|
SafeDice (OP)
|
 |
May 05, 2017, 12:37:23 PM |
|
=== disclaimer before I go into detail : this case has nothing to do with Safedice === As a dice site owner ( SAFEDICE.COM), recently I noticed on my log that there were many failed sign in attempts ( thousand of them ). Those failed attempts were using a username that does not exists on our database. However, there were also many correct attempts, probably around 20% of them. This is not a brute force attack, since each trial use a different combination of username and password. Not to mention that brute force attack will be rejected by our server. the attacker seems to have a list of username and password, this make it difficult for me to differentiate between an attack and normal login. I have a strong suspicion that the list was acquired from another bitcoin site. To all of you concerned with the safety of your account, whether its on SafeDice or another site, please always use 2FA and different password for each site. I have just created a tool for SafeDice users to check if there was suspicious login attempt on their account. You can type /amisafe in the chat room, the server will reply you with the result. For those of you just want to check your username, you can just sign up and check immediately. Again I strongly encourage everyone in bitcoin community to use 2FA whenever possible, and if there is any other bitcoin site owner has information about this please share this information. |
|
|
|
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
Slark
Legendary
 Offline
Activity: 1862
Merit: 1004
|
|
May 05, 2017, 01:54:12 PM |
|
Thanks for letting us know. You could always be silent about this issue and avoid potential PR problems.
If SafeDice wasn't compromised by any form of attack, then do you have any suspicion or theory which other casino/dice service was breached?
Was there any reports from users who complained that their online balance was stolen recently or they noted other suspicious activity?
|
|
|
|
|
7788bitcoin
Legendary
Offline
Activity: 2282
Merit: 1023
|
|
May 05, 2017, 02:01:31 PM |
|
Any further information re the source of these failed login attempts? Perhaps an email confirmation before withdrawal will help? or maybe withdrawal only allowed for logins using ip addresses from the same country/region?
|
|
|
|
|
|
moooonu
|
|
May 05, 2017, 02:26:57 PM |
|
You can use ip to verify if those accounts were opened from the ip user most often use to sign in. Otherwise send a confirmation msg to the user's email so that they can open the account from the link sent to their email or lock that account and post a notification on your site that any user who's account locked can contact you or support to get them unlock with some details like email or btc address he oftenly withdraws to.
|
|
|
|
|
|
Baryom
|
|
May 05, 2017, 02:45:26 PM
Last edit: May 05, 2017, 04:46:51 PM by Baryom |
|
I think the breach was from Bitsler.com . The admin doesn't want to reveal, but there are some account leaks happening from Bitsler website. Over 17k accounts plain text had been leaked here and another places.
I think this is very dangerous for the Bitcoin community, and bitsler admin should take some action! Many bitsler users are claiming they got their account hacked and I had my bitsler accounts stolen too.
Hey newbie account from hacker, 99% of the accounts which have been hacked have used : - a fake bot : "Bitsler bot 2017" or "Primedice bot 2017"or other bots DO NOT DO IT. or - Put their nickname/username in tis fake link giveaway https://freebitslerbtc.000webhostapp.com/index.html. DO NOT DO IT.The link's owner (you I think so) tried to extort money from us. I told him that I wanted to know the "issue" first then I will give him a bounty bug and if the 200 accounts that he had the details came from a bot/fake link I won't give anything. He didn't give us anything. By the way, we have more than 1,500,000 accounts on Bitsler. Cheers,
EDIT : These username/password combinations are not leaked, they are stolen. Only a player knows the password of his/her account and no one else(including staff because all passwords are encrypted), unless if these scam scripts/sites that steal a players information are being used, then the list will keep on growing
Bitsler will be releasing a planned update soon that will add more security futures and options for players to better protect themselves, but in the end it is up to the user to secure his/her account with the tools provided. It is advised that all players update their passwords, use 2FA if able, and not use random scripts from strangers or websites guaranteeing "100% winning results" because they are lies used to attract people that are new to gambling. |
|
|
|
|
SafeDice (OP)
|
|
May 05, 2017, 02:50:50 PM |
|
Thanks for letting us know. You could always be silent about this issue and avoid potential PR problems.
