cryptogon! And ZH!
Sergey's defense should be "I did it for teh LULZ."
Fun and games but this doesn't prove anything. In fact, I'm sure the ZH access logs have visits from the same servers all the time. Fact is you don't know why the Google search was made.
When someone finds the code and puts it on a warez server with open access then we are talking.
As for what's in the code, I'd take the government's word for it, a scheme for the "fair" manipulation of the market by GS. It will not be easy to port to your pc environment at home though. But GS's competitors certainly have similar in-house developed tools. Just ask the middleware providers like TIBCO. (Of course they wouldn't answer, but it's fun to ask).
If you believe this, I have a bridge to sell you in Brooklyn.
I guess you miss the point of the word "fair" so I seriously doubt you do have a bridge to sell.
Yeah, as in 'fair, if you've got friends at Treasury'.
I think the funny thing is that such a silly honey pot attracted people from those places in the first place.
They could be bots also.
Which could indicate that the amount of malarky they could potentially pick up by using bots might interfere with the ability to devine anything of value.
Ah yes, Warez. When I first heard about this story, that is where I thought the code would be.
brilliant... gotta love the army, DHS and NYPD on there... love it!
while TD is away 'phishing', might I suggest a visit to the great Michael Pettis' China blog and his current post:
RMB 1.5 trillion in new Chinese lending — can we turn this thing off?
http://mpettis.com/2009/07/rmb-15-trillion-in-new-chinese-lending-can-we...
that's really insane, but the IMF doesn't seem to read Michael Pettis. "Recovery in Asia, full speed ahead!"
all aboard the fail whale!
Have been thinking this over a bit, and come up with this conclusion. The program itself is of marginal value to you or I or really any small operator. So what is scaring GS so badly that they had the FBI do one of the quickest IT investigations and arrests in history? The code is only as good as the data inputs. Since GS sits on the boiard of the group tht oversees program trading and thus has inside knowledge, not to mention its direct ties into all major exchanges, the actual URLS and identities of the instantaneous data sources have to be a part of the program. Also in a previous article last night part of the nano-second trading involved in-house communications of data and so those links would be known as well from the code. Several 'houses' within GS are strictly forbidden to communicate as that constitute insider trading etc. Those links could well be enough for competitors to force a guv investigation which would close the golden dorrs of GS forever.
IMHO: Good point! Moreover it would be really strange, if the code would still be on a site in germany, while Aleynikov is set free for a bail.
we all should hope so.. we will have enough problems dealing with all the emerging markets as they mature than have to also deal with these blood suckers from the inside
My question & request is : how do I get that html program to search for hits on a public Company I like....seems like it would tell me who that Company is talking to.
http://www.dailykos.com/storyonly/2009/7/7/750786/-Incredibly-Shrinking-...
I really doubt it's a torrent. It's just some files somewhere. Now whoever finds it should torrent it immeadiataly.
Matt Taibbi delivers a follow-up bitch slap to the fools who criticize his Rolling Stone article on GS:
http://trueslant.com/matttaibbi/2009/07/07/on-the-everyone-was-doing-it-...
July 14th, 2009 DealZone
Goldman Sachs breaks silence on alleged code theft
After more than a week of silence, Goldman Sachs finally commented publicly on the alleged theft of computer codes by former programmer Sergey Aleynikov calling losses sustained as a result would be “very, very immaterial.”
http://flq.us/wG
The Real Story of Trading Software Espionage
While none of us knows the ingredients of Goldman's "secret sauce," we can say that any algorithmic code in and of itself is precious but has limited value until placed in the right circumstances. Those circumstances are not available to just any Tom, Dick or Sergey, but represent the core strategy of the fast-rising high frequency trading firms.
First, strategies that optimize the value of high frequency algorithmic trading are highly dependent on ultra-low latency. The right decisions are based on flowing information into your algorithm microseconds sooner than your competitors. To realize any real benefit from implementing these strategies, a trading firm must have a real-time, colocated, high-frequency trading platform—one where data is collected, and orders are created and routed to execution venues in sub-millisecond times.
Next, since many of these strategies require transacting in more than one asset class and across multiple exchanges often located hundreds of miles apart, i.e., NY to Chicago, that infrastructure will often require roundtrip long haul connectivity between the data centers.
Lastly and most importantly, this code has a limited shelf life, whose competitive advantage is diluted with each second it is outstanding. While a prop desk's high level trading strategy may be consistent over time, the micro-level strategies are constantly altered—growing stale after a few days if not sooner—for two important reasons. Firstly, because high frequency trading depends on ridiculously precise interaction of markets and mathematical correlations between securities, traders need to regularly adjust code—sometimes slightly, sometimes more—to reflect the subtle changes in the dynamic market. The speed and volatility of today's markets is such that the relationships forming the core of our algorithm strategies often change within seconds of our ability to implement the very strategies that exploit them. Secondly, competitive intelligence is so good across all rival trading firms that each is exposed to the increasing susceptibility of their strategies being reverse engineered, turning their most profitable ideas into their most risky. As a result, any firm acquiring the "stolen" code would gain benefit from it for no more than a few days before that firm would need to adjust the code to the dynamic conditions. Since these changes build on themselves, in a matter of weeks that code would look quite different from that which was originally "stolen."
Advanced Trader http://flq.us/wF