Show Posts
|
Pages: [1] 2 »
|
I have been a security analyst for the past decade and crypto mining botnets are really all over the place these days, I find it highly likely with speeds like that with that much fluctuation this is very likely a botnet. Many CryptoCoin Mining malware and botnets have moved away from BTC and towards scrypt mining alt coins and more recently cpu PoW generated coins like XPM, ProtoShares and basically anything with a high value in BTC. Its a lot less noticeable to have 10 thousand or more machines using their CPU's for scrypt mining coins like DOGE or CPU mining other non scrypt coins compared to the GPU based BTC miners found in some of the older bots.(not to mention when spreading GPU mining botnets the infection campaigns need to target a specific user base, typically gamers with top of the line GFX cards). I really wish their was an easy way to fight these botnets but alas not many pool operators seem to care and those whom I have worked with to block the botnets usually felt the repercussions afterwards with DDoS attempts. If anyone out there in the security field has any ideas or is working on any projects for detecting botnets compared to miners who are actually utilizing equipment they own I would love to hear about it. Did anyone notice the top miner in Doge stats of multipool.us? The user name shows up as rwisozk.
Yesterday he was mining at 825,000 KH/s and today jumped to 1,250,000 KH/s (now it dropped to 979,901 KH/s) That's crazy, he needs to invest about $1,000,000 in equipment to mine at those rates or it is a botnet or something.
his hash rates are equal to next top 10 users combined. I think it is just increasing the difficulty for all the rest of the miners.
At very least it should be investigated and made sure it's a legit operation.
much love detro p.s Also much love to multipool <3 , Let me know if you are interested in detecting botnets hitting your pool as I recently found the URL for your pool posted in a thread on a Russian Botnet Forum as a "safe places to mine". I can assume you've seen both https://bitcointalk.org/index.php?topic=377970.0 and http://www.alienvault.com/open-threat-exchange/blog/how-cybercriminals-are-exploiting-bitcoin-and-other-virtual-currencies (and a ton more by googling "ltc botnet 2014")
|
|
|
Geez the DOGE minimum withdraw up-age seems kind of unfortunate for us small time miners, that'll take a few days to generate 10k DOGE with 1MH/s.
Also, flound have you thought about adding captcha to the login screen? I feel it would prevent a ton of these brute force attacks.
With 1Mh/s, you should be getting approximately ~9500 DOGE a day at current difficulty. I know this because that's the hashrate I have and I'm getting 10k DOGE in roughly 25 hours when I'm mining it directly on Multipool. If I'm using the switching port, it takes about 3 days (due to switching).
|
|
|
There is something shady about this company. Their hosting is located in Costa Rica a known area for cyber criminals. If this company decides to close doors and run. There is little any one can do to them. I would consider long and hard giving them your business in the future.
Their hosting isn't actually in Costa Rica. Their servers are behind CloudFlare: https://www.robtex.com/dns/coinex.pw.html?tab=result#records . CloudFlare has servers in datacenters around the world. In reality, I can guess that CoinEx's actual servers are in one of three places: Russia, US, somewhere in Europe. I know for a fact two of those are correct. Before going all wild-eyed and conspiratorial, you may want to take a step back, take a breath, and understand what their DNS records actually say. Because it's not what you think it says. And if they really were criminals (and frankly, they'd be terrible ones), they wouldn't host in Costa Rica, they'd host in eastern Europe. Dude learn something. Costa Rica is the #1 safe haven for Cyber Criminal who's targeting the US. GOOGLE IT. This is why many Rogue Online Casino owners who target USA players move there. They get away with non payment of its players. Coinex is hosting out of Costa Rica. Um, no they're not hosting in Costa Rica. Apparently you didn't look at the link I sent because then you'd see that their IP that you looked up belongs to a company called CloudFlare...which I already mentioned. You should look up what CloudFlare does. Then you should look up what CloudFlare does again because you won't get it the first time. Then realize that CoinEX has used CloudFlare for months. You would have ALSO seen that their MX record points to Yandex, a Russian company. Guess what that means? They're actually hosting in Russia or a country that has a Yandex presence, which is pretty much every former Soviet country. Just like I mentioned. Try looking up where stratum.coinex.pw (their mining pool) is hosted. Guess where that is? Romania. Where's that? Eastern Europe. Again, just like I mentioned. I somehow magically nailed where their hosting was in my previous reply without ever having looked this stuff up because it was easy to do just by knowing the MX record. So not only do you need to learn a thing or two, you just got schooled on your own theory.
|
|
|
Given that attacks against the servers and the frontend are getting more frequent, I hope TFA from Google or Authy gets implemented at some point in the future. Not comfortable logging in for the first time today to get a message about too many failed login attempts.
|
|
|
There is something shady about this company. Their hosting is located in Costa Rica a known area for cyber criminals. If this company decides to close doors and run. There is little any one can do to them. I would consider long and hard giving them your business in the future.
