Title: Extortion attempts Post by: LuckyBitSupport on June 26, 2014, 08:09:32 AM So, we at http://luckyb.it received another extortion attempt, mostly related to our latest "win 5 bitcoin if you guess the world-cup winner" promo. :)
We thought it's better to publish these things, so other site operators are warned. We had an standard "vulnerability scan" this morning ~7 UTC, coming from 173.233.126.140 (dsl-140.pool2.5.e120.sumt.ftc-i.net). Dynamic home IP - the whole scan came from the same IP, so it was easy to block and most likely just a kiddy that got hold of some webapp security scanner. Short after that, we received the mail below, coming from 46.19.139.98. We're of course not giving in to extortion attempts (especially not to such poorly executed ones). We hope this helps some other site operators - let's get this idiots out in the open LuckyBit support Code: Return-Path: <becsupply@Safe-mail.net> Title: Re: Extortion attempts Post by: LuckyBitSupport on June 26, 2014, 08:20:06 AM Related reddit thread: http://www.reddit.com/r/WTF/comments/28qucr/notice_of_extortion/
Title: Re: Extortion attempts Post by: LuckyBitSupport on June 26, 2014, 08:21:37 AM See below ;D
Title: Re: Extortion attempts Post by: AW3SOMELOLwUT on June 26, 2014, 08:22:29 AM I may have found the person behind this, his name is "redhatcc" His bitcointalk profile address matched the one in the email. https://bitcointalk.org/index.php?action=profile;u=344931 (https://bitcointalk.org/index.php?action=profile;u=344931) :P first post
Title: Re: Extortion attempts Post by: LuckyBitSupport on June 26, 2014, 08:26:06 AM I may have found the person behind this, his name is "redhatcc" His bitcointalk profile address matched the one in the email. https://bitcointalk.org/index.php?action=profile;u=344931 (https://bitcointalk.org/index.php?action=profile;u=344931) :P first post Thanks for finding this! :) We've sent you a little something. 8) So the guy was stupid enough to use the same address as on his bitcointalk profile! Reporting to moderators... Title: Re: Extortion attempts Post by: LuckyBitSupport on June 26, 2014, 08:33:29 AM Our reply:
Code: Hello, Title: Re: Extortion attempts Post by: Mitchell on June 26, 2014, 08:34:50 AM I left our "friend" a nice little trust rating. You should do that as well OP.
EDIT: Nevermind, you already did :P Title: Re: Extortion attempts Post by: OnkelPaul on June 26, 2014, 08:48:56 AM In any case, you should make sure that your servers don't have direct access to considerable bitcoin amounts (keep the majority of your funds in cold storage) so that when an exploit actually happens, the losses are small.
Of course, now that an intent to attack has been published, it should be obvious that all services that are not directly necessary should be stopped or protected from outside access, and that continuous intrusion detection should be run on the servers/network. Good luck, and hopefully you can still get some sleep... Onkel Paul Title: Re: Extortion attempts Post by: LuckyBitSupport on June 26, 2014, 09:11:58 AM In any case, you should make sure that your servers don't have direct access to considerable bitcoin amounts (keep the majority of your funds in cold storage) so that when an exploit actually happens, the losses are small. Of course, now that an intent to attack has been published, it should be obvious that all services that are not directly necessary should be stopped or protected from outside access, and that continuous intrusion detection should be run on the servers/network. Good luck, and hopefully you can still get some sleep... Onkel Paul Thank you. We're preparing. :) And of course, we have little money in the hotwallet. Title: Re: Extortion attempts Post by: LuckyBitSupport on June 26, 2014, 09:14:45 AM Continuing in the line of full disclosure:
Quote from: becsupply@safe-mail.net I saw you declined our offer in your public chat. We were very discrete about you checking your email, never sharing anything in chat from our side, but by publishing one of our stolen clients information we have, you have waged more than a public exploitation exposure. I hope you enjoy the "discrete" analysis of your petty servers over the weeks and months to come. I will make sure to share with my team your response in email and in your websites chat during our meeting. I surely hope you enjoy declining our offer to help you. As a personal note responding to your email, our small request isn't anything compared to whats to come. and here: Quote from: becsupply@safe-mail.net I was just notified by my friend that you stuck your fucking nose up in the air at the BTC community. Do you know by running a random so called site that the visitors win? Ha I agree they don't. I had to read the email because I didnt understand it at first, but you did really shit in my eggs an omlets. Do you know how much money we have to buy and target DDoS and more to your site? What was the bounty like 1 bitcoin? And we wanted to help, then you expose someone for extortion? You might as well go back to digging ditches, we don't deal with Bitcoin scammers like you, especially when we were trying to help. Smile and enjoy. Title: Re: Extortion attempts Post by: Mitchell on June 26, 2014, 09:25:00 AM Oh god, this is comedy gold. The first email sounds semi-professional, but the second one is definitely a little kid raging, because he got exposed. I wouldn't worry too much if I were you.
