Bitcoin Forum
December 14, 2024, 06:44:48 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 ... 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 [337] 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 ... 1154 »
  Print  
Author Topic: [4+ EH] Slush Pool (slushpool.com); Overt AsicBoost; World First Mining Pool  (Read 4382723 times)
nottm28
Hero Member
*****
Offline Offline

Activity: 574
Merit: 500



View Profile
April 24, 2013, 03:28:07 PM
 #6721

It's possible than when the site does come back online, the attackers could quickly log in as some of us, change our bitcoin address to be theirs, lower our payment thresholds and steal our confirmed coins...
Or am I being paranoid...

donations not accepted
wigsgiw
Newbie
*
Offline Offline

Activity: 18
Merit: 0



View Profile
April 24, 2013, 03:30:29 PM
 #6722

What about the user database?  Was it compromised?  I'd hate to see bitcoins sent to the wrong address.

I have a database snapshot taken before bad guys overtook the database. So there's no reason to think payout addresses have been modified. Any change of wallet on pool profile requires email confirmation by account owner so I think we're on safe side here.

Unfortunately the user database can be considered as compromised, so the attacker knows user's emails :-(.
How were the passwords hashed?
never answer that!!!

let me rephrase: were the passwords securely hashed?

And salted?

Not to preach to you, but this is a perfect example why everyone should use unique passwords on every website.

I personally use 20+ character randomly generated passwords thanks to LastPass.  Makes secure password management so easy.

I am assuming the worst that they wore not hashed and salted. No word on the matter suggests that is possibly the case? I'd like to know either way. Embarrassing as it may be.

Slush has been doing this for years, and it is 2013 not 2008. We can all safely assume that passwords were at least SHA hashed and salted.

No word on the matter is because the man is slaving away, on no sleep, to get everything back up and operational after a severe inside-job hack attempt.

Many props to you Slush, your efforts are greatly appreciated!
theowalpott
Member
**
Offline Offline

Activity: 80
Merit: 10


View Profile
April 24, 2013, 03:34:36 PM
 #6723

It's possible than when the site does come back online, the attackers could quickly log in as some of us, change our bitcoin address to be theirs, lower our payment thresholds and steal our confirmed coins...
Or am I being paranoid...

No, even if they have your login details changing the payout address needs email confirmation, so unless the attacker(s) have access to your email too they can't change your payout address.

1FwGATm6eU5dSiTp2rpazV5u3qwbx1fuDn
Jay_Pal
Legendary
*
Offline Offline

Activity: 1493
Merit: 1003



View Profile
April 24, 2013, 03:35:32 PM
 #6724

What about the user database?  Was it compromised?  I'd hate to see bitcoins sent to the wrong address.

I have a database snapshot taken before bad guys overtook the database. So there's no reason to think payout addresses have been modified. Any change of wallet on pool profile requires email confirmation by account owner so I think we're on safe side here.

Unfortunately the user database can be considered as compromised, so the attacker knows user's emails :-(.
How were the passwords hashed?
never answer that!!!

let me rephrase: were the passwords securely hashed?

And salted?

Not to preach to you, but this is a perfect example why everyone should use unique passwords on every website.

I personally use 20+ character randomly generated passwords thanks to LastPass.  Makes secure password management so easy.

I am assuming the worst that they wore not hashed and salted. No word on the matter suggests that is possibly the case? I'd like to know either way. Embarrassing as it may be.

Slush has been doing this for years, and it is 2013 not 2008. We can all safely assume that passwords were at least SHA hashed and salted.

No word on the matter is because the man is slaving away, on no sleep, to get everything back up and operational after a severe inside-job hack attempt.

Many props to you Slush, your efforts are greatly appreciated!
+1

Best faucet EVER! - Freebitco.in
Don't Panic... - 1G8zjUzeZBfJpeCbz1MLTc6zQHbLm78vKc
Why not mine from the browser?
digital
Hero Member
*****
Offline Offline

Activity: 490
Merit: 500


View Profile
April 24, 2013, 03:36:58 PM
 #6725

It's possible than when the site does come back online, the attackers could quickly log in as some of us, change our bitcoin address to be theirs, lower our payment thresholds and steal our confirmed coins...
Or am I being paranoid...

Your being paranoid.  Slush has the account passwords protected.  And even if they do manage to gain access to some accounts, Slush will see the unusual activity immediately and put a stop to it.  Like I said earlier, he likely won't enable payouts right away.  He will wait to make sure everything is on track.

He is very security conscious, and always does his due diligence.  That's why he has so many lifers mining for him...