Their hosting isn't actually in Costa Rica. Their servers are behind CloudFlare: https://www.robtex.com/dns/coinex.pw.html?tab=result#records . CloudFlare has servers in datacenters around the world. In reality, I can guess that CoinEx's actual servers are in one of three places: Russia, US, somewhere in Europe. I know for a fact two of those are correct. Before going all wild-eyed and conspiratorial, you may want to take a step back, take a breath, and understand what their DNS records actually say. Because it's not what you think it says. And if they really were criminals (and frankly, they'd be terrible ones), they wouldn't host in Costa Rica, they'd host in eastern Europe.
|
|
|
apologies , must have missed that post.
I'm more inclined to think you didn't actually look very hard for this information. ![](https://ip.bitcointalk.org/?u=https%3A%2F%2Fphotos-1.dropbox.com%2Ft%2F0%2FAABv-xetKLhudUfd4vH_LBtCH0VuBGy7qu6j52qxoJ6IeA%2F12%2F26047663%2Fpng%2F1024x768%2F3%2F1390888800%2F0%2F2%2Fshot_140127_234350.png%2FMwQhiwKI-l2-0s2kaHbmy-skvCz6R2FuaDNO02WBB4I&t=663&c=K1HibcdWGj4AHA)
|
|
|
So you been waiting for a week with ticket 4755? I'm ticket 5256 ![Sad](https://bitcointalk.org/Smileys/default/sad.gif) Guess I'll be waiting months to get my 0.2 btc back. You don't want to know how long my previous ticket took.
|
|
|
we have right now a huge backlog on tickets. we are working on them to process them as soon as possible. some tickets we can process within a few minutes, some need more time till the sysop can take a look at them.
You always say this which means two things: 1. You need more support staff and better workflows. 2. You are working things in the wrong order (I already said this prior). CoinEX needs to fix both of these. I do your job for a living, have done it for a decade, understanding how to work a ticket queue doesn't take a lot of effort. If so many things require a sysop to perform -- which it seems just about EVERYTHING does -- you need more than one sysop. Two weeks ago, you said tickets like TFA receive priority, I've had a TFA ticket (4755) open for a week now. That's not really "priority" and as I said before, "priority" is always changing so if that's all you work on, you never work on old tickets. Clearly, this is exactly what is going on.
|
|
|
Join in Coinex. It is much better and clearer site. There is also a switching to the most profitable coin. Welcome ![Smiley](https://bitcointalk.org/Smileys/default/smiley.gif) Pray you never need Coinex support because they pretty much do not exist. I had a simple issue that took nearly 5 weeks to resolve, all because they don't know what they're doing. Now I'm stuck waiting on a ticket to resolve an authenticator issue, that's already going on for one week and I can't do anything with my account. This isn't me being alarmist or exaggerating, this is normal for their support. The last 10-15 pages of their own ANN thread are people complaining about it.
|
|
|
My last ticket with them, which was just a feature request, took a full week to get answered. I too have a TFA ticket in and I doubt I'm going to hear anything back for at least another week or two. This kind of stuff is why I stopped using them, I like their site but their support just doesn't exist.
|
|
|
Seems to be an issue with the new US Pools, specifically US-East (didn't test West). BFGminer won't connect.
The command prompt goes to black and after a few seconds BFGminer says press any key exit and that it will try again in 15s (paraphrased).
At first I hadn't changed over to the us-east (still using the old us.multipool). But still does it, after making the correction.
The EU pool works, though.
If you use the us.multipool name, it actually works as a failover between both of the new US servers, so in a way you're using either one already.
|
|
|
This seemingly random and unexplained downtime is exactly why I've been trying to pull all coins for almost a month now. No such luck so far and my ticket has gone unanswered. Won't be using Coinex for much longer, that's for sure.
|
|
|
we are sending the emails to your email addresses. I know, but QQ provider has rejected your email address, if you can't remove the block, why don't make other solution? Such as: 1.move the account coin to another account. 2.use other email box to receive the recovery email. 3.we send you the password by account email,you set it by hand. there are so much way to solve it, but you just use one reason to delay it, that's really let us despaired! So, how do you solve these QQ account recovery thing, or just give up us? We have waited from Nov.2013! What's your response? Coinex guys. You shouldn't ignore it. You keep on ignore it? WTF Having worked with QQ myself in the past, they have terrible customer service. A better question is why haven't you changed addresses to something else instead of waiting and whining for a month? I'm fairly certain erundook or future can actually change this in the back-end for you but you persist to use a broken email provider and blame Coinex for an issue with your provider.
