Bitcoin Forum
November 24, 2017, 08:43:02 PM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 3 4 »  All
  Print  
Author Topic: Monero dice seed hacked?  (Read 3668 times)
BillyBurns
Sr. Member
****
Offline Offline

Activity: 266


View Profile
October 18, 2016, 07:19:27 AM
 #1

Player is up 66k XMR in 2 days these are the rolls that just happened.. I didn't see the others but this just doesn't seem right to me.


7908821   3000.000000000000   +3000.000000000000   <49.50   46.38   07:23   PolakPotrafi
7908820   3000.000000000000   +3000.000000000000   >50.50   57.52   07:22   PolakPotrafi
7908819   1400.000000000000   +5600.000000000000   >80.20   81.28   07:22   PolakPotrafi
7908818   789.600000000000   +7106.400000000000   <9.90   2.06   07:21   PolakPotrafi
7908817   1535.200000000000   +6140.800000000000   <19.80   13.15   07:21   PolakPotrafi
7908816   935.200000000000   +8416.800000000000   >90.10   94.58   07:20   PolakPotrafi
7908815   1.000000000000   -1.000000000000   >80.20   45.19   07:20   PolakPotrafi
7908814   1.000000000000   -1.000000000000   >80.20   51.31   07:20   PolakPotrafi
7908813   1.000000000000   -1.000000000000   >80.20   24.50   07:19   PolakPotrafi
7908812   1.000000000000   -1.000000000000   >80.20   42.30   07:19   PolakPotrafi
7908811   1.000000000000   -1.000000000000   >80.20   60.60   07:19   PolakPotrafi
7908810   1.000000000000   +4.000000000000   >80.20   84.71   07:19   PolakPotrafi
7908809   1.000000000000   +4.000000000000   >80.20   87.64   07:19   PolakPotrafi
7908808   1.000000000000   -1.000000000000   >80.20   28.28   07:19   PolakPotrafi
7908807   1.000000000000   -1.000000000000   >80.20   32.78   07:19   PolakPotrafi
7908806   1.000000000000   +4.000000000000   >80.20   87.45   07:19   PolakPotrafi
7908805   100.000000000000   +400.000000000000   <19.80   17.08   07:19   PolakPotrafi
7908804   100.000000000000   +200.000000000000   <33.00   28.76   07:19   PolakPotrafi
7908803   100.000000000000   +100.000000000000   <49.50   44.78   07:18   PolakPotrafi
7908802   100.000000000000   +100.000000000000   >50.50   51.85   07:18   PolakPotrafi
7908801   100.000000000000   +100.000000000000   <49.50   18.59   07:18   PolakPotrafi
7908800   100.000000000000   +100.000000000000   <49.50   37.56   07:18   PolakPotrafi
7908799   100.000000000000   +100.000000000000   >50.50   72.20   07:18   PolakPotrafi
7908798   100.000000000000   +100.000000000000   >50.50   57.99   07:18   PolakPotrafi
7908797   100.000000000000   +100.000000000000   >50.50   62.63   07:18   PolakPotrafi
7908796   938.800000000000   -938.800000000000   <9.90   90.87   07:17   PolakPotrafi
7908795   1.000000000000   +1.000000000000   >50.50   88.01   07:15   PolakPotrafi
7908794   1.000000000000   +1.000000000000   >50.50   99.63   07:13   PolakPotrafi

1511556182
Hero Member
*
Offline Offline

Posts: 1511556182

View Profile Personal Message (Offline)

Ignore
1511556182
Reply with quote  #2

1511556182
Report to moderator
1511556182
Hero Member
*
Offline Offline

Posts: 1511556182

View Profile Personal Message (Offline)

Ignore
1511556182
Reply with quote  #2

1511556182
Report to moderator
Join ICO Now Coinlancer is Disrupting the Freelance marketplace!
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1511556182
Hero Member
*
Offline Offline

Posts: 1511556182

View Profile Personal Message (Offline)

