BreachOfEuphoria
Newbie
Offline
Activity: 39
Merit: 0
|
|
March 08, 2018, 05:11:58 PM |
|
Primedice support, Katarina and Vladimir has been very good at helping me recover my account today. Katarina replied within 15 minutes. I'm in again. Thank you so much for your help
|
|
|
|
MICRO
Legendary
Offline
Activity: 2464
Merit: 1037
CEO @ Stake.com and Primedice.com
|
|
March 08, 2018, 05:33:30 PM |
|
Hey guys, As many of you are probably already aware we are back up and running! Yeeey! On your login you will be asked to reset your password, you can do that in one of two ways. 1. You can change password from any device that is still logged into your account. 2. You can contact our support team. ( Please note that support will be slower than usual due to huge amount of tickets we are getting at this moment. Also for users safety all withdrawals are currently on manual.
|
|
|
|
xMossx
Newbie
Offline
Activity: 121
Merit: 0
|
|
March 08, 2018, 08:04:14 PM |
|
Great news! Guess I'll go change my password.
|
|
|
|
adaseb
Legendary
Offline
Activity: 3878
Merit: 1733
|
|
March 08, 2018, 08:21:53 PM |
|
Hey guys, As many of you are probably already aware we are back up and running! Yeeey! On your login you will be asked to reset your password, you can do that in one of two ways. 1. You can change password from any device that is still logged into your account. 2. You can contact our support team. ( Please note that support will be slower than usual due to huge amount of tickets we are getting at this moment. Also for users safety all withdrawals are currently on manual. I think what is really scary about this incident is imagine what could of happebed if the hackers weren't lazy. They would at an unsuspecting time ( when PD dev are sleeping ) commit the hack and make the phishing site look for authentic. When someone tried to login, they would go to the real PD and perform a withdraw. The way the registrar handled this situation was very dangerous. Hopefully many Bitcoin sites and services can learn from this incident.
|
|
|
|
Xylber
|
|
March 08, 2018, 09:03:39 PM |
|
Hey guys, As many of you are probably already aware we are back up and running! Yeeey! On your login you will be asked to reset your password, you can do that in one of two ways. 1. You can change password from any device that is still logged into your account. 2. You can contact our support team. ( Please note that support will be slower than usual due to huge amount of tickets we are getting at this moment. Also for users safety all withdrawals are currently on manual. I think what is really scary about this incident is imagine what could of happebed if the hackers weren't lazy. They would at an unsuspecting time ( when PD dev are sleeping ) commit the hack and make the phishing site look for authentic. When someone tried to login, they would go to the real PD and perform a withdraw. The way the registrar handled this situation was very dangerous. Hopefully many Bitcoin sites and services can learn from this incident. In this case, Primedice can't be reached via IP: if they change the DNS, they can't find the authentic website. Of course, your idea is valid and can be used in some websites.
|
|
|
|
shield132
|
|
March 08, 2018, 09:14:36 PM |
|
Congrats guys, to be fair one of the biggest dice website was stopped because of that reason. Hope this won't happen anymore. Wish you all the best, it won't affect you a,much but wonder who was against you, who did this shit job. Do you plan to make serious legal actions against him?