If SafeDice wasn't compromised by any form of attack, then do you have any suspicion or theory which other casino/dice service was breached?
Was there any reports from users who complained that their online balance was stolen recently or they noted other suspicious activity?
I don't store plain text password, and the encryption that I use is invulnerable to rainbow attack. My theory is that the breached service ( it doesn't have to be dice / casino site ) is not a new service, it has more than 10k active bitcoin users. One of the potentially breached account was from an old user of Safedice that I know, this is the reason of my concern. So far I don't think there was any report linked to this case. I think most of the breached account that does not use 2FA has very low balance. Any further information re the source of these failed login attempts? Perhaps an email confirmation before withdrawal will help? or maybe withdrawal only allowed for logins using ip addresses from the same country/region?
You can use ip to verify if those accounts were opened from the ip user most often use to sign in. Otherwise send a confirmation msg to the user's email so that they can open the account from the link sent to their email or lock that account and post a notification on your site that any user who's account locked can contact you or support to get them unlock with some details like email or btc address he oftenly withdraws to.
I considered this one, but I prefer our users to be anonymous. I have disabled withdrawal for suspicious account. I think the breach was from Bitsler.com . The admin doesn't want to reveal, but there are some account leaks happening from Bitsler website. Over 17k accounts plain text had been leaked here and another places.
I think this is very dangerous for the Bitcoin community, and bitsler admin should take some action! Many bitsler users are claiming they got their account hacked and I had my bitsler accounts stolen too.
I don't want to accuse anyone , I'll leave any judgement to the community |
|
|
|
coolncool
Newbie
Offline
Activity: 10
Merit: 0
|
|
May 05, 2017, 02:56:42 PM |
|
I think the breach was from Bitsler.com . The admin doesn't want to reveal, but there are some account leaks happening from Bitsler website. Over 17k accounts plain text had been leaked here and another places.
I think this is very dangerous for the Bitcoin community, and bitsler admin should take some action! Many bitsler users are claiming they got their account hacked and I had my bitsler accounts stolen too.
Hey newbie account from hacker, 99% of the accounts which have been hacked have used : - a fake bot : "Bitsler bot 2017" or "Primedice bot 2017"or other bots DO NOT DO IT. or - Put their nickname/username in tis fake link giveaway https://freebitslerbtc.000webhostapp.com/index.html. DO NOT DO IT.The link's owner (you I think so) tried to extort money from us. I told him that I wanted to know the "issue" first then I will give him a bounty bug and if the 200 accounts that he had the details came from a bot/fake link I won't give anything. He didn't give us anything. By the way, we have more than 1,500,000 accounts on Bitsler. Cheers, Dear Bitsler admin, Why you keep lying to your clients? 200 accounts, really? I send you another 3k accounts  Link: https://pastebin.com/UqeswH7N |
|
|
|
|
coolncool
Newbie
Offline
Activity: 10
Merit: 0
|
|
May 05, 2017, 04:57:26 PM |
|
If anyone is interested, i'm willing to sell 35k user accounts for bitsler website.
Pm if you are interested in buying.
~
|
|
|
|
|
|
salsa321
|
|
May 05, 2017, 05:09:15 PM |
|
i really appreciate with that tool,but maybe for more better and safe. i think you should be added email section for safe in future just advice. because ur site name is safedice,right? gracias |
|
|
|
|
|
d0flaming0
|
|
May 05, 2017, 05:19:12 PM |
|
That would also be nice and i think that makes it more safer than ever. As for me I am currently using different types of passwords from my accounts and sometimes when it has 2FA I am using it for security purposes. Sometimes i always forgot my passwords but luckily i have back-up email address where i can request for a new one which is a password that i can remember easily, as what they have suggested its also good to have or to add email because maybe one day it can be use.
|
|
|
|
|
edmundduke
Legendary
Offline
Activity: 1624
Merit: 1007
|
|
May 05, 2017, 06:20:45 PM |
|
Thanks for letting us know. You could always be silent about this issue and avoid potential PR problems.
If SafeDice wasn't compromised by any form of attack, then do you have any suspicion or theory which other casino/dice service was breached?
Was there any reports from users who complained that their online balance was stolen recently or they noted other suspicious activity?