Ignore
1511556182
Reply with quote  #2

1511556182
Report to moderator
oxygen88
Sr. Member
****
Offline Offline

Activity: 312


View Profile
October 18, 2016, 08:08:52 AM
 #2

which dice site are this bets from? that is a tons of crazy wins, the guy is rich now Cheesy
BillyBurns
Sr. Member
****
Offline Offline

Activity: 266


View Profile
October 18, 2016, 08:12:46 AM
 #3

which dice site are this bets from? that is a tons of crazy wins, the guy is rich now Cheesy

MoneroDice according to FLuffy they manually do cashouts but what I want to know is how they can prevent this from happening to someone who does it at level that is much less noticeable.

Jungian
Legendary
*
Offline Offline

Activity: 910


View Profile
October 18, 2016, 08:29:14 AM
 #4

They do look unusual. Like he knew exactly what percentage to change to in order to win.

Edit: Looks like he did and FluffyPony is on to it (according to the monerodice chat)

Maybe the seed has been compromised a long time. The site has not been running at EV (although nothing particulary strange about that).

I think Monero (XMR) is very interesting.
https://moneroeconomy.com/faq/why-monero-matters
oxygen88
Sr. Member
****
Offline Offline

Activity: 312


View Profile
October 18, 2016, 08:35:00 AM
 #5

Yes, especially this few big bets

7908821   3000.000000000000   +3000.000000000000   <49.50   46.38   07:23   PolakPotrafi
7908820   3000.000000000000   +3000.000000000000   >50.50   57.52   07:22   PolakPotrafi
7908819   1400.000000000000   +5600.000000000000   >80.20   81.28   07:22   PolakPotrafi
7908818   789.600000000000   +7106.400000000000   <9.90   2.06   07:21   PolakPotrafi - looks most unusual
7908817   1535.200000000000   +6140.800000000000   <19.80   13.15   07:21   PolakPotrafi - looks most unusual
7908816   935.200000000000   +8416.800000000000   >90.10   94.58   07:20   PolakPotrafi - looks most unusual

As if he already knew the result and he does big bets, and looking at the bet ID 8816, 8817, 8818.

This shows he knew the result beforehand, 3 continuous roll with that percentage to win, the chance is 0.000000001% in real life to hit all 3 wins.
fluffypony
Donator
Legendary
*
Offline Offline

Activity: 1232


GetMonero.org / MyMonero.com


View Profile WWW
October 18, 2016, 09:11:47 AM
 #6

Looks like they managed to grab the server seed through a leak in the API - we're busy patching it, and will rollback the naughty bets. Thankfully we process every single withdrawal manually, and most of the funds are all locked up in a cold wallet, so no money was lost. It's precisely because of the very high risk of an exploit that we don't let withdrawals process automatically!

itod
Legendary
*
Online Online

Activity: 1092


^ will code for bitcoins


View Profile
October 18, 2016, 09:19:18 AM
 #7

Quote
5 biggest win in the last 24h
22000.000000000000   PolakPotrafi
12000.000000000000   PolakPotrafi
10000.000000000000   PolakPotrafi
9352.000000000000   PolakPotrafi
8000.000000000000   PolakPotrafi
and:
Quote
5 biggest win alltime
22000.000000000000   PolakPotrafi
12000.000000000000   PolakPotrafi
10000.000000000000   PolakPotrafi
10000.000000000000   othe
10000.000000000000   othe

If he only was less greedy he could make much bigger damage. Luckily he had idiotic betting strategy regarding being painfully obvious.

EMPTY SIGNATURE SPACE
[Click here to make an offer]
NeuroticFish
Legendary
*
Offline Offline

Activity: 1316


Tooth Fairy, do you have an USB miner for me?


View Profile
October 18, 2016, 09:23:41 AM
 #8

Looks like they managed to grab the server seed through a leak in the API - we're busy patching it, and will rollback the naughty bets. Thankfully we process every single withdrawal manually, and most of the funds are all locked up in a cold wallet, so no money was lost. It's precisely because of the very high risk of an exploit that we don't let withdrawals process automatically!

