|
Title: INFO ABOUT HACK MPOS POOLS / PLUMS INFO / GET SOME FREE COINS HERE. #YOLO #SWAG Post by: ILikeMPOS on January 11, 2014, 03:13:52 AM http://gyazo.com/66709a118ce84c887b4e84028077ac3a.png
HEY, YOU CAN GET SOME LTC, DOGE, CAT, GME, LENNY AND MORE COINS HERE - http://webhancement.us/gg.php I GIVE YOUR LINK BECOUSE GUY WITH WHOM I WORKED SCAM ME ON MORE MONEY. THIS BUG - 2 DAYS. AND YES, THEM WHO WRITE "WHO STOLE MY COINS FROM POOL????" BECAUSE OF THIS. ... MORE INFO ABOUT BUG(ALL VERSIONS MPOS) - 0.5 BTC WTF?, HOW TO WARD OFF IT?! USE VERY VERY STRONG PASSWORD(I RECOMMEND USE LASTPASS) AND SET ACCOUNT AS ANONYMOUS. ENJOY. Miners. http://www.wykop.pl/wpis/6841332/oto-lista-pooli-z-ktorych-zanotowano-kradzieze-zro/ http://www.wykop.pl/wpis/6840458/uwaga-uwaga-bardzo-wazne-ogloszenie-dotyczaca-bezp/ Title: Re: INFO ABOUT HACK MPOS POOLS / PLUMS INFO / GET SOME FREE COINS HERE. #YOLO #SWAG Post by: Efitzhenry on January 11, 2014, 03:25:48 AM Glad my pool didn't show up on the list. We don't scam anyways though. That is some pretty sensitive info hanging out there!
Title: Re: INFO ABOUT HACK MPOS POOLS / PLUMS INFO / GET SOME FREE COINS HERE. #YOLO #SWAG Post by: ILikeMPOS on January 11, 2014, 03:32:56 AM Glad my pool didn't show up on the list. We don't scam anyways though. That is some pretty sensitive info hanging out there! In list most popular pools, i can add any pool on mpos ( ° ͜ʖ ͡°)Title: Re: INFO ABOUT HACK MPOS POOLS / PLUMS INFO / GET SOME FREE COINS HERE. #YOLO #SWAG Post by: canth on January 11, 2014, 03:45:20 AM Yet another reminder to not reuse passwords anywhere. I highly suggest any of you who still fall into this category, take a few minutes and install a decent password manager:
http://passwordsafe.sourceforge.net http://keepass.info/ Title: Re: INFO ABOUT HACK MPOS POOLS / PLUMS INFO / GET SOME FREE COINS HERE. #YOLO #SWAG Post by: ahmed_bodi on January 11, 2014, 03:52:08 AM i have checked all of my pools in this list and it looks to me like the OP has used a bot or manually generated accounts and then somehow has the details there, i can assure you all passwords and pins are hashed and salted in MPOS both by default and in my configs.
An example of this is coye.cryptopools.com. the pool doesnt exist since i fell asleep before the launch so it goes to show the details are fetched from another location. Another example is ftc.d2.cc it shows a username clicking login takes the user to digitalcoin.scryptmining.com it looks me like the creator of the app is sending the login details via HTTP POST as a normal user would which allows people to access these fradulent accounts they have made under false pretenses Title: Re: INFO ABOUT HACK MPOS POOLS / PLUMS INFO / GET SOME FREE COINS HERE. #YOLO #SWAG Post by: canth on January 11, 2014, 04:00:00 AM i have checked all of my pools in this list and it looks to me like the OP has used a bot or manually generated accounts and then somehow has the details there, i can assure you all passwords and pins are hashed and salted in MPOS both by default and in my configs. An example of this is coye.cryptopools.com. the pool doesnt exist since i fell asleep before the launch so it goes to show the details are fetched from another location. Title: Re: INFO ABOUT HACK MPOS POOLS / PLUMS INFO / GET SOME FREE COINS HERE. #YOLO #SWAG Post by: ahmed_bodi on January 11, 2014, 04:02:54 AM no doubt they may be legit accounts but i believe 1/2 are fabricated accounts, 1/2 are accounts with weak passwords which the OP has guessed.
Title: Re: INFO ABOUT HACK MPOS POOLS / PLUMS INFO / GET SOME FREE COINS HERE. #YOLO #SWAG Post by: canth on January 11, 2014, 04:08:52 AM no doubt they may be legit accounts but i believe 1/2 are fabricated accounts, 1/2 are accounts with weak passwords which the OP has guessed. OK, so maybe he fabricated some accounts - there's no easy way to prove that one way or the other. How about the other accounts with actively running miners and balances - some of them with decent passwords and PINs? Bruteforce on both the password and PIN? None of these pools have any invalid login attempt protection? Something doesn't smell right... Title: Re: INFO ABOUT HACK MPOS POOLS / PLUMS INFO / GET SOME FREE COINS HERE. #YOLO #SWAG Post by: xisi on January 11, 2014, 04:14:57 AM Reusing passwords on multiple sites in 2014 ::)
That's all this is, a db dump with a front end and a few cracked passwords. Title: Re: INFO ABOUT HACK MPOS POOLS / PLUMS INFO / GET SOME FREE COINS HERE. #YOLO #SWAG Post by: ahmed_bodi on January 11, 2014, 04:19:26 AM Reusing passwords on multiple sites in 2014 ::) That's all this is, a db dump with a front end and a few cracked passwords. as stated here, both me and xisi work on MPOS (well i work on stratum but still) by default MPOS has a default lock out at 3 attempts which is why i believe the majority are fabricated accounts. while the others are just ones with a weak ass password grabbed from a db dump Title: Re: INFO ABOUT HACK MPOS POOLS / PLUMS INFO / GET SOME FREE COINS HERE. #YOLO #SWAG Post by: choose_username on January 11, 2014, 12:49:23 PM I think they are bruteforcing easy passwords, I use very strong random character passwords on all my pools and got notifications about xx failed login attempts on a few pools.
|
