Hahahaha, that is amazing. However, it could be that he is testing the LuckyBit security. I highly doubt it, but you never know, right? Well, we're fully on-chain, which means that we do not hold any customer funds. By playing, he tested nothing more than the security of Bitcoin...  |
|
|
|
well hope i will be the next when i click on tune of the day lb page not found fix it ..  Ah, yes, thanks for noticing. Fixed it! |
|
|
|
Continuing in the line of full disclosure: I saw you declined our offer in your public chat. We were very discrete about you checking your email, never sharing anything in chat from our side, but by publishing one of our stolen clients information we have, you have waged more than a public exploitation exposure. I hope you enjoy the "discrete" analysis of your petty servers over the weeks and months to come. I will make sure to share with my team your response in email and in your websites chat during our meeting.
I surely hope you enjoy declining our offer to help you. As a personal note responding to your email, our small request isn't anything compared to whats to come. and here: I was just notified by my friend that you stuck your fucking nose up in the air at the BTC community.
Do you know by running a random so called site that the visitors win? Ha I agree they don't.
I had to read the email because I didnt understand it at first, but you did really shit in my eggs an omlets.
Do you know how much money we have to buy and target DDoS and more to your site? What was the bounty like 1 bitcoin?
And we wanted to help, then you expose someone for extortion?
You might as well go back to digging ditches, we don't deal with Bitcoin scammers like you, especially when we were trying to help.
Smile and enjoy. |
|
|
|
In any case, you should make sure that your servers don't have direct access to considerable bitcoin amounts (keep the majority of your funds in cold storage) so that when an exploit actually happens, the losses are small.
Of course, now that an intent to attack has been published, it should be obvious that all services that are not directly necessary should be stopped or protected from outside access, and that continuous intrusion detection should be run on the servers/network.
Good luck, and hopefully you can still get some sleep...
Onkel Paul
Thank you. We're preparing. And of course, we have little money in the hotwallet. |
|
|
|
LuckyBit - Tune of the DayPropose a tune here and it'll become the LuckyBit's 'Tune of the Day'! The tune of the day will always be announced in the message box of http://luckyb.it(The message box is in the upper left corner of the main site.) Note that hate speech/abusive/racist/sexist songs will be ignored!Umer, your tune is set! We can play urdu or hindi songs, as long as you promise that they are not abusive/hate speech. Next in line: So, who's next?
|
|
|
|
Our reply: Hello,
thank you for your offer. We respectfully decline. Also, we published your attempt here:
https://bitcointalk.org/index.php?topic=666400.0
and here:
http://www.reddit.com/r/WTF/comments/28qucr/notice_of_extortion/
Additionally, we reported you to the moderators of bitcointalk.
Regards,
LuckyBit support |
|
|
|
Thanks for finding this! We've sent you a little something.  So the guy was stupid enough to use the same address as on his bitcointalk profile! Reporting to moderators... |
|
|
|
See below |
|
|
|
So, we at http://luckyb.it received another extortion attempt, mostly related to our latest "win 5 bitcoin if you guess the world-cup winner" promo. We thought it's better to publish these things, so other site operators are warned. We had an standard "vulnerability scan" this morning ~7 UTC, coming from 173.233.126.140 (dsl-140.pool2.5.e120.sumt.ftc-i.net). Dynamic home IP - the whole scan came from the same IP, so it was easy to block and most likely just a kiddy that got hold of some webapp security scanner. Short after that, we received the mail below, coming from 46.19.139.98. We're of course not giving in to extortion attempts (especially not to such poorly executed ones). We hope this helps some other site operators - let's get this idiots out in the open LuckyBit support Return-Path: <becsupply@Safe-mail.net>
Delivered-To: support@luckyb.it
Received: from spool.mail.gandi.net (mspool4-d.mgt.gandi.net [10.0.21.135])
by nmboxes10-dc2.mgt.gandi.net (Postfix) with ESMTP id DA70C40C8C
for <support@luckyb.it>; Thu, 26 Jun 2014 09:25:20 +0200 (CEST)
Received: from mfilter20-d.gandi.net (mfilter20-d.gandi.net [217.70.178.148])
by spool.mail.gandi.net (Postfix) with ESMTP id CE53F1421EB;
Thu, 26 Jun 2014 09:25:20 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at mfilter20-d.gandi.net
Received: from spool.mail.gandi.net ([10.0.21.135])
by mfilter20-d.gandi.net (mfilter20-d.gandi.net [10.0.15.180]) (amavisd-new, port 10024)
with ESMTP id JCLGuk+ocRFX; Thu, 26 Jun 2014 09:25:19 +0200 (CEST)