If I help you out: 17QatvSdciyv2zsdAbphDEUzST1S6x46c3
References (bitcointalk.org/index.php?topic=): 50051.20  50051.100  53668.0  53788.0  53571.0  53571.0  52212.0  50729.0  114804.0  115468  78106  69061  58572  54747
Valle
Full Member
***
Offline Offline

Activity: 177
Merit: 101


View Profile
April 24, 2013, 03:37:29 PM
 #6726

So, can anyone described what's going on and when it is supposed to be fixed?
Jay_Pal
Legendary
*
Offline Offline

Activity: 1493
Merit: 1003



View Profile
April 24, 2013, 03:39:43 PM
 #6727

So, can anyone described what's going on and when it is supposed to be fixed?

Sure!!!
Here you go: https://bitcointalk.org/index.php?topic=1976.msg1925445#msg1925445

Best faucet EVER! - Freebitco.in
Don't Panic... - 1G8zjUzeZBfJpeCbz1MLTc6zQHbLm78vKc
Why not mine from the browser?
OskarLoderr
Newbie
*
Offline Offline

Activity: 10
Merit: 0


View Profile
April 24, 2013, 04:19:11 PM
 #6728

What about the user database?  Was it compromised?  I'd hate to see bitcoins sent to the wrong address.

I have a database snapshot taken before bad guys overtook the database. So there's no reason to think payout addresses have been modified. Any change of wallet on pool profile requires email confirmation by account owner so I think we're on safe side here.

Unfortunately the user database can be considered as compromised, so the attacker knows user's emails :-(.
How were the passwords hashed?
never answer that!!!

let me rephrase: were the passwords securely hashed?

And salted?

Not to preach to you, but this is a perfect example why everyone should use unique passwords on every website.

I personally use 20+ character randomly generated passwords thanks to LastPass.  Makes secure password management so easy.

I am assuming the worst that they wore not hashed and salted. No word on the matter suggests that is possibly the case? I'd like to know either way. Embarrassing as it may be.
He already said that passwords were salted and hashed earlier in the thread and that you didn't have to worry about passwords being compromised.
TiborB
Member
**
Offline Offline

Activity: 83
Merit: 10


View Profile
April 24, 2013, 04:20:32 PM
 #6729

So, can anyone described what's going on and when it is supposed to be fixed?

Sure!!!
Here you go: https://bitcointalk.org/index.php?topic=1976.msg1925445#msg1925445

Status quo in a nutshell:

* mining now happens on EC2 instances, DNS records for stratum.bitcoin.cz have been updated
* you might need to restart long running workers & make sure DNS changes propagated to you. Use netstat & nslookup, or just flush the dns cache and restart workers.
https://bitcointalk.org/index.php?topic=1976.msg1926436#msg1926436
* the website is not up at the moment, but mining is possible

Hope this helps,
   T

nybbler905
Full Member
***
Offline Offline

Activity: 213
Merit: 100



View Profile
April 24, 2013, 04:35:58 PM
 #6730

It's possible than when the site does come back online, the attackers could quickly log in as some of us, change our bitcoin address to be theirs, lower our payment thresholds and steal our confirmed coins...
Or am I being paranoid...
PARANOID and with good reason...
it took me a while to re-set my bitcoin address ( was online one that I later read was untrusted PRE-DDos attacks on Slush's and had the ' fun ' of waiting for confirmation emails )
so even if they did get your password, tryed to change your bitcoin wallet id, there is still hope that neither you or the attacker can get access by logging in and setting payout to some really high number ( like over 50.0 BTC )
Worst case senario.... both you and the attacker are locked out of the earned BTC until you ( or the attacker ) can convince Slush to let the coins out of the wallet.

He did get a database snapshot so there should be enough info there to see what goes where apropriatly.
I'm not too worried about possible coin theft as I am still CPU mining and have earned ( not from Slush yet, still too slow for that kind of coin ) 1/9th the BTC for what some call an ' intro GPU miner card ' and will be workin all the free BTC sites as hard as my mining rig to get as much as fast as possible to get that kind of hash power and doubt i'll ever move from Slush's pool ( unless it gets to over 50.5% )

Always looking for donations even as low as 1uBTC
14XfpYPdtYiGoEiDcKrSzuvBM3ukhwANUh - BTC
LS7FEfu9ajp3NQcDjui9TSKscwQesj9i8k - LTC
LHe9g5ixMyfdtqAEHU5vErG1eQrDshBFRW -Luckycoin
Kruncha
Sr. Member
****
Offline Offline

Activity: 644
Merit: 250



View Profile
April 24, 2013, 04:38:43 PM
 #6731

I put my miner back online last night after Slush said that stratum.bitcoin.cz was good to go. I didn't even think to check where the DNS was resolving to. After reading some posts this morning I figured I'd better check. What I have is in the image below and I think it's important that Slush be informed. I'm mining through the stratum proxy that Slush provided. If what I'm seeing is correct then I've been providing 700mhash to the hackers for 15 hours.