It would be interesting to know if this was a custom API or a public one, meaning that maybe other sites are affected and their owners could use this news to protect their sites too.
Of course patching your own is top priority.

.BITSLER.                 ▄███
               ▄████▀
             ▄████▀
           ▄████▀  ▄██▄
         ▄████▀    ▀████▄
       ▄████▀        ▀████▄
     ▄████▀            ▀████▄
   ▄████▀                ▀████▄
 ▄████▀ ▄████▄      ▄████▄ ▀████▄
█████   ██████      ██████   █████
 ▀████▄ ▀████▀      ▀████▀ ▄████▀
   ▀████▄                ▄████▀
     ▀████▄            ▄████▀
       ▀████▄        ▄████▀
         ▀████▄    ▄████▀
           ▀████▄▄████▀
             ▀██████▀
               ▀▀▀▀
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄            
▄▄▄▄▀▀▀▀    ▄▄█▄▄ ▀▀▄         
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄      
█  ▀▄▄  ▀█▀▀ ▄      ▀████   ▀▀▄   
█ █▄  ▀▄   ▀████       ▀▀ ▄██▄ ▀▀▄
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
█  ▀▀       ▀▄▄ ▀████      ▄▄▄▀▀▀  █
█            ▄ ▀▄    ▄▄▄▀▀▀   ▄▄  █
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
█ ▄▄   ███   ▀██  █           ▀▀  █ 
█ ███  ▀██       █        ▄▄      █ 
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀  
▀▄            █        ▀▀      █  
▀▀▄   ███▄  █   ▄▄          █   
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀    
▀▀▄   █   ▀▀▄▄▄▀▀▀         
▄▄▄▄▄▄▄▄▄▄▄█▄▄▀▀▀▀              
              ▄▄▄██████▄▄▄
          ▄▄████████████████▄▄
        ▄██████▀▀▀▀▀▀▀▀▀▀██████▄
▄     ▄█████▀             ▀█████▄
██▄▄ █████▀                ▀█████
 ████████            ▄██      █████
  ████████▄         ███▀       ████▄
  █████████▀▀     ▄███▀        █████
   █▀▀▀          █████         █████
     ▄▄▄         ████          █████
   █████          ▀▀           ████▀
    █████                     █████
     █████▄                 ▄█████
      ▀█████▄             ▄█████▀
        ▀██████▄▄▄▄▄▄▄▄▄▄██████▀
          ▀▀████████████████▀▀
              ▀▀▀██████▀▀▀
            ▄▄▄███████▄▄▄
         ▄█▀▀▀ ▄▄▄▄▄▄▄ ▀▀▀█▄
       █▀▀ ▄█████████████▄ ▀▀█
     █▀▀ ███████████████████ ▀▀█
    █▀ ███████████████████████ ▀█
   █▀ ███████████████▀▀ ███████ ▀█
 ▄█▀ ██████████████▀      ▀█████ ▀█▄
███ ███████████▀▀            ▀▀██ ███
███ ███████▀▀                     ███
███ ▀▀▀▀                          ███
▀██▄                             ▄██▀
  ▀█▄                            ▀▀
    █▄       █▄▄▄▄▄▄▄▄▄█
     █▄      ▀█████████▀
      ▀█▄      ▀▀▀▀▀▀▀
        ▀▀█▄▄  ▄▄▄
            ▀▀█████
[]
smoothie
Legendary
*
Offline Offline