|
|
|
My case still not processed?? Sent coins to my acct in CoinEx 1.5 days ago, and my wallet shows 1768 confirmations, and it is still not in my account in CoinEx, what the heck is going on??
do you have an open ticket? i have a list with txids we process every day manually. I have one, #3428, from almost a week ago. It's open and has been. 3428 is a withdrawal ticket... ? you said you sent coins to coinex not showing up. Uh...that's not even what my ticket says at all. In fact, my ticket doesn't even mention the word "sent" once. You must be looking at another one, which I gather to be true since no one actually replied to my ticket yet. Regardless, I'm not sure why I'd have to be waiting almost two weeks for my withdrawal to complete hence why I opened the ticket in the first place; I also didn't think I'd be waiting a week later to get an answer as to WHY this happened to begin with.
|
|
|
My case still not processed?? Sent coins to my acct in CoinEx 1.5 days ago, and my wallet shows 1768 confirmations, and it is still not in my account in CoinEx, what the heck is going on??
do you have an open ticket? i have a list with txids we process every day manually. I have one, #3428, from almost a week ago. It's open and has been.
|
|
|
any idea what ticket # they're on/recently addressed? do they process in sequence?
we process them sorted to a specific problem. like all TFA etc... right now i am waiting for sysop to arrive and see what happened and why the site is frozen. Take it from someone who answers support tickets for a living and has for nearly a decade: this is the most ass-backwards way of working. You're shuffling around issues while never getting to others because there will always be a new specific problem that supersedes whatever you wanted to get to next. Work them in the order received and when you notice patterns. flag all of those to process at the same time, i.e. a cron to fix TFAs, rather scrambling to find all of the tickets for the same issue and work on those in a batch. You're leaving a lot of other tickets (and work types) open and will likely never get to them if you continue working this way. After nearly a decade of working for web hosting companies, you learn to treat every ticket with the same priority, save for outages, etc.
|
|
|
The site is frozen. I believe it should go offline until there are no more problems with it.
Then it would likely not come back up for a month or longer, given its already long outages in December to "fix" issues that didn't exist before. I'm actually still waiting on an LTC withdraw to go through I initiated over a week ago. Even opened a ticket (3428) three days ago to no avail. If these types of issues continue, I doubt the site will be in existence for more than a few more months...and I'm saying that as someone who really likes CoinEx.
|
|
|
Hello, flound. I want to request two features at your pool.
1. User at port 7777 may select coins he want to jump at. It is good if you focused in 2-3 coins from the list and don't want to mine others. Coins from that list should be mined by profitability also. For example, I don't want to mine LTC and FTC on port 7777 because as I see their profitability and mining time is very small. Hence, you can't even withdraw them. You may select another port for such functionality.
Then you can select which ports to mine on directly and put those in you conf. What you described is currently possible already, it just requires you to be less lazy.
|
|
|
Why can't CloudFlare assist with the DDoS attacks?
It can, and does, but go back and read what they said about what the DDoS actually did and what it affected.
|
|
|
So, what's your role with Ripple? Obviously not just a patron.
A straight answer, you will not get. It's obvious this person is a part of Ripple-affiliated organization but can't say so for whatever reason. Geeze...I think I've answered this twice now, haven't I? ... My question is ... Why are do people intentionally slag off something they don't understand? Or, why be willfully ignorant? Study a concept THEN falsify it. Support your arguments with evidence...statistics, quotes and examples..... not opinions, heresay or conjecture..... ....and now that I've written that, it's painfully evident to me that I teach English..... Actually, you answered it once prior. And it's extremely suspicious when someone is so GLOWINGLY enthusiastic about Ripple, a gateway/payment system that is not only confusing (on purpose) but quite obfuscated. But yet, Ripple has been out for quite some time and pretty much no one else on this board is this enthusiastic about it, so this makes this look like some serious astroturfing job. I have not, at all, tried in any way to falsify anything about Ripple, its network, or anything about it at all, I haven't tried to falsify anything. But like I said, some quick Google-fu reveals interesting things. Such as, this is the only place you've used the handle PirateButtercup to discuss Ripple. In fact, it's only in the Newbies section of the forum as well and not in any other sub-forums. So while you are obviously over-the-moon about Ripple and its concept, if you're talking about it elsewhere, you're using another handle to do so. That in and of itself is revelatory. And like I said, other people propping up Ripple are from other forums that are Ripple/XRP-centric, so this all comes across as a giant promotion (like I said originally). This is why many people are so skeptical, it's not because of Ripple or any misunderstanding of it, it's because this looks like astroturfing.
|
|
|
|