DarkoReborn
Newbie
Offline
Activity: 12
Merit: 12
|
|
March 07, 2018, 10:17:14 PM Last edit: March 08, 2018, 02:55:46 AM by DarkoReborn |
|
Thank you all for patience and faith in Primedice, it was a rough couple of days. Support staff misses you all as well. See you all soon in chat. Darko
|
|
|
|
adaseb
Legendary
Offline
Activity: 3878
Merit: 1733
|
|
March 07, 2018, 10:21:58 PM |
|
I think the damage was contained inside Primedice.
However I am pretty sure they are many people who reuse the same password on multiple sites and they are the ones who are most at risk.
Hence, never use the same password for more than 1 place.
|
|
|
|
Batwingoz
Jr. Member
Offline
Activity: 71
Merit: 5
|
|
March 07, 2018, 10:42:11 PM |
|
I think the damage was contained inside Primedice.
However I am pretty sure they are many people who reuse the same password on multiple sites and they are the ones who are most at risk.
Hence, never use the same password for more than 1 place.
thank you we will keep that in mind
|
|
|
|
bestdoggy11
Newbie
Offline
Activity: 4
Merit: 0
|
|
March 08, 2018, 12:24:06 AM |
|
Hi Can you please add some to my accnt my accnt bestdoggy1 has funds stuck on primedice for 2 days.. I registered at stake under same username as this "bestdoggy11" Thx. A lot micro Hello I want to message you in private but i cannot
I tried to login to PD with my username and password, didn't work and told me to create a new account, tried to make one with one of my emails.
Changing passwords now however, will the hacker be able to see my withdrawl/deposit history on the account i tried to login to ?
Can the hacker see my IP address ?
thx.. i am worried
Stake.com is still intact you can send a support ticket on there and reference Primedice. Alternatively you can message the Primedice facebook page. I will be providing a new email soon for support related matters. I'm encouraging everyone to chill on the Stake.com chat for more rapid information while we wait for our registrar to sort this out. You can email Primedice support on support@stake.com too.
|
|
|
|
EnF0Rc3r
Full Member
Offline
Activity: 128
Merit: 100
M. PD&S
|
|
March 08, 2018, 12:36:18 AM |
|
Hi
Can you please add some to my accnt my accnt bestdoggy1 has funds stuck on primedice for 2 days..
I registered at stake under same username as this "bestdoggy11"
Thx. A lot micro
C'mon man, stop trying to abuse this. You're clearly creating new accounts to get some tips. It's lame.
|
|
|
|
bestdoggy11
Newbie
Offline
Activity: 4
Merit: 0
|
|
March 08, 2018, 12:54:40 AM |
|
Micro can check my balance with the same username on primedice, plus he would not deposit if it was 0 i wpuld think. And not like he will give 0.1 . Something to roll thrlugh which goes right back into the system anyway Hi
Can you please add some to my accnt my accnt bestdoggy1 has funds stuck on primedice for 2 days..
I registered at stake under same username as this "bestdoggy11"
Thx. A lot micro
C'mon man, stop trying to abuse this. You're clearly creating new accounts to get some tips. It's lame.
|
|
|
|
Stunna (OP)
Legendary
Offline
Activity: 3192
Merit: 1279
Primedice.com, Stake.com
|
|
March 08, 2018, 01:48:17 AM Last edit: March 08, 2018, 03:35:10 AM by Stunna |
|
We're working on getting the site back live. In the end we got lucky the attacker chose to put up a basic phishing site instead of launching a more sophisticated attack.
Players only lost 0.05 BTC as a result of this. If you made a deposit to the phishing site you must sign the address you sent from to claim a refund from us.
Here's what the attacker was able to do through his phishing site: -Collect Usernames/Passwords for users who logged in to his phishing site during the brief period of time it was up. -Display an obviously erroneous deposit address offering a 10% deposit bonus.
What attacker wasn't able to do -Grab user tokens/sessions (local storage isn't shared between http & https versions) -Access our DB, accounts, balances
We're taking our time to complete investigation and put things back up in a secure way. Currently we are unable to transfer the domain out of our registrar due to issues with them but given the way the account was targeted it shouldn't be possible for the hacker to regain access anymore (more on this later).
If you logged into "primedice.com" over the past 72h you should contact support and let them know. We will be disabling logins temporarily and prompting for password changes when we re-launch as a pre-caution.
|
|
|
|
athena2007
Newbie
Offline
Activity: 14
Merit: 0
|
|
March 08, 2018, 05:35:18 AM |
|
Ty for update.micro please confirm and if you cud tip me too... Ty We're working on getting the site back live. In the end we got lucky the attacker chose to put up a basic phishing site instead of launching a more sophisticated attack.
