NoWhammies
Member
 Offline
Activity: 62
Merit: 10
|
 |
April 23, 2013, 11:27:28 PM |
|
 Slush, you are a God. I'm surprised I even have permission to -reply- in a thread created by the great one.
|
|
|
|
|
slush (OP)
Legendary
Offline
Activity: 1386
Merit: 1097
|
|
April 23, 2013, 11:27:52 PM |
|
About migration to EC2 - I have Stratum servers running there, they were not used because they're more expensive than OVH servers. But once I'll setup database + website to trusted machines, I can start the pool very soon. Unfortunately EC2 instances doesn't fit for database server at current architecture, so I cannot run database at Amazon right now.
|
|
|
|
stanke
Newbie
Offline
Activity: 12
Merit: 0
|
|
April 23, 2013, 11:29:32 PM |
|
Hi Slush, I wrote you after last ddos an email from gentoo64 if u need some help just pm me or write me on jabber the account is the same as the mail is send from. I have some servers where you can run it atleast till you find some secure place.
|
|
|
|
|
roukkie
Newbie
Offline
Activity: 29
Merit: 0
|
|
April 23, 2013, 11:30:03 PM |
|
why they will hack slush pool especially???
|
|
|
|
|
|
Lucko
|
|
April 23, 2013, 11:31:31 PM |
|
Slush there is a big buble on a BTC-e for NMC. Is there a way to get them there?
|
|
|
|
|
slush (OP)
Legendary
Offline
Activity: 1386
Merit: 1097
|
|
April 23, 2013, 11:33:27 PM |
|
why they will hack slush pool especially???
I think because this was, similarly to Linode issue, an inside job. I don't have any indices that other bitcoin-related servers at OVH has been hacked as well (yet), but the scenario how all this happen indicates that somebody has been able to get password recovery email somehow. And what's the salary of administrator of OVH mailing server? |
|
|
|
dellnull
Newbie
Offline
Activity: 30
Merit: 0
|
|
April 23, 2013, 11:34:28 PM |
|
Damn!! To me it sounds like an override of OVH password manager.... I hope you find out how they did. And I'm impressed by your respone-time on this hack.
|
|
|
|
|
|
Lucko
|
|
April 23, 2013, 11:35:33 PM |
|
Damn!! To me it sounds like an override of OVH password manager.... I hope you find out how they did. And I'm impressed by your respone-time on this hack.
+100000000 |
|
|
|
|
|
nottm28
|
|
April 23, 2013, 11:36:39 PM |
|
why they will hack slush pool especially???
I think because this was, similarly to Linode issue, an inside job. I don't have any indices that other bitcoin-related servers at OVH has been hacked as well (yet), but the scenario how all this happen indicates that somebody has been able to get password recovery email somehow. And what's the salary of administrator of OVH mailing server? 20-30k UKP - indeed... |
donations not accepted
|
|
|
roukkie
Newbie
Offline
Activity: 29
Merit: 0
|
|
April 23, 2013, 11:38:50 PM |
|
why they will hack slush pool especially???
I think because this was, similarly to Linode issue, an inside job. I don't have any indices that other bitcoin-related servers at OVH has been hacked as well (yet), but the scenario how all this happen indicates that somebody has been able to get password recovery email somehow. And what's the salary of administrator of OVH mailing server? you think ddos and hack are connected??? |
|
|
|
|
paraipan
In memoriam
Legendary
Offline
Activity: 924
Merit: 1004
Firstbits: 1pirata
|
|
April 23, 2013, 11:38:50 PM |
|
Damn!! To me it sounds like an override of OVH password manager.... I hope you find out how they did. And I'm impressed by your respone-time on this hack.
And you sound like the hacker if you ask me...  Hope is all well Slush! |
BTCitcoin: An Idea Worth Saving - Q&A with bitcoins on rugatu.com - Check my rep
|
|
|
|
Trance104
|
|
April 23, 2013, 11:40:14 PM |
|
I'm not able to mine currently.. Even though the site says I can. :-(
|
|
|
|
|
|
ZephramC
|
|
April 23, 2013, 11:44:01 PM |
|
Very impressive response! I hope things will settle soon. OVH has probably some explaining to do.
|
|
|
|
|
PuertoLibre
Legendary
Offline
Activity: 1890
Merit: 1003
|
|
April 23, 2013, 11:44:38 PM |
|
So none of our earned bitcoins will be lost?
Ack. It is an old hack that might be worth checking in your mail options. You might want to consider checking your inbox for any Forwarders. There is a way in most email systems for people to forward mail received in an account to another destination. The original mail still remains at the account but duplicates are normally forwarded to a second destination. The forwarding process is usually not obvious until you inspect your settings carefully. This kind of hack means that you only need to compromise the account once, as once the forwarding is set, the account continues to transparently duplicate and forward the new mail to a second destination. Does not matter if you regain control of the account. It also does not require a person to check the content of the inbox as they get a copy at their forwarded address (so the original inbox remains untouched). You should also contact the folks at your various providers to let them know that you want a stricter security check on each of your accounts. It will require more checks before you can do anything on the phone but it will preempt (or make very difficult) any forms of social engineering to gain access to your account. |
|
|
|
|
camaro69327
Newbie
Offline
Activity: 59
Merit: 0
|
|
April 23, 2013, 11:56:04 PM |
|
why they will hack slush pool especially???
I think because this was, similarly to Linode issue, an inside job. I don't have any indices that other bitcoin-related servers at OVH has been hacked as well (yet), but the scenario how all this happen indicates that somebody has been able to get password recovery email somehow. And what's the salary of administrator of OVH mailing server? Wow...Is it time to get Authorities involved? OR have you already ? ...As always Great job and way to stay on top of things. |
|
|
|
|
TiborB
Member
Offline
Activity: 83
Merit: 10
|
|
April 24, 2013, 12:00:55 AM |
|
Stratum is back, great job!
Cheers,
T
|
|
|
|
|
dellnull
Newbie
Offline
Activity: 30
Merit: 0
|
|
April 24, 2013, 12:05:00 AM |
|
Damn!! To me it sounds like an override of OVH password manager.... I hope you find out how they did. And I'm impressed by your respone-time on this hack.
And you sound like the hacker if you ask me... Hope is all well Slush! I'm taking that as a compliment, but I can asure you that I don't bite the one who feed me. |
|
|
|
|
phazedoubt
Newbie
Offline
Activity: 18
Merit: 0
|
|
April 24, 2013, 12:05:05 AM |
|
Also, just as an FYI, i do network security in a completely different sector, but the attacks are usually the same. The "sneak forwarding" is a common targeted attack. More likely though, is the human element, an administrator paid to set things up. Systems are usually surprisingly secure. Almost every successful attack i see involves phishing or an inside job. Just as an fyi though, nmap is a powerful tool, and anyone can intercept and reconstruct any email that is sent over the internet if it is not pgp encrypted. i've done this for more than one client to prove the point.
|
|
|
|
|
|
laughingbear
|
|
April 24, 2013, 12:05:24 AM |
|
Stratum is back, great job!
Cheers,
T
Way to never read anything before making your post... keep living the dream. I know you will never read this |
|
|
|
|
slush (OP)
Legendary
Offline
Activity: 1386
Merit: 1097
|
|
April 24, 2013, 12:07:29 AM |
|
I set up Stratum mining to not waste hashrate on the pool. However I didn't fix the hole because I think that the hole is OVH itself, so it's clearly possible that attackers shut down the pool again. I'll migrate out of OVH ASAP.
|
|
|
|
|