Activity: 2072


LEALANA Monero Physical Silver Coins


View Profile
October 18, 2016, 09:24:25 AM
 #9

#HackThatGotTrumpedByAPony
 Cheesy

███████████████████████████████████████

            ,╓p@@███████@╗╖,           
        ,p████████████████████N,       
      d█████████████████████████b     
    d██████████████████████████████æ   
  ,████²█████████████████████████████, 
 ,█████  ╙████████████████████╨  █████y
 ██████    `████████████████`    ██████
║██████       Ñ███████████`      ███████
███████         ╩██████Ñ         ███████
███████    ▐▄     ²██╩     a▌    ███████
╢██████    ▐▓█▄          ▄█▓▌    ███████
 ██████    ▐▓▓▓▓▌,     ▄█▓▓▓▌    ██████─
           ▐▓▓▓▓▓▓█,,▄▓▓▓▓▓▓▌          
           ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▌          
    ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓─  
     ²▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓╩    
        ▀▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀       
           ²▀▀▓▓▓▓▓▓▓▓▓▓▓▓▀▀`          
                   ²²²                 
███████████████████████████████████████

. ★☆ WWW.LEALANA.COM        My PGP fingerprint is A764D833.        SMOOTHIE'S HEALTH AND FITNESS JOURNAL          History of Monero development Visualization ★☆ .
LEALANA  PHYSICAL MONERO COINS 999 FINE SILVER.
 
fluffypony
Donator
Legendary
*
Offline Offline

Activity: 1232


GetMonero.org / MyMonero.com


View Profile WWW
October 18, 2016, 09:33:22 AM
 #10

It would be interesting to know if this was a custom API or a public one, meaning that maybe other sites are affected and their owners could use this news to protect their sites too.
Of course patching your own is top priority.


Custom API, so I don't think this affects anyone else. We've disabled betting in the meantime whilst we sort this out, but I really think the lesson to other operators is not to be overconfident in your code or in your setup. Everything can and will be compromised, so assume it's going to happen and put safeguards in place to handle that eventual scenario.

Jungian
Legendary
*
Offline Offline

Activity: 910


View Profile
October 18, 2016, 09:42:57 AM
 #11

It would be interesting to know if this was a custom API or a public one, meaning that maybe other sites are affected and their owners could use this news to protect their sites too.
Of course patching your own is top priority.


Custom API, so I don't think this affects anyone else. We've disabled betting in the meantime whilst we sort this out, but I really think the lesson to other operators is not to be overconfident in your code or in your setup. Everything can and will be compromised, so assume it's going to happen and put safeguards in place to handle that eventual scenario.

Do you think it could have been compromised a long time ago? Maybe the hacker got tired of milking it and just went for a big score.

I think Monero (XMR) is very interesting.
https://moneroeconomy.com/faq/why-monero-matters
fluffypony
Donator
Legendary
*
Offline Offline

Activity: 1232


GetMonero.org / MyMonero.com


View Profile WWW
October 18, 2016, 09:49:09 AM
 #12

Custom API, so I don't think this affects anyone else. We've disabled betting in the meantime whilst we sort this out, but I really think the lesson to other operators is not to be overconfident in your code or in your setup. Everything can and will be compromised, so assume it's going to happen and put safeguards in place to handle that eventual scenario.

Do you think it could have been compromised a long time ago? Maybe the hacker got tired of milking it and just went for a big score.

It's entirely possible, but one of the Monero Research Lab wrote a paper (for fun) a year ago establishing a way to analyse whether someone is cheating by determining whether they are massively changing the deviation of the site.

We run this analysis in the back all the time, so if someone was consistently cheating, even if they were using multiple accounts and small amounts, we'd see it show up because the site would (statistically speaking) be far out of the expected variance.

You can read the paper here: https://lab.getmonero.org/pubs/MRL_Monte_Carlo_Edition.pdf

NLNico
Legendary
*
hacker
Offline Offline

Activity: 1526


DiceSites.com owner


View Profile WWW
October 18, 2016, 01:22:46 PM
 #13

Looking at the expected variance is interesting, but obviously some dude who makes profits on a few accounts would be impossible to detect. Since you are publicly accepting investors (and were in loss even before this big winner), I do assume you are looking at logs to figure out if previous accounts potentially cheated? At minimum you could see which accounts accessed that specific API function? I don't think most users use the API. Besides that, potentially IPs/browsers/other info/etc can help to see if its possible someone else might have abused it.



