Surprise surprise
thanks for returning the coins. i owe you guys one for the lesson. |
|
|
|
You son of a bitch, you posted this in GOOGLE DRIVE of all things?
DO NOT open this shit, Google Drive is great but leaves a breadcrumb trail that a blind man can follow. OP, if you're fuckin serious about this, use Pastebin.
whats wrong with google drive? the more the authorities know about this the better. i want the person who did this to either pay back or go to prison for this. |
|
|
|
dang was the Skeincoin wallet stolen also? I lost 2600 SKC out of thin air. Or is this a glitch? Is the server secure now?
I don' t think so. i would advise withdrawing all coins. there is simply not an option to continue on at this point. what if it was hacked again? |
|
|
|
I see the bounty that you've put up. Aside from that, what else do you plan to respond with? Will you be compensating us? The only reason I had BTC remaining on the server was that withdrawals were disabled - apparently only for legitimate users. :-/ the application was not hacked, it was the server. somehow fail2ban had been uninstalled and was not protecting the login anymore. and yes i will be paying people back, fuck if i know how i will be. i have a little over .5 btc to my name and various other altcoins, but yes i have no other choice than to repay it. look on the bright side: You may earn positive trust now  fuck u |
|
|
|
let me ask you a question was that the only wallet.dat file you have I backed up mine on three different storage units you should always have one and then another wallet that you could quickly send it to if you suspect something.
yes unfortunately it was. i thought about cold storaging the majority of the coins but alot of people complain about slow withdrawal times. it was an honest mistake, one i will pay dearly for i'm sure. |
|
|
|
What is the address of the wallet?
i don't know. he took the wallet.dat i can provide what my account address was and the account address of others who mentioned it in support emails, and anyone else who deposited to the exchange can provide theirs if they can find it in transactions of their personal wallet, but other than that i have no idea what the "main" address was. and yes, i will repay this somehow. i have no other choice but to repay it. i'm sorry |
|
|
|
I see the bounty that you've put up. Aside from that, what else do you plan to respond with? Will you be compensating us? The only reason I had BTC remaining on the server was that withdrawals were disabled - apparently only for legitimate users. :-/ the application was not hacked, it was the server. somehow fail2ban had been uninstalled and was not protecting the login anymore. and yes i will be paying people back, fuck if i know how i will be. i have a little over .5 btc to my name and various other altcoins, but yes i have no other choice than to repay it. |
|
|
|
the bitcoin wallet was stolen from the server. |
|
|
|
Guess it's him:
Jan 14 00:51:56 server sshd[211810]: Accepted password for root from 66.87.95.20 port 33982 ssh2
Jan 14 00:51:56 server sshd[211810]: pam_unix(sshd:session): session opened for user root by (uid=0)
Jan 14 00:51:57 server sshd[211810]: subsystem request for sftp by user root
Jan 14 00:52:01 server CRON[212231]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 14 00:52:01 server CRON[212231]: pam_unix(cron:session): session closed for user root
Jan 14 00:52:01 server sshd[212176]: Accepted password for root from 66.87.95.20 port 54132 ssh2
First occurence of similar ip in log:
Jan 12 08:26:23 server sshd[154626]: Accepted password for root from 66.87.92.21 port 33172 ssh2
left a message?
Jan 13 12:53:35 server sshd[103395]: Invalid user xkcd^777^xkcd&99starfive792***$$$$# from 66.87.94.161
Jan 13 12:53:35 server sshd[103395]: input_userauth_request: invalid user xkcd^777^xkcd&99starfive792***$$$$# [preauth]
Jan 13 12:53:38 server sshd[103395]: Failed none for invalid user xkcd^777^xkcd&99starfive792***$$$$# from 66.87.94.161 port 58427 ssh2
Jan 13 12:53:39 server sshd[103395]: Received disconnect from 66.87.94.161: 13: Unable to authenticate [preauth]
Jan 13 12:53:51 server sshd[104648]: Accepted password for root from 66.87.94.161 port 47277 ssh2
Jan 13 12:53:51 server sshd[104648]: pam_unix(sshd:session): session opened for user root by (uid=0)
I think that's justin's ip( http://www.geoiptool.com/en/?IP=66.87.94.161) he has the server pass, i have the server pass. funny thing is justin's supposedly from oklahoma. he started the crons last night so i'm pretty sure it wasn't him atleast that is consistent with what i know. the attacker was probably not stupid enough to leave the log unchanged. if you will notice there is no activity for 6 minutes in between the last failed attempt and where i logged in (173.216.136.127) |
|
|
|
Out of curiosity, why would the thief return them for significantly less money? (just trying to play devils advocate, I hope you do get them back).
I think he's hoping the attacker feels guilty. He/she probably doesn't. worth a shot. its all i have. |
|
|
|
nice security...
and why would the attacker return .5 bitcoins when he could keep the 11bitcoins ?
i could have swore i installed fail2ban |
|
|
|
|
attacker used ssh to gain access and steal btc wallet. i discovered this while trouble shooting a customer who had not received his deposit even though it showed pending. then i discovered our btc wallet was drained, all the accounts gone and the wallet.dat missing
Update
the coins were recovered a short time later. we are paying out withdrawals and asking all coins to be withdrawn from the exchange so that we can start from scratch.
|
|
|
|
I might have found a bug - my balance is off by about 3 BTC from where it should be and changed as of 90 minutes ago. Opened a ticket - please take a look.
PS - thanks for providing this service, r3wt.