|
|
|
|
adaseb
Legendary
Offline
Activity: 3878
Merit: 1733
|
|
March 08, 2018, 10:18:34 PM |
|
Hey guys, As many of you are probably already aware we are back up and running! Yeeey! On your login you will be asked to reset your password, you can do that in one of two ways. 1. You can change password from any device that is still logged into your account. 2. You can contact our support team. ( Please note that support will be slower than usual due to huge amount of tickets we are getting at this moment. Also for users safety all withdrawals are currently on manual. I think what is really scary about this incident is imagine what could of happebed if the hackers weren't lazy. They would at an unsuspecting time ( when PD dev are sleeping ) commit the hack and make the phishing site look for authentic. When someone tried to login, they would go to the real PD and perform a withdraw. The way the registrar handled this situation was very dangerous. Hopefully many Bitcoin sites and services can learn from this incident. In this case, Primedice can't be reached via IP: if they change the DNS, they can't find the authentic website. Of course, your idea is valid and can be used in some websites. Yes but this is not what happened is it? Basically the registrar redirected the traffic to a different IP. The old site was still accessible by the old IP. The hacker would simply record the usernames and passwords and then go to the real Primedice website by the IP address. Plus, it takes a few hours for DNS to update. It's not instant but bottle necked by the ISP
|
|
|
|
MICRO
Legendary
Offline
Activity: 2464
Merit: 1037
CEO @ Stake.com and Primedice.com
|
|
March 08, 2018, 10:45:47 PM |
|
Hey guys, As many of you are probably already aware we are back up and running! Yeeey! On your login you will be asked to reset your password, you can do that in one of two ways. 1. You can change password from any device that is still logged into your account. 2. You can contact our support team. ( Please note that support will be slower than usual due to huge amount of tickets we are getting at this moment. Also for users safety all withdrawals are currently on manual. I think what is really scary about this incident is imagine what could of happebed if the hackers weren't lazy. They would at an unsuspecting time ( when PD dev are sleeping ) commit the hack and make the phishing site look for authentic. When someone tried to login, they would go to the real PD and perform a withdraw. The way the registrar handled this situation was very dangerous. Hopefully many Bitcoin sites and services can learn from this incident. In this case, Primedice can't be reached via IP: if they change the DNS, they can't find the authentic website. Of course, your idea is valid and can be used in some websites. Yes but this is not what happened is it? Basically the registrar redirected the traffic to a different IP. The old site was still accessible by the old IP. The hacker would simply record the usernames and passwords and then go to the real Primedice website by the IP address. Plus, it takes a few hours for DNS to update. It's not instant but bottle necked by the ISP Well it would be hard to pull off we have 24/7 support which is also always monitoring the site so we would take quick actions at any time. They can always reach me if not all devs and admins. Thats why having 24/7 support proved to be very important and useful and we are one of the few sites that have it. Stunna will post more details on how it happened. It was not even remotely our fault and you will know why soon. I hope we handled it well in the best way possible for all of our users and even though this was not our fault all the transactions sent to the phishing address will be refunded. Again thank you all for support on this and for helping us get that phishing waring so fast.
|
|
|
|
dolphinpuke
Member
Offline
Activity: 85
Merit: 10
|
|
March 08, 2018, 11:26:33 PM |
|
You guys handled this with full transparency, which is why people will continue to play here and respect you guys. Kudos to getting things in check , maintaining composure and managing this bad situation very well. Awaiting Stunnas recap.
|
|
|
|
Thirdspace
|
|
March 09, 2018, 01:12:06 AM |
|
Players only lost 0.05 BTC as a result of this. If you made a deposit to the phishing site you must sign the address you sent from to claim a refund from us.
wow, very nice... primedice's prompt action made this happen the perp must be disappointed getting only 0.05 BTC off this ruse Here's what the attacker was able to do through his phishing site: -Collect Usernames/Passwords for users who logged in to his phishing site during the brief period of time it was up. -Display an obviously erroneous deposit address offering a 10% deposit bonus.
pretty slick hacker eh? offering 10% bonus is there a possibility they collected email addresses too? as I remember we can set this optionally, right? they could try email phishing soon or later, so heads-up guys... be cautious
|
|
|
|
LuanX3
|
|
March 09, 2018, 07:25:14 AM |
|
Congrats to Primedice for getting back the site pretty quick and it did not result to too much problems for their gamblers.
Also kudos to them for issuing a refund to those people that were scammed by the phasing site. However, how will you guys give refunds to people that deposited using addresses that they cannot sign from, i.e. from exchanges and other such things.
|
|
|
|
iluvbitcoins
Legendary
Offline
Activity: 2198
Merit: 1150
Freedom&Honor
|
|
March 09, 2018, 10:28:59 AM |
|
Congrats to Primedice for getting back the site pretty quick and it did not result to too much problems for their gamblers.
Also kudos to them for issuing a refund to those people that were scammed by the phasing site. However, how will you guys give refunds to people that deposited using addresses that they cannot sign from, i.e. from exchanges and other such things.
They can probably request proof of withdrawal from the exchange aka. screenshots, txids etc.
|
Looking for a signature campaign.
|
|
|
stsms06
Newbie
Offline
Activity: 37
Merit: 0
|
|
March 09, 2018, 10:32:36 AM |
|
Congrats to Primedice for getting back the site pretty quick and it did not result to too much problems for their gamblers.