The way this guy was betting, was clearly to show that he could cheat. IMO this could have 2 reasons:

1) "I already stole enough so I will just show you that your site has a vulnerability"
2) "I can cheat on here, but don't want to receive a reward and rather just show it off"

IMO the first reason seems more likely. It is exactly what HufflePuff (who stole 2000+ BTC) did on PD with account "RobbinHood".



In the end I am personally not an investor and I am not sure how many public investors your site has, but I am obviously just saying this for the investors. If a site like PD (which doesn't accept investments) had this, I wouldn't be bothering Stunna about "previous accounts" or anything.

hubballi
Sr. Member
****
Offline Offline

Activity: 365


VIABET.IO PRE-ICO | NOV 14


View Profile
October 18, 2016, 01:49:12 PM
 #14

Looking at the expected variance is interesting, but obviously some dude who makes profits on a few accounts would be impossible to detect. Since you are publicly accepting investors (and were in loss even before this big winner), I do assume you are looking at logs to figure out if previous accounts potentially cheated? At minimum you could see which accounts accessed that specific API function? I don't think most users use the API. Besides that, potentially IPs/browsers/other info/etc can help to see if its possible someone else might have abused it.



The way this guy was betting, was clearly to show that he could cheat. IMO this could have 2 reasons:

1) "I already stole enough so I will just show you that your site has a vulnerability"
2) "I can cheat on here, but don't want to receive a reward and rather just show it off"

IMO the first reason seems more likely. It is exactly what HufflePuff (who stole 2000+ BTC) did on PD with account "RobbinHood".



In the end I am personally not an investor and I am not sure how many public investors your site has, but I am obviously just saying this for the investors. If a site like PD (which doesn't accept investments) had this, I wouldn't be bothering Stunna about "previous accounts" or anything.

What you told is absolutely correct, the way he was betting on continuous bets it is clear that he has done it wantedly to know the site that they have been hacked and the site seed key is known to others who are cheating the site.

      ▄▄████████▄▄
   ▄███▀▀      ▀▀███▄
  ██▀              ▀██
 ██                   █
█     ██  ██     ███ 
 █   ██   ██    ██ ██
  ██ ██    ██   ██   
█  ██     ██  ██     █     
 █                   ██
  ██▄              ▄██
   ▀███▄▄      ▄▄███▀
      ▀▀████████▀▀
██  ██
██  ██
██  ██
██  ██
██  ██
██  ██
██  ██
██  ██
██  ██
██  ██
██  ██
██  ██
WORLD’S FIRST CLOUD BETTING PLATFORM
♦    Whitepaper  Bounty  Telegram  Twitter  Facebook   
██  ██
██  ██
██  ██
██  ██
██  ██
██  ██
██  ██
██  ██
██  ██
██  ██
██  ██
██  ██
      ▄▄████████▄▄
   ▄███▀▀      ▀▀███▄
  ██▀              ▀██
 █████      ██
██       ██           ██
██       ██▄       ██
██       ██▀▀       ██
██       ██           ██
 ██      ██
  ██▄              ▄██
   ▀███▄▄      ▄▄███▀
      ▀▀████████▀▀
NeuroticFish
Legendary
*
Offline Offline

Activity: 1316


Tooth Fairy, do you have an USB miner for me?


View Profile
October 18, 2016, 01:54:09 PM
 #15

What you told is absolutely correct, the way he was betting on continuous bets it is clear that he has done it wantedly to know the site that they have been hacked and the site seed key is known to others who are cheating the site.

I think that there's still a chance he didn't know the withdraw is processed manually and got greedy.

A white hat hacker would have told the owner, not like this.
Somebody who would try only to show off would mean that 66k XMR (over 400 000 $) means nothing to him, since he already stole more than that.