Players only lost 0.05 BTC as a result of this. If you made a deposit to the phishing site you must sign the address you sent from to claim a refund from us.
Here's what the attacker was able to do through his phishing site: -Send Usernames/Passwords for users who logged in during the brief period of time it was up. -Display an obviously erroneous deposit address offering a 10% deposit bonus.
What attacker wasn't able to do -Grab user tokens/sessions (local storage isn't shared between http & https versions) -Access our DB, accounts, balances
We're taking our time to complete investigation and put things back up in a secure way. Currently we are unable to transfer the domain out of our registrar due to issues with them but given the way the account was targeted it shouldn't be possible for the hacker to regain access anymore (more on this later).
We're working on getting the site back live. In the end we got lucky the attacker chose to put up a basic phishing site instead of launching a more sophisticated attack.
Players only lost 0.05 BTC as a result of this. If you made a deposit to the phishing site you must sign the address you sent from to claim a refund from us.
Here's what the attacker was able to do through his phishing site: -Send Usernames/Passwords for users who logged in during the brief period of time it was up. -Display an obviously erroneous deposit address offering a 10% deposit bonus.
What attacker wasn't able to do -Grab user tokens/sessions (local storage isn't shared between http & https versions) -Access our DB, accounts, balances
We're taking our time to complete investigation and put things back up in a secure way. Currently we are unable to transfer the domain out of our registrar due to issues with them but given the way the account was targeted it shouldn't be possible for the hacker to regain access anymore (more on this later).
Gosh does the begging ever stop.. leave admin to fix more important issues at hand,,, get a grip.
|
|
|
|
bestdoggy11
Newbie
Offline
Activity: 4
Merit: 0
|
|
March 08, 2018, 05:58:00 AM Last edit: March 08, 2018, 06:17:59 AM by bestdoggy11 |
|
No one is begging, since micro did mention he would be doing such for playrrs which he did and hats off to him, just asking that. There is no begging here and kindly folks leave your 2 cents to yourself. If micro does nor want to tip me since its just fair he tipped those effected then he will just say it himself, hey i cannot tip you. Get onto a different topic. Ty for update.micro please confirm and if you cud tip me too... Ty We're working on getting the site back live. In the end we got lucky the attacker chose to put up a basic phishing site instead of launching a more sophisticated attack.
Players only lost 0.05 BTC as a result of this. If you made a deposit to the phishing site you must sign the address you sent from to claim a refund from us.
Here's what the attacker was able to do through his phishing site: -Send Usernames/Passwords for users who logged in during the brief period of time it was up. -Display an obviously erroneous deposit address offering a 10% deposit bonus.
What attacker wasn't able to do -Grab user tokens/sessions (local storage isn't shared between http & https versions) -Access our DB, accounts, balances
We're taking our time to complete investigation and put things back up in a secure way. Currently we are unable to transfer the domain out of our registrar due to issues with them but given the way the account was targeted it shouldn't be possible for the hacker to regain access anymore (more on this later).
We're working on getting the site back live. In the end we got lucky the attacker chose to put up a basic phishing site instead of launching a more sophisticated attack.
Players only lost 0.05 BTC as a result of this. If you made a deposit to the phishing site you must sign the address you sent from to claim a refund from us.
Here's what the attacker was able to do through his phishing site: -Send Usernames/Passwords for users who logged in during the brief period of time it was up. -Display an obviously erroneous deposit address offering a 10% deposit bonus.
What attacker wasn't able to do -Grab user tokens/sessions (local storage isn't shared between http & https versions) -Access our DB, accounts, balances
We're taking our time to complete investigation and put things back up in a secure way. Currently we are unable to transfer the domain out of our registrar due to issues with them but given the way the account was targeted it shouldn't be possible for the hacker to regain access anymore (more on this later).