Received: from tamar.safe-mail.net (tamar.safe-mail.net [212.29.227.229])
by spool.mail.gandi.net (Postfix) with ESMTPS id 184A4142235
for <support@luckyb.it>; Thu, 26 Jun 2014 09:25:15 +0200 (CEST)
Received: by tamar.safe-mail.net with Safe-mail (Exim 4.66)
(envelope-from <becsupply@Safe-mail.net>)
id 1X043G-0003Et-Ld
for support@luckyb.it; Thu, 26 Jun 2014 03:24:58 -0400
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
s=N1-0105; d=Safe-mail.net;
b=q8tg9TIGwO/dhWOC37sNDuS08lFLO1GZrK9vHXdB2oV187Zdn1h5Cs0+7B1Kwj3e
YuPG/WP3e9pWt6M6S91QGecTkWgcVjj2r+8LqdwLgYlIpDjjG7UOCeEqeTHdxmA8
Mbw53/bZEs73yjYX/1wVGKiH4KpQovhO6YIdmtABE9I=;
Received: from pc ([46.19.139.98]) by Safe-mail.net with https
Subject: Security Findings - Exploits Discovered
Date: Thu, 26 Jun 2014 03:24:58 -0400
From: becsupply@Safe-mail.net
To: support@luckyb.it
X-SMType: Regular
X-SMRef: N1B-FaLBugTE1n
Message-Id: <N1B-FaLBugTE1n@Safe-mail.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-SMSignature: NaFpzlw5r9KruAaXoi8A6cJduMZbfgJKuuZKFNVgo/XHd+Lc88Ibc654gAeDrz6f
qgFbtAUeTEUmFsk9a8edzFIM1GuAlHbqbhu5mtxX54g8tZkqFJPMizncezNpMrzT
d/wBKoKwAW9/wvaDANUYIre6UcJS3I7SUWVSYIE+pxI=
A recent penetration test of your site found the following:
Confirmed High Risk: 3
Confirmed Medium Risk: 122
Confirmed Low Risk: 84
Confirmed Informational (Information Gathering): 64
We want to help secure you and the BTC, torrent, and download services community. Our work is to exploit and report on the security of all Bitcoin, torrent, and download services online.
The following are your options:
1. Send 1.841 BTC to the following address: 16CTrB3BkSaQazoKeS3qKn9DgaofZP8p4J
- By doing so you ensure that you and ONLY you get the penetration and security report. It will be sent, then destroyed.
- You can help secure your servers from black hat hackers, and you can give a larger level of trust to your users.
2. Do nothing an ignore this email.
- The report will be published on several sites on the onion network, clearnet, torrent sites, and exploit sites such as exploitdb.
- You risk the immediate threat of having thousands of experienced hackers now targeting your site.
- If you received a High Risk notification, this indicates that you are in danger of complete compromise of your site, servers, and data.
If you decide to meet the bounty you will receive the following:
- The test ran.
- The applications used.
- Remediation tactics including OVAL & XCCDF class 4 scripts to fix your site.
- And support from us.
You have until 06/26/2014 to send 1.841 BTC to 16CTrB3BkSaQazoKeS3qKn9DgaofZP8p4J in order to gather the reports generated. Failure to do so will result in releasing the already obtained security flaws with detailed instructions on how to penetrate your site.
This is not a threat, this is securing the clearnet BTC community.
Note: Once payment has been sent, please respond to to this email with your sending address, as well as the address we can email you the reports. Typical archived size of the pdf files can exceed 10mb. Also, upon request we can send you our PGP if you wish to ask further questions, but the deadline will not be lifted nor extended.
|
|
|
|
LuckyBit - Tune of the DayPropose a tune here and it'll become the LuckyBit's 'Tune of the Day'! The tune of the day will always be announced in the message box of http://luckyb.it(The message box is in the upper left corner of the main site.) Stingleword, your tune is set! (props for being the *only* one that provides a shortened share link! ) Next in line:
|
|
|
|
woohoo!! my surprise reward arrived! thanks binaryfate & wintermute.........   i suppose i didnt have enough of these........lol really though, thanx guys! its not like you announced a prize for makin 10,000 bets, i just asked .................and im still betting! best btc gambling site on internet! what do i get if i get another 10k on my other wallet?? Glad you like it! Keep playing and have fun!  Luckily shipping was faster than expected.  |
|
|
|
LuckyBit - Tune of the DayPropose a tune here and it'll become the LuckyBit's 'Tune of the Day'! The tune of the day will always be announced in the message box of http://luckyb.it(The message box is in the upper left corner of the main site.) MICRO, your tune is set! Next in line:
|
|
|
|
LuckyBit - Tune of the DayPropose a tune here and it'll become the LuckyBit's 'Tune of the Day'! The tune of the day will always be announced in the message box of http://luckyb.it(The message box is in the upper left corner of the main site.) Aniglo, you're on! Next in line:
|
|
|
|
You're on! What tune shall be next? |
|
|
|
Tune set! So who's next? |
|
|
|
gelar24, your tune is set! What's next? Shall we cycle through all the world cup tunes of the last 20 years?  |
|
|
|
This game is so fun. Still being a bitch on yellow and green but gonna hit red soon.
Thanks, glad you like it! Check out the "Big Wins" tab to see what's possible when playing red! |
|
|
|
|
Show Posts
