|
I just remembered... If the transaction was initiated from a RPC command shouldn't it be registered on the debug.log? Along with the IP that made the connection and some other useful info?
|
|
|
|
The rcpallow line was set to "*" which I assume is open to all. I have reset it to 8332. The user id was two words, 11 letters, a number and a symbol. The password was just a 5 letter word. I am changing both.
rcpallowip sets the IP's allowed to access the RCP interface. 8332 is the port, not the IP. Having it set to * is an invitation to thieves. Set rcpallowip=127.0.0.1 or to any other local IP you need to access the service. Do you by any chance use that same username in pools? If you do, with only a 5 letter dictionary word as password, it would be easy to brute force if someone targeted you by taking your username and IP from some pool logs or database. |
|
|
|
Well here is a sample of the names from the ban list:
aiujiugioewg
aiuhshuewi
fdsafjiodjgew
HAIUUHGEWUI
fhiuwhgiuewhg
FDJSAJGOEW
And I'm guessing it's entirely automated cause it responded to bans regularly, not too fast not too slow. We have much more efficient ways to deal with it now, and it seems to have ceased so should be a lot better here on out.
Those look to be human made. A bot random string generator would not use letters found on close keys. The fd sa ui hu ew etc. EDIT: oops, forgot the "not" after "would". Glad you guys got it lol |
|
|
|
Not well said.
Bitcoin users need to understand that exchanges like Bitcoinica and Gox CAN, WILL, and DO separate people from their money for a weekend or longer.
I understand this is a very stressful time for a lot of people, but it is your money and your responsibility. That's the Bitcoin idea remember? The power of money is returned to the people? Well own up to it!
Haha, I was thinking the same thing. People want complete control over their money without any rules and regulations holding them back, but then are in an uproar when an unregulated company does something that they don't like without any regulations to stop them. These guys want none of that. These are the type of persons who are here for the Dollars, not for the Bitcoins  Fuck them, I say. |
|
|
|
|
no rcpallowip line in there?
Also, is the password strong?
Because even if they just knew your username, brute forcing the password on a system that does nothing to block failed login attempts will be easy if the passowrd is a dictionary word or less than 8 chars.
Does the user ID in the bitcoin.conf matches the username you use in mining pools? Mining pools are always geting hacked it would be easy to get a list of targets with valuable info.
You may well be a victim of an hacker stealing your coins on the RPC interface and not malware. Happened before.
|
|
|
|
Yeah that one was me actually. I figured it was a pretty 1337 hack. Anyhow. If they stole the private keys why would they make such a huge withdrawl? I would import those private keys into another bitcoind and make lots and lots of smaller withdrawls over the course of the next few months. Sign a message with the private key of the address 114t2bCfrmw44qgZQijNzVU75YphuyZCGk and I'll believe it was you. As it was an address on my phone I can't easily do that. Instead I'll just send you an 31337 amount of coins. Money sent to 1PKyq6aMKcCwn8cmb9Jc5SkNydLsQb5n7K. Crazy. lol Address confirmed  I'll send it back to you once they confirm Answering your little withdrawal method. That wouldn't work. They(Bitcoinica) would probably notice unauthorized transactions and sweep the entire balance themselves leaving the thieves with almost nothing. Like this they swept the entire balance and problem solved. |
|
|
|
Yeah that one was me actually. I figured it was a pretty 1337 hack. Anyhow. If they stole the private keys why would they make such a huge withdrawl? I would import those private keys into another bitcoind and make lots and lots of smaller withdrawls over the course of the next few months. Sign a message with the private key of the address 114t2bCfrmw44qgZQijNzVU75YphuyZCGk and I'll believe it was you. |
|
|
|
|
Tell him you'll only accept the deal if someone can hold the money in escrow.
|
|
|
|
Do you have reason to believe the spam is automated?
Absolutely. Can you give me some info? Do they always use the same User Agent, or does it change for each wave of postings? Just trying to narrow down which sofware they use. If I find it I may be able to help you block it  Also, is the automation only on the posting or the account registration is also automated?? |
|
|
|
this thread needs official update and fast
For official updates go here: http://bitcoinica.comPlease turn on your flash plugin and pur your speakers to the max for full effect! |
|
|
|
He's the alleged My Bitcoin "Tom Williams" who stole everyone's BTC.
This is correct. No way that's true, sorry. You plain retarded folks would reach that conclusion... If you want to find Tom Williams, head North, to Canada... Plain retarded? Erm, I was just telling the guy why Bruce Wagner was in the image. I didn't say whether I thought it was true or not. Also, calling people plain retarded on the forum makes you look rather childish yourself. Just sayin'. See my edit. That you was meant to be "only". lol I was the "guy" who asked also. The bitcoin-police gathered a lot of info about "Tom", and none of it pointed to BW, and honestly, BW's a goof, no way in hell he could've done that |
|
|
|
He's the alleged My Bitcoin "Tom Williams" who stole everyone's BTC.
This is correct. No way that's true, sorry. Only plain retarded folks would reach that conclusion... If you want to find Tom Williams, head North, to Canada... |
|
|
|
WTF is Bruce Wagner doing there  |
|
|
|
lol
FIVE 5970 and ONE 5870 for 1500 dollars free international shipping!!!!!! He will even take half payment now, ship the cards and let me test them, then let me send the other 750 after!!
Gosh, this guy must really like me. Why ever would I pass up a great deal like this?
lmfao
Yup, better to steal $750 than 0 lol |
|
|
|
|
Any chance you will respond to the email I sent yesterday to your support email about my affiliate account?
|
|
|
|
On the topic of GLBSE: <gigavps> anyway we can get the glbse site back up?
<nefario> no hope
<nefario> Im drinking tea
<gigavps> good to know
• gigavps hopes nefario is joking
⇐ gigavps (d0534964@gateway/web/freenode/ip.208.83.73.100) quit: Quit: Page closed That was a joke. 5PM(or 6PM?), tea time in UK, ya know  |
|
|
|
eh! it was j/k lol
LOL, my sense of humour is failing me today. I also didn't include a smilie, so it's understandable. I just found the name boris on your machine to be funny |
|
|
|
Taken from http://GLBSE.comGLBSE is under very heavy load
We're aware of the recent break-in at Bitcoinica and believe that GLBSE is also being targeted
We've taken GLBSE offline, including our very small hotwallet(and every bitCent is accounted for), and are taking steps to further secure our system.
We've been operating for over a year without any security incidents.
While you wait, have some fun. |
|
|
|
following. I wonder if this will even make the news.
It will make it to Gawker and Wired, for sure Not sure if we can call that "make the news" tho. So, you use the root account to perform pings(!), and the machine is called boris... Very secure indeed, Vladimir!
Who ha! If you read some dogmatic 30 year old BS addressed to noobs a-la "do not use root accounts" 1000 times, this does not mean that using a root account for pings (or whatever) on a machine(physical or virtual and of unknown to you configuration, location and purpose) is necessarily insecure. Security, my friend, is not a state it is a process. eh! it was j/k lol |
|
|
|
|
Show Posts