Gosh does the begging ever stop.. leave admin to fix more important issues at hand,,, get a grip.
|
|
|
|
Stunna (OP)
Legendary
Offline
Activity: 3192
Merit: 1279
Primedice.com, Stake.com
|
|
March 08, 2018, 08:27:50 AM |
|
We're back. We're waiting to move the domain off the registrar but we've put the site back. We do not believe the attackers can recover the domain back again but we will be keeping a careful eye on things. If you have a password set as a pre-caution we'll be requiring you to quickly swap it out when reloading https://primedice.com . You will be able to login again once you've changed your password. Welcome back guys! thanks for your incredible patience. Losing access to the domain felt like losing our first child, it was a rough last few days but we'll be getting things steady again and will be briefing you with the full story soon. If you experience any issues please contact live support. Verifying our SSL certificate: 8E:CA:D4:5A:48:0A:5C:F0:30:0B:40:29:E2:FB:2A:5C:D3:81:88:C6 SHA1 Back to working on PD5
|
|
|
|
Octoberian17
Newbie
Offline
Activity: 4
Merit: 0
|
|
March 08, 2018, 08:42:49 AM |
|
We're back. We're waiting to move the domain off the registrar but we've put the site back. We do not believe the attackers can recover the domain back again but we will be keeping a careful eye on things. If you have a password set as a pre-caution we'll be requiring you to quickly swap it out when reloading https://primedice.com . You will be able to login again once you've changed your password. Welcome back guys! thanks for your incredible patience. Losing access to the domain felt like losing our first child, it was a rough last few days but we'll be getting things steady again and will be briefing you with the full story soon. If you experience any issues please contact live support. Verifying our SSL certificate: 8E:CA:D4:5A:48:0A:5C:F0:30:0B:40:29:E2:FB:2A:5C:D3:81:88:C6 SHA1 Back to working on PD5 http://image.ibb.co/hUGwOS/Poster.pngThank you Stunna.. Welcome PD
|
|
|
|
BreachOfEuphoria
Newbie
Offline
Activity: 39
Merit: 0
|
|
March 08, 2018, 09:27:57 AM Last edit: March 08, 2018, 09:41:06 AM by BreachOfEuphoria |
|
Good job on getting the site back I wanted to log in to change my password. I'm getting a "Please contact support to recover your account" Edit:I got the message when trying to recover my password, I wrote you an e-mail. Can i recover my account by contacting you using this forum?
|
|
|
|
adaseb
Legendary
Offline
Activity: 3878
Merit: 1733
|
|
March 08, 2018, 10:00:45 AM |
|
We're back. We're waiting to move the domain off the registrar but we've put the site back. We do not believe the attackers can recover the domain back again but we will be keeping a careful eye on things. If you have a password set as a pre-caution we'll be requiring you to quickly swap it out when reloading https://primedice.com . You will be able to login again once you've changed your password. Welcome back guys! thanks for your incredible patience. Losing access to the domain felt like losing our first child, it was a rough last few days but we'll be getting things steady again and will be briefing you with the full story soon. If you experience any issues please contact live support. Verifying our SSL certificate: 8E:CA:D4:5A:48:0A:5C:F0:30:0B:40:29:E2:FB:2A:5C:D3:81:88:C6 SHA1 Back to working on PD5 Are you guys going to take any legal action against the hacker? Even though not much was stolen, there was downtime which lead to profit loss. Pretty sure the profit loss was much greater than 1 BTC.
|
|
|
|
MICRO
Legendary
Offline
Activity: 2464
Merit: 1037
CEO @ Stake.com and Primedice.com
|
|
March 08, 2018, 10:04:42 AM |
|
Please be patient with support at this moment.
We are getting huge amount of tickets and for the first time answer time can be very slow.
|
|
|
|
Juggy777
|
|
March 08, 2018, 10:12:56 AM |
|
We're back. We're waiting to move the domain off the registrar but we've put the site back. We do not believe the attackers can recover the domain back again but we will be keeping a careful eye on things. If you have a password set as a pre-caution we'll be requiring you to quickly swap it out when reloading https://primedice.com . You will be able to login again once you've changed your password. Welcome back guys! thanks for your incredible patience. Losing access to the domain felt like losing our first child, it was a rough last few days but we'll be getting things steady again and will be briefing you with the full story soon. If you experience any issues please contact live support. Verifying our SSL certificate: 8E:CA:D4:5A:48:0A:5C:F0:30:0B:40:29:E2:FB:2A:5C:D3:81:88:C6 SHA1 Back to working on PD5 I can understand what you'll must have gon through it's a shame that people do such kind of stuff, I'm sure PD bounce back stronger and faster. It goes without saying people need to calm their horses before sending support tickets to them, they already have their hands full no point in rushing. The good thing is PD database was not effected and I'm sure each matter will be resolved, good luck and wish the staff of PD strength to get over this mess.
|
|
|
|
Betwrong
Legendary
Offline
Activity: 3444
Merit: 2230
I stand with Ukraine.
|
|
March 08, 2018, 10:51:10 AM |
|
"Password successfully changed" You've definitely done the right compelling lazy people like me to reset their passwords before they can make any bets. I wouldn't do that almost for sure otherwise. Great to see our favorite dice site is back. Good job, PD team! Good luck to all the rollers!