I don't store plain text password, and the encryption that I use is invulnerable to rainbow attack. My theory is that the breached service ( it doesn't have to be dice / casino site ) is not a new service, it has more than 10k active bitcoin users. One of the potentially breached account was from an old user of Safedice that I know, this is the reason of my concern. So far I don't think there was any report linked to this case. I think most of the breached account that does not use 2FA has very low balance. Any further information re the source of these failed login attempts? Perhaps an email confirmation before withdrawal will help? or maybe withdrawal only allowed for logins using ip addresses from the same country/region?
You can use ip to verify if those accounts were opened from the ip user most often use to sign in. Otherwise send a confirmation msg to the user's email so that they can open the account from the link sent to their email or lock that account and post a notification on your site that any user who's account locked can contact you or support to get them unlock with some details like email or btc address he oftenly withdraws to.
I considered this one, but I prefer our users to be anonymous. I have disabled withdrawal for suspicious account. I think the breach was from Bitsler.com . The admin doesn't want to reveal, but there are some account leaks happening from Bitsler website. Over 17k accounts plain text had been leaked here and another places.
I think this is very dangerous for the Bitcoin community, and bitsler admin should take some action! Many bitsler users are claiming they got their account hacked and I had my bitsler accounts stolen too.
I don't want to accuse anyone , I'll leave any judgement to the community Could very well be from the Bitcointalk leak |
|
|
|
|
Slark
Legendary
Offline
Activity: 1862
Merit: 1004
|
|
May 05, 2017, 06:38:27 PM |
|
Could very well be from the Bitcointalk leak
Could be, but it is less likely to be. Bitcointalk breach was quite long time ago, if I remember well it was in May 2015. Why someone would be waiting so long to use this database just now? And it is safe to assume that every active Bitcointalk user changed password since that time. |
|
|
|
|
Patatas
Legendary
Offline
Activity: 1750
Merit: 1115
Providing AI/ChatGpt Services - PM!
|
|
May 05, 2017, 07:03:16 PM |
|
I think the breach was from Bitsler.com . The admin doesn't want to reveal, but there are some account leaks happening from Bitsler website. Over 17k accounts plain text had been leaked here and another places.
I think this is very dangerous for the Bitcoin community, and bitsler admin should take some action! Many bitsler users are claiming they got their account hacked and I had my bitsler accounts stolen too.
That certainly is a possibility.Considering bitsler uses shill accounts to upvote their polls and often requests newbie shill accounts to praise their website to get the traffic,it's pretty much possible for them to do whatever it takes to let their competition down. @safedice,how your tool works ? How does it cross verify if the accounts are actually hacked ? |
|
|
|
|
Lutpin
Copper Member
Legendary
Offline
Activity: 1876
Merit: 1874
Goodbye, Z.
|
|
May 05, 2017, 08:13:44 PM |
|
Bitsler will be releasing a planned update soon that will add more security futures and options for players to better protect themselves
Is that the maintenance you're currently performing? |
| | | | ███████
██████████
██████████
██████████
██████████
██████████
██████████
██████████
██████████
██████████
██████████
██████████
███████ | | | |
▄████████████████████████████████████████████████████████████▄
██ ▄▄▄▄▄▄ ██
██ ██████ ▄██████████▄ ████████████████████▀
██ ████████ ▄████▀ ▀████▄ ████▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
██ ████ ████ ████▀ ▀██▀ ████
██ ████ ████ ▄███▀ ████
██ ████ ████ ███▀ ████▄▄▄▄▄▄▄▄▄▄
██ ████ ████ ███ ██████████████
██ ████ ████ ███▄ ████▀▀▀▀▀▀▀▀▀▀
██ ████████████████████ ▀████ ████
██ ██████████████████████ ▀████▄ ▄██▄ ████
██ ████ ████ ▀████▄ ▄████▀ ████▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
██ ████ ████ ▀██████████▀ ████████████████████▄
██ ▀▀▀▀▀▀ ██
▀█████████████████████████████████████████████████████████████████████▀ | | |
|
|
|
|
Baryom
|
|
May 05, 2017, 08:48:21 PM |
|
Hello guys,
We will make an update at midday (GMT Time, in 2hours 30 minutes) It will last few hours.