I'm sorry but, your balance was actually wrong due to the bugs that awarded double coins for trades yesterday. we wrote a script to correct them. here is your deposit and trade history + balance history. Deposits
Wallet : BTC | Amount : 0.30000000
Trades
Wallet : 78 | Price: 33.00000002 | Quantity :9.95E-6
Wallet : 78 | Price: 33.00000002 | Quantity :0.00014699
Wallet : 78 | Price: 33.00000000 | Quantity :0.00073240969719117
Wallet : 78 | Price: 33.00000000 | Quantity :3.7800000000001E-6
Wallet : 78 | Price: 33.00000002 | Quantity :3.332E-5
Wallet : 78 | Price: 33.00000000 | Quantity :4.5800000000001E-6
Wallet : 78 | Price: 33.00000002 | Quantity :0.00085056
Wallet : 78 | Price: 33.00000002 | Quantity :8.491E-5
Wallet : 78 | Price: 33.00000002 | Quantity :3.458E-5
Wallet : 78 | Price: 33.00000000 | Quantity :8.45E-5
Wallet : 78 | Price: 33.00000002 | Quantity :4.195E-5
Wallet : 78 | Price: 33.00000002 | Quantity :2.373E-5
Wallet : 78 | Price: 33.00000000 | Quantity :6.52E-6
Wallet : 78 | Price: 33.00000000 | Quantity :7.486E-5
Wallet : 78 | Price: 33.00000000 | Quantity :5.449E-5
Wallet : 78 | Price: 33.00000000 | Quantity :0.00015362
Wallet : 78 | Price: 33.00000000 | Quantity :5.0E-6
Wallet : 78 | Price: 33.00000000 | Quantity :5.073E-5
Wallet : 78 | Price: 33.00000002 | Quantity :4.2E-6
Wallet : 78 | Price: 33.00000002 | Quantity :0.00061447
Wallet : 78 | Price: 33.00000002 | Quantity :1.8161329999556E-9
Wallet : 78 | Price: 1200.00000000 | Quantity :0.00006633
Wallet : 78 | Price: 1200.00000000 | Quantity :0.00000033
Wallet : 78 | Price: 1200.00000000 | Quantity :0.00188883
Wallet : 78 | Price: 1200.00000000 | Quantity :0.00040000
Wallet : 78 | Price: 1200.00000000 | Quantity :0.00000821
Wallet : 78 | Price: 1200.00000000 | Quantity :0.00000149
Wallet : 78 | Price: 1200.00000000 | Quantity :0.00000788
Wallet : 78 | Price: 1190.00000000 | Quantity :0.00009277
Wallet : 78 | Price: 1190.00000000 | Quantity :0.00002425
Wallet : 78 | Price: 1190.00000000 | Quantity :0.00000078
Wallet : 78 | Price: 1390.00000000 | Quantity :0.0001103
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000009
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000009
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000009
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000090
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000009
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000009
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000009
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000003
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000005
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000001
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000002
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000002
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000002
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000002
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000003
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000010
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000010
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000020
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000020
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000020
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000050
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000300
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000060
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000050
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000020
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000010
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000100
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000100
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000100
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000010
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000100
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000010
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00001000
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00001000
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000100
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000100
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000200
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000200
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000010
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000030
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000020
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000030
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000010
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000002
Wallet : 78 | Price: 1390.00000000 | Quantity :0.00000001
Balance
Wallet: 78 | Coin : 42 | Amount : 0.00000001
Wallet: 1 | Coin : BTC | Amount : 0.50589465
these trade prices don't sum the amount and account for the fee taken from each sell, but i'm pretty sure your balance should have been .5 if you are missing any deposits, let us know and we will gladly correct it. |
|
|
|
Deposited Bitcoin pending since 21 Hrs ?. User Tx Id 6603ea056688752ab9bf9c3b4c7bc2a7f4fd2dc53347ca2630ef93c3bdba3c6c
Same thing we told you in support. that' san invalid transaction hash  |
|
|
|
|
is there not an exchange bounty? LoL
send donations to OpenEx if you want
BRRAd6tU9q8RuYhuEYg96QrqhKEgwZgf5s
|
|
|
|
Great website! i really appreciate the ajax load and the fact that the wallet addresses automatically change. Thank you  you're welcome! Withdrawals are currently disabled for 24 hours while we wait for results from the recent updates. We are sorry for any inconvenience this may have caused but this is merely for ours and your security.  When will they be back? Probably tommorow. Just trying to ensure that justin's fix didn't open up another potential hole. hopefully there isn't anymore "butterfly effects" |
|
|
|
hi supporter please check this Status: 326 confirmations Date: 12.1.2014 г. 22:48 To: FA14icqUBYa1KtQCsc8GW7u9qhyzeD5rWA Debit: -600.00 RAD Transaction fee: -0.00001 RAD Net amount: -600.00001 RAD Transaction ID: e08e27a423a9900ccb4da46c1373824dcba1fc132a14fd71260a0d4286f28925 my balance in openex.pw after 20h emty Available(RAD): 0.00000000 a week ago I had a problem with the deposit and never got an answer to ticket This time I have a problem with deposit  yeah. maybe you wanna elaborate a little bit your support ticket said: i have stuck windraw please help. no info give nothinng. do you expect to just snap my fingers and find your transaction? |
|
|
|
|
we {think} we've fixed the issues.
placebo: FUD. not even worth addressing. I post on twitter all day long with every bug and every time its fixed. nice try though
vingaard: actually we work about 32 hours straight apiece and i just woke up from a 5 hour nap. why don' tyou talk some more shit huh?
Gerrit: Thank you for mentioning the bug to us. we wouldn't have known if you wouldn't have said something.
|
|
|
|
|
Show Posts