.BITSLER.                 ▄███
               ▄████▀
             ▄████▀
           ▄████▀  ▄██▄
         ▄████▀    ▀████▄
       ▄████▀        ▀████▄
     ▄████▀            ▀████▄
   ▄████▀                ▀████▄
 ▄████▀ ▄████▄      ▄████▄ ▀████▄
█████   ██████      ██████   █████
 ▀████▄ ▀████▀      ▀████▀ ▄████▀
   ▀████▄                ▄████▀
     ▀████▄            ▄████▀
       ▀████▄        ▄████▀
         ▀████▄    ▄████▀
           ▀████▄▄████▀
             ▀██████▀
               ▀▀▀▀
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄            
▄▄▄▄▀▀▀▀    ▄▄█▄▄ ▀▀▄         
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄      
█  ▀▄▄  ▀█▀▀ ▄      ▀████   ▀▀▄   
█ █▄  ▀▄   ▀████       ▀▀ ▄██▄ ▀▀▄
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
█  ▀▀       ▀▄▄ ▀████      ▄▄▄▀▀▀  █
█            ▄ ▀▄    ▄▄▄▀▀▀   ▄▄  █
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
█ ▄▄   ███   ▀██  █           ▀▀  █ 
█ ███  ▀██       █        ▄▄      █ 
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀  
▀▄            █        ▀▀      █  
▀▀▄   ███▄  █   ▄▄          █   
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀    
▀▀▄   █   ▀▀▄▄▄▀▀▀         
▄▄▄▄▄▄▄▄▄▄▄█▄▄▀▀▀▀              
              ▄▄▄██████▄▄▄
          ▄▄████████████████▄▄
        ▄██████▀▀▀▀▀▀▀▀▀▀██████▄
▄     ▄█████▀             ▀█████▄
██▄▄ █████▀                ▀█████
 ████████            ▄██      █████
  ████████▄         ███▀       ████▄
  █████████▀▀     ▄███▀        █████
   █▀▀▀          █████         █████
     ▄▄▄         ████          █████
   █████          ▀▀           ████▀
    █████                     █████
     █████▄                 ▄█████
      ▀█████▄             ▄█████▀
        ▀██████▄▄▄▄▄▄▄▄▄▄██████▀
          ▀▀████████████████▀▀
              ▀▀▀██████▀▀▀
            ▄▄▄███████▄▄▄
         ▄█▀▀▀ ▄▄▄▄▄▄▄ ▀▀▀█▄
       █▀▀ ▄█████████████▄ ▀▀█
     █▀▀ ███████████████████ ▀▀█
    █▀ ███████████████████████ ▀█
   █▀ ███████████████▀▀ ███████ ▀█
 ▄█▀ ██████████████▀      ▀█████ ▀█▄
███ ███████████▀▀            ▀▀██ ███
███ ███████▀▀                     ███
███ ▀▀▀▀                          ███
▀██▄                             ▄██▀
  ▀█▄                            ▀▀
    █▄       █▄▄▄▄▄▄▄▄▄█
     █▄      ▀█████████▀
      ▀█▄      ▀▀▀▀▀▀▀
        ▀▀█▄▄  ▄▄▄
            ▀▀█████
[]
fluffypony
Donator
Legendary
*
Offline Offline

Activity: 1232


GetMonero.org / MyMonero.com


View Profile WWW
October 18, 2016, 02:17:51 PM
 #16

Looking at the expected variance is interesting, but obviously some dude who makes profits on a few accounts would be impossible to detect. Since you are publicly accepting investors (and were in loss even before this big winner), I do assume you are looking at logs to figure out if previous accounts potentially cheated? At minimum you could see which accounts accessed that specific API function? I don't think most users use the API. Besides that, potentially IPs/browsers/other info/etc can help to see if its possible someone else might have abused it.



The way this guy was betting, was clearly to show that he could cheat. IMO this could have 2 reasons:

1) "I already stole enough so I will just show you that your site has a vulnerability"
2) "I can cheat on here, but don't want to receive a reward and rather just show it off"

IMO the first reason seems more likely. It is exactly what HufflePuff (who stole 2000+ BTC) did on PD with account "RobbinHood".



In the end I am personally not an investor and I am not sure how many public investors your site has, but I am obviously just saying this for the investors. If a site like PD (which doesn't accept investments) had this, I wouldn't be bothering Stunna about "previous accounts" or anything.