|
|
|
|
lay666
Newbie
Offline
Activity: 6
Merit: 0
|
|
March 08, 2018, 11:19:20 AM |
|
"Password successfully changed" You've definitely done the right compelling lazy people like me to reset their passwords before they can make any bets. I wouldn't do that almost for sure otherwise. Great to see our favorite dice site is back. Good job, PD team! Good luck to all the rollers! I have 2fa and password, but I cant log in I contacted support, informed my email IP etc, dont know how much time need to check ))
|
|
|
|
MICRO
Legendary
Offline
Activity: 2464
Merit: 1037
CEO @ Stake.com and Primedice.com
|
|
March 08, 2018, 11:38:02 AM |
|
"Password successfully changed" You've definitely done the right compelling lazy people like me to reset their passwords before they can make any bets. I wouldn't do that almost for sure otherwise. Great to see our favorite dice site is back. Good job, PD team! Good luck to all the rollers! Hey, Yeah we didn't have to do that and create a LOT of exstra work for us and for support but we want to make sure all our users are safe so that is done to protect you guys. Atm we are changing it a bit so users with 2fa will be able to login normally. But we STRONGLY recommend you to change your password right after you login with 2fa and old password. Also withdrawals are set to manual atm so if you have logged into phising site and got your password compromised and attacker somehow manages to login your balance will be safe and we will cancel the withdrawal he made after you contact support. Please remember that we have millions of accounts on primedice and at this moment all support staff is in the office and working but we are getting huge amounts of new tickets so support will be a lot slower than normal. I know you all got used to our super fast support with less than 60 seconds first reply time . But at this moment we cant keep up to that standard. Please be patient. edit: One more thing if you did not have any balance on your account feel free to register NEW account and use that in the meantime.
|
|
|
|
Kargai
Jr. Member
Offline
Activity: 131
Merit: 1
|
|
March 08, 2018, 11:47:57 AM |
|
"Password successfully changed" You've definitely done the right compelling lazy people like me to reset their passwords before they can make any bets. I wouldn't do that almost for sure otherwise. Great to see our favorite dice site is back. Good job, PD team! Good luck to all the rollers! Hey, Yeah we didn't have to do that and create a LOT of exstra work for us and for support but we want to make sure all our users are safe so that is done to protect you guys. Atm we are changing it a bit so users with 2fa will be able to login normally. But we STRONGLY recommend you to change your password right after you login with 2fa and old password. Also withdrawals are set to manual atm so if you have logged into phising site and got your password compromised and attacker somehow manages to login your balance will be safe and we will cancel the withdrawal he made after you contact support. Please remember that we have millions of accounts on primedice and at this moment all support staff is in the office and working but we are getting huge amounts of new tickets so support will be a lot slower than normal. I know you all got used to our super fast support with less than 60 seconds first reply time . But at this moment we cant keep up to that standard. Please be patient. edit: One more thing if you did not have any balance on your account feel free to register NEW account and use that in the meantime. Thanks for all the hard work and the security. Good luck to all the Support team for managing everything
|
|
|
|
JanpriX
|
|
March 08, 2018, 11:51:30 AM |
|
"Password successfully changed" You've definitely done the right compelling lazy people like me to reset their passwords before they can make any bets. I wouldn't do that almost for sure otherwise. Great to see our favorite dice site is back. Good job, PD team! Good luck to all the rollers! Hey, Yeah we didn't have to do that and create a LOT of exstra work for us and for support but we want to make sure all our users are safe so that is done to protect you guys. Atm we are changing it a bit so users with 2fa will be able to login normally. But we STRONGLY recommend you to change your password right after you login with 2fa and old password. Also withdrawals are set to manual atm so if you have logged into phising site and got your password compromised and attacker somehow manages to login your balance will be safe and we will cancel the withdrawal he made after you contact support. Please remember that we have millions of accounts on primedice and at this moment all support staff is in the office and working but we are getting huge amounts of new tickets so support will be a lot slower than normal. I know you all got used to our super fast support with less than 60 seconds first reply time . But at this moment we cant keep up to that standard. Please be patient. edit: One more thing if you did not have any balance on your account feel free to register NEW account and use that in the meantime. We definitely understand it Micro. We all know that many users are still registering to Primedice and most of them open new tickets every now and then. This is much expected because many people just got introduced to BTC and many of them got hooked to dice sites like PD. I've been changing my passwords every 3 months lately due to increased cases of hacked/phished accounts. Especially on those accounts that contain significant amount of BTC.
|
|
|
|
|