Bitcoin Forum

Apparently Bitmain got hacked a day or so ago and I am getting email alerts from different services and gambling sites that there was attempted unauthorized accesses.

Just like the Bitcointalk hack a few years back, these hackers are trying to gain access to any and all Bitcoin related services like exchanges, wallets and most likely also gambling sites.

So if you used the same password and had no 2FA enabled you are at risk...

If accounts don't have any funds then it is still fine but remember to active your 2fa function before depositing your funds to any online sites. If fail to do so then you may lose your funds. These hack activities have become more so protect all your online accounts with security features provided all the sites.

Just read about it...

Here is the link, if somebody wants to read more: https://www.reddit.com/r/Bitcoin/comments/6v38o5/bitmain_confirmed_being_hacked/

I'm start changing passes.

You don't need to change any passes if all your passes were unique.

They basicallly sent out the worst warning email ever and not much info.

No idea if people's addresses were leaked since people used the same accounts to order Antminers. They aren't disclosing much.

Doesent seem so bad. You are safe if you're using 2 fa.

Oh that is a big blow but I don't have any account there and also I have activated 2fa in almost all of my important accounts already so hope I will be in safe side  ;D

If they have strongly encrypted users password when storing in their server than I think hacker might not gain access to user passwords. Am I wrong?

Enabling 2FA will provide added security to your account. It's good to make your accounts with the maximum security. If there is no incorporated wallet then minimal security is enough. Because even if one penetrate, he can't make use of the funds.

Just noticed about this news as I received to email from two different exchange sites that my account is locked due to too many failed login attempts. Luckily both accounts are not active anymore and I dont have any balance there. But seems that all my gambling accounts are safe as I have not received any emails about failed login attempts. Of course I will check one by one to make sure that everything is OK.

Never used bitmain site. i always use different email/password on exchanges/gambling sites and 2fa is always enabled.

They can crack the encrypted password by brute force.

The email and phone number is a big problem. If you use an exchange such as Coinbase or Gemini or CEX, if someone knows your phone number they can get your 2FA if you are using Authy.

With your email AND phone number they can easily reset any password and even reset your Authy.

This is a huge problem

Wha would have thought that even the giants of crypto business like Bitmain are vulnerable to hacking.
I guess they are really stingy and don't want to pay anyone to test their protection, and here we see the effect.
Just remember, if you bitmain password is unique, you don't need to change passwords for your other services, emails, accounts etc.

i always used a basic rule of thumb.. for each and every website i use a different and very complex password.but this does explain why i have had about 10 different red flag sign in attempts is several different websites! all failed  but the attempt was there !
so lock down your  access codes and make sure your passwords are changed and safe!

Indeed you are safe with 2fa attached but it is annoying to get a warning email about failure attempt to login to your account.
Better to change your password to another one , unless if you feel okay to receive the same warning over and over again.
I got a lot of warning since bitcointalk get compromised and now it is happened again , i suggest to change the password really it is annoying.

Save yourself a lot of problems and NEVER re-use passwords for different sites. Make these passwords unique to every site and if you cannot remember them, just write them down and store it in a safe place. If one site is compromised, your accounts on other sites will not be influenced.

We have been saying this for years now and people are still doing this. Lazy people will have to learn from their mistakes.

I never re-use passwords and I also change the passwords for my accounts on different sites regularly, because this is standard practice. < or it should be >

I am not surprised. That fits the image on rage for bigger blocksize. Everything is just about profit, nothing's about security.

It is never a good choice to use the same passwords for all of the sites that you are registered with, and this was one of the main reason, once a site got hacked and if the customer information are being stolen by the hackers in the process, the hackers might have a chance to access the other sites which you are registered with if you use the same password.

It is also better to change your password once in a few months on the site that you frequently visit, and also enabling 2fa is a good way to safeguard your account and balances.

This is why i dont use repetitive passwords on any accounts that ive made because if you use the same passwords or log-in information on various sites then chances of getting hacked would really be high compared on having different information anytime.This is why im not really bit worried on this kind of hacking incidents because im confident that i wont be easily be hacked by someone.

Thanks a lot for the warning.

By reset you mean getting all the 2fa codes? that'll happen only when one enables multi-device feature, one can always disable that feature and stay safe from sms/call based authy recovery.

Also they can try to convince companies that they're the rightful owners of any account, combined with other information. It is for sure dangerous for that information to be in the wrong hands.

