Bitcoin Forum

Ok, false alarm. I just got a bunch of delayed payout notifications, and they match amounts that I had sent to my address on the blockchain. Someone must have restarted a dead smtp server and a bunch of old mail got sent out. It's looking like some sites using CloudFlare are rewriting all IP addresses for incoming traffic also. So you'll never see your own IP address if you have login notifications enabled.

Sorry if this freaked anyone out. 



Here is the IP address that just logged in as me to an EMC2 pool:

http://dazzlepod.com/ip/173.245.55.67/  Clearly owned by cloudflare. Cloudflare is a service used by lots of altcoin mining and exchanges to protect against DDoS.

Here is a screenshot of the notification they logged in as me.

http://imgur.com/4R1w7pv

CloudFlare owns that IP address. So either CloudFlare has been hacked, or CloudFlare is logging into services they protect to steal coins.

There's no other explanation.

Just saw this.  Pulled my account to cold storage on my private-keyed accounts.

Everybody hold up. I might be wrong. I'm noticing things that aren't adding up. I logged in to see if the password had been changed, and if they changed the payment address, and neither had. Then I checked the IP address the login was assigned. Give me a few. It sent me a login notification with another CloudFlare IP when I logged in. I'm getting a feeling this might have been seriously delayed smtp mail. Like someone just restarted sendmail and a bunch of old mail got sent out.

This is exactly why I would never use cloudfare, there are better ways to handle DDOSes.

Might be a false alarm, but that doesn't explain this, unless CloudFlare is issuing these shitty certificates, which means that somebody within CloudFlare could potentially exploit related vulnerabilities.

false alarm is another kind of alarm to consider
i mean, u never know