Yes we're taking a look at the API logs, and correlating it against recent betters. We'll weed out any other accounts he has;)

Daffadile
Hero Member
*****
Offline Offline

Activity: 616

Altcom


View Profile
October 18, 2016, 04:23:48 PM
 #17

So.... When someone is unlucky and gets 21 loses in a row you say nothing but as soon as someone makes a whole lot of wins in a row you get jealous ?? Lol ok.....

Just like a losing streak a  winning steak can happen too. Also what difference would it make if you saw his other rolls ? It is pure luck.



                                                                                                                                                 
    █████╗ ██╗     ████████╗ ██████╗ ██████╗ ███╗   ███╗███╗   ███╗██╗   ██╗███╗   ██╗██╗████████╗██╗   ██╗       ██████╗ ██████╗ ██╗███╗   ██╗  
   ██╔══██╗██║     ╚══██╔══╝██╔════╝██╔═══██╗████╗ ████║████╗ ████║██║   ██║████╗  ██║██║╚══██╔══╝╚██╗ ██╔╝      ██╔════╝██╔═══██╗██║████╗  ██║  
   ███████║██║        ██║   ██║     ██║   ██║██╔████╔██║██╔████╔██║██║   ██║██╔██╗ ██║██║   ██║    ╚████╔╝       ██║     ██║   ██║██║██╔██╗ ██║  
   ██╔══██║██║        ██║   ██║     ██║   ██║██║╚██╔╝██║██║╚██╔╝██║██║   ██║██║╚██╗██║██║   ██║     ╚██╔╝        ██║     ██║   ██║██║██║╚██╗██║  
   ██║  ██║███████╗   ██║   ╚██████╗╚██████╔╝██║ ╚═╝ ██║██║ ╚═╝ ██║╚██████╔╝██║ ╚████║██║   ██║      ██║         ╚██████╗╚██████╔╝██║██║ ╚████║  
   ╚═╝  ╚═╝╚══════╝   ╚═╝    ╚═════╝ ╚═════╝ ╚═╝     ╚═╝╚═╝     ╚═╝ ╚═════╝ ╚═╝  ╚═══╝╚═╝   ╚═╝      ╚═╝          ╚═════╝ ╚═════╝ ╚═╝╚═╝  ╚═══╝  

    █████╗        ▄▄█▄▄╗       █████╗   
  ██████████╗  ██████████╗  ██████████╗ 
█████████████═╗██████████║ █████████████╗
██████████████║██████████║██████████████║
 ████████████╔╝██████████║ ████████████╔╝
  █████████╔═╝████████████╗  ████████╔═╝
   ╚═══════╝ ██████████████╗ ╚═══════╝  
 ████╗   ██████████████████████╗   ███╗ 
 ██████████████████████████████████████╗
███████████████████║████████████████████╗
██████████████████╔╝  ██████████████████║
████████████████╔═╝     ████████████████║
 █████████████╔═╝         █████████████╔╝
 ████████████╔╝            ████████████║
  ██████████╔╝              ██████████╔╝
   █████████║               ████████╔═╝ 
     ██████╔╝               ███████╔╝
       ████║                ████╔══╝    
          █║                █╔══╝       
          ╚╝                ╚╝          