Like we say in Italy "Uomo avissato , mezzo salvato" , it means if a man is warned he is already half safe so it is great to share the information here. However I don't believe all the sites are hacked, I didn't received any email from coinbet24 which has become my new favorite sport book to change my password so far. Still I have a very unique password and although without 2fa there I still feel safe.

Holy damn, I just read it here! This should have been all over the news on every bitcoin news outlet like coinbase, cointelegraph, etc. But why was it not there though?
Anyway, just for precaution, I am changing my passwords too on all my accounts. Better safe than sorry.

That's great to hear something from you i would like to say that thank you so much for that it's interesting to hear different words and let them remember in future good luck men for more kind of help.

This is the reason why you guys need to start using password managers, every time something like this happens I read about people going to change their passwords, you know what, one day you won't stumble upon the news of something being hacked, you need to be prepared and have different passwords for each website you're using.

Since Betcoin.Ag got hacked and even my bitcointalk account go compromised, I will never again use the same password, it's so simple how someone can penetrate most of your assets if your security is based on the same bloody password.

Don't risk it, use a password manager!

yeah it's never be a good idea to have same password for all of your digital assets even you have set the strongest security system like two factor authentication. hacking could happened anytime. so you should reset your password periodically for better security especially when it comes to valueable stuff. prevention always better than waiting for something bad really happened.

It's not good idea to have same password everywhere if you are hacked some where then hackers easily access to your other assets too so kindly careful.

I'm actually glad that it happened to me, because I wouldn't learn otherwise until it's too late.

And others should learn too.

Don't store your passwords on your PC and copy-paste them, websites get hacked and data gets leaked, PCs get hacked too and data gets leaked.

A password manager is a must in todays world if you hold anything valuable on your laptop/PC, it gets a different 50-60 or any number of charachters passwords you want for all your accounts and you just need to memorize one good,strong password you never used before for your manager
+ 2FA and you're the safest gambler there exists ;)

Yes. Go to Authy website and read the FAQs. Its basically for people who have no recovery codes and a way for them to get their account back.

They can easily get it back with EMAIL + PHONE NUMBER. Even if they had no multi device checked off.

Though it defeats the purpose right? What if your email was hacked then they can recover the 2FA for authy then they can hack everything connected to it.
I think the best way is to create a paper backup of the qr code of your 2FAs so that you can securely store them and no one else have access to it but you and
whatever authenticator you use.

The best security still is not just having 2fa but having a secure password. Everybody stop using the same passwords for everything, that is how the hackers are
able to hack accounts. Check out Masterpassword (it's really a generic name, I know, but that is what they chose). It's pretty awesome in my opinion.

I think that the situation has a leakage of 2FA security authentication specially the private key must be preserve or confidential on you wallet. Having proper back-up is really the best option to do, because the accessing is secured and nothing will fear of that hacking will be possible. One thing that phisers online will capable of doing such unrighteous acts is due to location was turned on on your device. Prevent that device location from being turned on, so that you will not in danger of attacks on those hackers freely roaming online. Stay secure and keep all personal keys confidential; most importantly never entertain unknown mails.

With the price of bitcoin moving higher,we are seeing more hacks and if you are sloppy then your accounts will be compromised,never use the same password in any site and the risk is too much and if everyone could follow this simple rule then we do not need to be worried by hearing these hack news.

Best advice to give and a great update to all members concerned but my advice is to change password every month to be safe

Not all gambling sites were hacked; I don’t think it’s possible for them to hack all gambling sites, because there are too many of them.Secondly, one thing I don’t miss when I’m making use of any wallet is to activate 2fa, and I don’t use sites without such security features.

If you reuse passwords in the bitcoin world and you haven't lost money yet it must be because you accidentally sat on a horse shoe and it got stuck up there.

"Bitmain hacked - smart people unaffected"

How can we be sure the firmware for the miners on there pages has not been tampered with?

Is there any official announcment regarding checking of the firmware? If hackers have access to the server then who knows what they managed to do before they were stopped.

Can we have a notice letting us know that the miner firmwares were not compromised in the attack!

No idea why you are talking about their firmware. Basically the sites login info and passwords was leaked somehow and people who reused the same passwords on different sites are mostly affected.

I highly doubt that someone hacked their server to change the BIOS firmware for antminers. It would be very difficult to cause any damage that way. People would just reflash the old firmware. People also very rarely update the firmware on their ASICs. Most only upgrade if they are having issues. During that small hacking window there isn't many that would of been doing a firmware flash during that time.