Title: Re: Extortion attempts Post by: Hunterbunter on June 26, 2014, 09:29:44 AM Wow the nerve on some people. At least he was kind enough to give you enough info to report him to the police.
Title: Re: Extortion attempts Post by: grtthegreat on June 26, 2014, 09:32:54 AM Dear LB Support, I request you to support him by teaching some programming and hacking instead of sending him BTC to his wallet. ;) ;) ;) ;) ;) ;) LOL.. He's a kiddo. Tried to send a dangerous message and got fucked up by adults.
Title: Re: Extortion attempts Post by: clownius on June 26, 2014, 11:06:59 AM I wish you luck dealing with this scammer. I highly recommend reporting the script kiddie to law enforcement considering he was dumb enough to leave a trail. Once they are done with him he gets to explain his actions to mummy and daddy.
A little trick i have used in the past is invest in a cheap OVH server and then run a VPN tunnel between the two servers with the sensitive stuff only on the second server. OVH has the VAC system which defends you from a serious DDoS with ease and you dont need to spend megabucks to do it. Security wise its also much easier to penetrate the edge server rather than the main server. Especially if you dont know where to find the main server. Title: Re: Extortion attempts Post by: stingleword on June 26, 2014, 01:21:36 PM It looks like the would-be scammer is a fan of actually playing Lucky Bit, as well. (https://blockchain.info/tx/ffe713f18559d21036f28f66c29b191bad377e1c9270a321eb11bfeed36c10c8)
Title: Re: Extortion attempts Post by: Mitchell on June 26, 2014, 01:29:13 PM It looks like the would-be scammer is a fan of actually playing Lucky Bit, as well. (https://blockchain.info/tx/ffe713f18559d21036f28f66c29b191bad377e1c9270a321eb11bfeed36c10c8) Hahahaha, that is amazing. However, it could be that he is testing the LuckyBit security. I highly doubt it, but you never know, right?Title: Re: Extortion attempts Post by: Sydboy on June 26, 2014, 02:42:56 PM Do you all think the guy is a just really stupid, drunk, desperate or a combination of all ?
Maybe he is out of meds. Someone needs to write a "Dummies guide to scamming". Give him a free copy, he obviously can't afford to pay. Title: Re: Extortion attempts Post by: carlaonfire on June 26, 2014, 06:49:03 PM Sad little kids trying to extort LB...
Title: Re: Extortion attempts Post by: LuckyBitSupport on June 27, 2014, 11:45:43 AM It looks like the would-be scammer is a fan of actually playing Lucky Bit, as well. (https://blockchain.info/tx/ffe713f18559d21036f28f66c29b191bad377e1c9270a321eb11bfeed36c10c8) Hahahaha, that is amazing. However, it could be that he is testing the LuckyBit security. I highly doubt it, but you never know, right?Well, we're fully on-chain, which means that we do not hold any customer funds. By playing, he tested nothing more than the security of Bitcoin... ;D Title: Re: Extortion attempts Post by: spooksie on September 24, 2014, 04:42:56 PM I've added lickyb.it to the site for users to review.
http://bitcoinuserreview.com/casino-sites/luckyb-it-user-reviews/ I've also linked this forum thread to the review. Title: Re: Extortion attempts Post by: stingleword on September 24, 2014, 06:47:00 PM I've added lickyb.it to the site for users to review. http://bitcoinuserreview.com/casino-sites/luckyb-it-user-reviews/ I've also linked this forum thread to the review. That's kind of you. Please adjust the link to the main Lucky Bit thread rather than this one: https://bitcointalk.org/index.php?topic=757624 |