                                                                                                                                                                    
   ██╗    ██╗███████╗       ██████╗ ███████╗ ██████╗██╗██████╗ ███████╗       ████████╗██╗  ██╗███████╗        ███████╗██╗   ██╗████████╗██╗   ██╗██████╗ ███████╗  
   ██║    ██║██╔════╝       ██╔══██╗██╔════╝██╔════╝██║██╔══██╗██╔════╝       ╚══██╔══╝██║  ██║██╔════╝        ██╔════╝██║   ██║╚══██╔══╝██║   ██║██╔══██╗██╔════╝  
   ██║ █╗ ██║█████╗         ██║  ██║█████╗  ██║     ██║██║  ██║█████╗            ██║   ███████║█████╗          █████╗  ██║   ██║   ██║   ██║   ██║██████╔╝█████╗    
   ██║███╗██║██╔══╝         ██║  ██║██╔══╝  ██║     ██║██║  ██║██╔══╝            ██║   ██╔══██║██╔══╝          ██╔══╝  ██║   ██║   ██║   ██║   ██║██╔══██╗██╔══╝    
   ╚███╔███╔╝███████╗       ██████╔╝███████╗╚██████╗██║██████╔╝███████╗          ██║   ██║  ██║███████╗        ██║     ╚██████╔╝   ██║   ╚██████╔╝██║  ██║███████╗  
    ╚══╝╚══╝ ╚══════╝       ╚═════╝ ╚══════╝ ╚═════╝╚═╝╚═════╝ ╚══════╝          ╚═╝   ╚═╝  ╚═╝╚══════╝        ╚═╝      ╚═════╝    ╚═╝    ╚═════╝ ╚═╝  ╚═╝╚══════╝  
 ANN  BOUNTY  SONOHUB  eSPORTS  WEBWALLET 
BillyBurns
Sr. Member
****
Offline Offline

Activity: 266


View Profile
October 18, 2016, 04:27:46 PM
 #18

So.... When someone is unlucky and gets 21 loses in a row you say nothing but as soon as someone makes a whole lot of wins in a row you get jealous ?? Lol ok.....

Just like a losing streak a  winning steak can happen too. Also what difference would it make if you saw his other rolls ? It is pure luck.

Yeah its not very weird for him to make all those 1Xmr bets and lose every single one of those and then win all of these huge bets with tiny win % over and over, the only big bet he lost was the first one where he made a mistake... ohh and on top of all those rolls be up another 33k xmr.

RHavar
Legendary
*
Offline Offline

Activity: 1148


head of customer success @ bustabit


View Profile WWW
October 18, 2016, 04:41:06 PM
 #19

The way this guy was betting, was clearly to show that he could cheat. IMO this could have 2 reasons:

If the attack was super simple (e.g. the server was blindly giving the user the server seed) it's also possible it was a non-sophisticated attacker that got hold it of it, and was just dumb enough to not even try to cover his tracks better.  I actually believe this recently happened to PrimeDice in their latest upgrade, with something along the lines of the beta server was a fork of the production server and someone realized this and revealed their server seed and abused the crap out of it to the point it was super obvious. I also heard about another bitcoin site where someone social engineered their way into getting root credentials to the server, but was sufficiently unsophisticated he couldn't figure out how to withdraw the bitcoins.


That said, this is basically a nightmare situation for an investment site. Let's say they suspect or find out that the attacker actually had been abusing this before, who should be on the hook? The investors or the site? Kind of strange how no site ever clarifies that

bustabit.com :: The social bitcoin gambling site
BillyBurns
Sr. Member
****
Offline Offline

Activity: 266


View Profile
October 18, 2016, 05:05:37 PM
 #20

The way this guy was betting, was clearly to show that he could cheat. IMO this could have 2 reasons:

If the attack was super simple (e.g. the server was blindly giving the user the server seed) it's also possible it was a non-sophisticated attacker that got hold it of it, and was just dumb enough to not even try to cover his tracks better.  I actually believe this recently happened to PrimeDice in their latest upgrade, with something along the lines of the beta server was a fork of the production server and someone realized this and revealed their server seed and abused the crap out of it to the point it was super obvious. I also heard about another bitcoin site where someone social engineered their way into getting root credentials to the server, but was sufficiently unsophisticated he couldn't figure out how to withdraw the bitcoins.


That said, this is basically a nightmare situation for an investment site. Let's say they suspect or find out that the attacker actually had been abusing this before, who should be on the hook? The investors or the site? Kind of strange how no site ever clarifies that

Look at his bet pattern and the outcomes of the bets, its extremely obvious he was intentionally showing he could cheat.

Pages: [1] 2 3 4 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!