I would have to dissagree.  If you were a hacker and you target a company like bitmain. Are you really going to be happy with a password and email dump?

If they had access to the server (and had time there)  

Who knows what they could of done. It would not be hard to edit a firmware to include something nasty.

Since there is very very limited info out there on this matter I would have to say it would be foolish for bitmain not to check that there have been no code changes to there firmware.  I highley doubt hackers would stop at only stealing some e-mail lists and passwords.

Its happend in the past where firms get hacked. there products get infected via firmware updates or software they sell.  Look at team viewer. they were hacked and ransomware was included in there software.

google..

company hacked firmware effected

You will see 100's of companys that were hacked and there software or firmwares were tampered with.

Yes I agree with you, Bitmain did a very poor job of telling us what exactly they hacked. I am still getting failed login attempts with many of the bitcoin services and gambling sites I am registered with. So this leads me to the conclusion that they were only targetting usernames and passwords and hoping that people reused the same password and no 2FA.

This isnt the first time it happened. Bitcointalk was hacked a few years back and it was the same scenario.

Hacking the firmware to change the pool info is possible but it would only affect the people who downloaded the firmware in the short while that it was hacked.

Either way they really should SHA256 all their firmware and post the hash somewhere on another website or even with their bitcointalk account, so we can be sure that the firmware won't destroy your ASIC.

I have had no response from them regarding the hack and if they are checking there firmware which I think if hackers have had access to the server should be a high on there agenda to check.  Last thing we want is waves of miners going offline or being "destroyed" by some code additions from the hackers.

I also agree they should be more forthcoming with info.

I hope others don't lose too much dew to the this and I hope bitmain start to take security a little more seriosuly.

These days none in digital world is safe. Anyone can hack anything with the right knowledge. Cloudbleed was one main event and now its bitmain. How sadful when people misuse of their skills and knowledge.

Pretty unsecured world we are living in. A lot of databases always get hacked and it's basically unsafe to use your favorite password. It is getting complicated. And when you have a complicated password there is also a risk that user may lose their password because of that. There is a trade off with convenience and security here. There is risk of loss even without anyone attacking because of the password is super hard to remember.

I never got email from bitmain about this. Yesterday I got an email saying there is an unusual activity on my account. I checked the website and saw that my 2FA is not working and was not able to login. I checked it from my smartphone app and I see that all my 'hash' is sold and there are thousands of transaction on my account. What is the point of having 2FA if someone can login just with stolen passwords? Who the hell stores encrypted passwords anyway?

I have contacted support but they haven't replied so far. Please help... I had 5 BTC worth of hash-power rented from them. There has to be a way I can hold them accountable.

Yes you can they should reimbese any losses if you had 2FA active and its been turned off by someone and they were hacked they have a responsibility to deal with it and cover any losses that are accumulted by the customer.  They should be able to look at the IP that logged in and see that it not the same as your one also they might have a browser user agent logger that would show if it was the same browser that was used.

Bitmain did not contact me regarding this either I found out via a forum post about it.

Message them and make them aware that your account has been compromised and your 2fa was also effected.. 

I also agree why would such a company store un-encryped passwords in there database?  They should be hashing them and and salt.  Totaly unacceptable behaviour from a company of this scale.

Its odd that 2fa has been affected and the hacker did able to bypassed on that one and sold off the contracts.I cant think off that someone do have the skills on doing this knowing that 2fa is one of the hardest layers when it comes on 2nd attempts on logging in.Hackers would normally not use their own ip address on logging in.They are not dumb as we think.

I was only noting that is the OP had logged in from his own IP many times they possibly have a record of the last logged in could also show it was infact compromised..

We alll know hackers use VPN - Socks5 - Tor - SSH to do there nasty work.  

I also agree 2fa is rather a strange one if it was active then suddenly not active but bitmain should have a log of when and how it was switched off.

All of this thing would really depend on bitmain since they do have all the logs regarding on the access of such account same as you said. This thing boggling my mind how 2fa has been off.
It is quiet alarming specially on having big amounts stored or purchased contracts but nothing to be worried as long your password is unique and not a common one but also 2fa is always been suggested on any accounts we do have.

Its becoming more prevalent these days for 2fa to be hacked possibly by Social engineering or by way of malware or dodgy apps from playstore.


https://www.wired.com/2017/05/security-news-week-hackers-beat-two-factor-authentication-rob-bank-accounts/

https://www.theregister.co.uk/2017/06/26/parliament_email_hack/