- New deposit/withdrawal system :More instant deposits, withdrawal fee with estimation in block before confirmation.
- Password recovery by email (except for VIPs) (set an email to get this option)
- Protection against hacking : Email confirmation if a new IP address login to your account (set an email to get this option)
- New chat features
- New connected list with your friends and followers
- Fixed a lot of small bugs
- New FAQ
- New catpcha
- New tags
We are sorry for the inconvenience.
Cheers,
This is the planned maintenance yes. |
|
|
|
klf
Legendary
Offline
Activity: 1344
Merit: 1000
|
|
May 05, 2017, 10:17:57 PM |
|
I think the breach was from Bitsler.com . The admin doesn't want to reveal, but there are some account leaks happening from Bitsler website. Over 17k accounts plain text had been leaked here and another places.
I think this is very dangerous for the Bitcoin community, and bitsler admin should take some action! Many bitsler users are claiming they got their account hacked and I had my bitsler accounts stolen too.
Hey newbie account from hacker, 99% of the accounts which have been hacked have used : - a fake bot : "Bitsler bot 2017" or "Primedice bot 2017"or other bots DO NOT DO IT. or - Put their nickname/username in tis fake link giveaway https://freebitslerbtc.000webhostapp.com/index.html. DO NOT DO IT.The link's owner (you I think so) tried to extort money from us. I told him that I wanted to know the "issue" first then I will give him a bounty bug and if the 200 accounts that he had the details came from a bot/fake link I won't give anything. He didn't give us anything. By the way, we have more than 1,500,000 accounts on Bitsler. Cheers, Dear Bitsler admin, Why you keep lying to your clients? 200 accounts, really? I send you another 3k accounts Link: https://pastebin.com/UqeswH7NI don't know whether these accounts belong to bitsler or not because only admin can confirm or account owners of these accounts can confirm. But the site has given to secure your account with 2fa function then users should use it to protect their account. If any of these security breaches happen still your account will be safe. Always be safe in online. Anyway bitsler admin already updating site and our accounts we will be more safer now onwards. |
|
|
|
|
|
JanpriX
|
|
May 05, 2017, 11:16:24 PM |
|
Thank you for providing us this very vital news/information regarding the malicious attempt to your site. It is always good when an owner of a dice site (or any other bitcoin-related site) comes to public to provide very important information about its user's safety regarding its account. This just proves that these owners are very serious regarding their website's security and take responsibility to whatever happens in their site and their userbase.
|
|
|
|
|
MinerHQ
Legendary
Offline
Activity: 1456
Merit: 1023
|
|
May 06, 2017, 02:34:49 AM |
|
Thank you for providing us this very vital news/information regarding the malicious attempt to your site. It is always good when an owner of a dice site (or any other bitcoin-related site) comes to public to provide very important information about its user's safety regarding its account. This just proves that these owners are very serious regarding their website's security and take responsibility to whatever happens in their site and their userbase.
Also, it will be good if the admin comes to know these kinds of things then should immediately ask their users to change passwords to protect their accounts. Whether accounts are hacked or not all accounts will be safe after they change a password. The site looks like still under maintenance. |
|
|
|
|
|
Harry Callahan
|
|
May 06, 2017, 06:33:30 AM |
|
If anyone is interested, i'm willing to sell 35k user accounts for bitsler website.
Pm if you are interested in buying.
What is the use of these accounts,you might have created all these accounts using a bot  and if there were real accounts we could have seen more complaints from people that they lost funds and so on,since we have not heard from anyone,it is all just dump accounts,you can just shovel it in the dumpster. |
|
|
|
|
|
Shendelzare_Silkwood-
|
|
May 06, 2017, 07:34:21 AM |
|
If anyone is interested, i'm willing to sell 35k user accounts for bitsler website.
Pm if you are interested in buying.
What is the use of these accounts,you might have created all these accounts using a bot and if there were real accounts we could have seen more complaints from people that they lost funds and so on,since we have not heard from anyone,it is all just dump accounts,you can just shovel it in the dumpster. why you only sell 35k account ? 
By the way, we have more than 1,500,000 accounts on Bitsler.
|
|
|
|
|