K.
jerethdaminer
Member
**
Offline Offline

Activity: 84
Merit: 10


View Profile
April 24, 2013, 04:40:41 PM
 #6732

they may be hashed and salted but were they peppered Tongue failing that can we keell the person who hacked him
DoomDumas
Legendary
*
Offline Offline

Activity: 1002
Merit: 1000


Bitcoin


View Profile
April 24, 2013, 04:53:21 PM
 #6733


Quote from: anti
The bitcoins I have earned on this pool should have been confimed and payed out by now, because last time I checked (about 2 hours before the break-in) it was about 30 confirmations away from being confirmed with respect to my payout minimum. However, no payouts have occurred as of now. I guess this is also because the pool was hacked? When can we expect the payouts to continue? I mean the BTC prices are quite good at the moment and I'd very like to sell before they fall again. Please fix this soon! Thanks!

I wont sell any satoshi until 1 BTC worth more than 1000$...  in or before 2014 for sure !!  Smiley
nottm28
Hero Member
*****
Offline Offline

Activity: 574
Merit: 500



View Profile
April 24, 2013, 05:03:06 PM
 #6734

It's possible than when the site does come back online, the attackers could quickly log in as some of us, change our bitcoin address to be theirs, lower our payment thresholds and steal our confirmed coins...
Or am I being paranoid...

No, even if they have your login details changing the payout address needs email confirmation, so unless the attacker(s) have access to your email too they can't change your payout address.

Thanks

donations not accepted
DoomDumas
Legendary
*
Offline Offline

Activity: 1002
Merit: 1000


Bitcoin


View Profile
April 24, 2013, 05:08:33 PM
 #6735

It's possible than when the site does come back online, the attackers could quickly log in as some of us, change our bitcoin address to be theirs, lower our payment thresholds and steal our confirmed coins...
Or am I being paranoid...

IIRC, changing paiment adress need to be confirmed by email, so if your email password is'nt compromised, no problem at all here !
AngelusWebDesign
Sr. Member
****
Offline Offline

Activity: 392
Merit: 250


View Profile
April 24, 2013, 05:14:29 PM
 #6736

What about the um... secret URL that we were given by e-mail?

I just checked that URL, and it resolves to 95.x.x.x -- sounds like the OLD server.

Then I checked stratum.mining.cz and it resolves to the right IP address.

I've been mining at the address that starts with V for the good part of a day -- am I still going to get paid?

Lucko
Hero Member
*****
Offline Offline

Activity: 826
Merit: 1000



View Profile
April 24, 2013, 05:20:13 PM
 #6737

It's possible than when the site does come back online, the attackers could quickly log in as some of us, change our bitcoin address to be theirs, lower our payment thresholds and steal our confirmed coins...
Or am I being paranoid...

IIRC, changing paiment adress need to be confirmed by email, so if your email password is'nt compromised, no problem at all here !

Well Slush mail also wasn't compromised and they got a link for reset... But yes it is always some uncertainty. 100% security doesn't exist... We are probably not big enough to worry about that... If you are worried about that decrease automatic payout limit...
slush (OP)
Legendary
*
Offline Offline

Activity: 1386
Merit: 1097



View Profile WWW
April 24, 2013, 05:23:56 PM
 #6738

I'm having some troubles while setting up new database server, so all this is taking longer time than I expected. But I'm still working on it.

bigb159
Full Member
***
Offline Offline

Activity: 163
Merit: 100



View Profile
April 24, 2013, 05:30:43 PM
 #6739

A tracert resolved stratum.bitcoin.cz to a compute.amazonaws.com [50.112.*.*].
Things are working fine for me.
Valle
Full Member
***
Offline Offline

Activity: 177
Merit: 101


View Profile
April 24, 2013, 05:36:23 PM
 #6740

Thanks everyone, that explains. One more question - is there a way to check miner status/bitcoins amount mined etc? Maybe some json api is functional?

So, can anyone described what's going on and when it is supposed to be fixed?

Sure!!!
Here you go: https://bitcointalk.org/index.php?topic=1976.msg1925445#msg1925445

Status quo in a nutshell:

* mining now happens on EC2 instances, DNS records for stratum.bitcoin.cz have been updated
* you might need to restart long running workers & make sure DNS changes propagated to you. Use netstat & nslookup, or just flush the dns cache and restart workers.
https://bitcointalk.org/index.php?topic=1976.msg1926436#msg1926436
* the website is not up at the moment, but mining is possible

Hope this helps,
   T


Pages: « 1 ... 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 [337] 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 ... 1154 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!