Also kudos to them for issuing a refund to those people that were scammed by the phasing site. However, how will you guys give refunds to people that deposited using addresses that they cannot sign from, i.e. from exchanges and other such things.
They can probably request proof of withdrawal from the exchange aka. screenshots, txids etc. I was asked to, but try to find things that are over 1 year ago (Username:immerich)
|
|
|
|
LuanX3
|
|
March 09, 2018, 10:36:16 AM |
|
Congrats to Primedice for getting back the site pretty quick and it did not result to too much problems for their gamblers.
Also kudos to them for issuing a refund to those people that were scammed by the phasing site. However, how will you guys give refunds to people that deposited using addresses that they cannot sign from, i.e. from exchanges and other such things.
They can probably request proof of withdrawal from the exchange aka. screenshots, txids etc. True, but still hard to authenticate.
I was asked to, but try to find things that are over 1 year ago (Username:immerich)
Why are you looking for over 1 year ago? The phising happened just like a week ago, am I missing something here?
|
|
|
|
veleten
Legendary
Offline
Activity: 2016
Merit: 1106
|
|
March 09, 2018, 10:39:02 AM |
|
glad Primedice is back! your registrar should have been more responsive and faster in allowing you to regain control but it should be all good now,its annoying to have your bank account's access to be restored through support but I got it verified, finally all good,withdrawals are manual at the moment mine went through in under an hour,so it is not a big deal p.s. if the primedice 5 logo is the one Stunna posted above,it should be named TronDice resembles Tron movie/game too much
|
|
|
|
Betwrong
Legendary
Offline
Activity: 3416
Merit: 2221
I stand with Ukraine.
|
|
March 09, 2018, 11:18:25 AM |
|
"Password successfully changed" You've definitely done the right compelling lazy people like me to reset their passwords before they can make any bets. I wouldn't do that almost for sure otherwise. Great to see our favorite dice site is back. Good job, PD team! Good luck to all the rollers! Hey, Yeah we didn't have to do that and create a LOT of exstra work for us and for support but we want to make sure all our users are safe so that is done to protect you guys. Atm we are changing it a bit so users with 2fa will be able to login normally. But we STRONGLY recommend you to change your password right after you login with 2fa and old password. Also withdrawals are set to manual atm so if you have logged into phising site and got your password compromised and attacker somehow manages to login your balance will be safe and we will cancel the withdrawal he made after you contact support. Please remember that we have millions of accounts on primedice and at this moment all support staff is in the office and working but we are getting huge amounts of new tickets so support will be a lot slower than normal. I know you all got used to our super fast support with less than 60 seconds first reply time . But at this moment we cant keep up to that standard. Please be patient. edit: One more thing if you did not have any balance on your account feel free to register NEW account and use that in the meantime. Hey, MICRO, Thanks for your reply! I hope my words don't appear sarcastic because I didn't mean any sarcasm actually. I know you do everything you can to protect our safety and I'm greatful for that. Right now PrimeDice is working great as always. I was tipped 10k sats by Zoltan 10 seconds after I logged in. ) Hunting for 99.99 for the moment, but only getting close ones like 99.52 and 99.78 so far. ) Overall, it's nice to see our favorite dice site is up and running again.
|
BITCOIN TO THE MOON ☾ ₿ ₿ ₿ ₿ ₿ ₿ ₿ ₿ ₿ ₿ ₿ ₿ ₿ ₿ ₿
|
|
|
MICRO
Legendary
Offline
Activity: 2464
Merit: 1037
CEO @ Stake.com and Primedice.com
|
|
March 09, 2018, 10:20:53 PM |
|
Players only lost 0.05 BTC as a result of this. If you made a deposit to the phishing site you must sign the address you sent from to claim a refund from us.
wow, very nice... primedice's prompt action made this happen the perp must be disappointed getting only 0.05 BTC off this ruse Here's what the attacker was able to do through his phishing site: -Collect Usernames/Passwords for users who logged in to his phishing site during the brief period of time it was up. -Display an obviously erroneous deposit address offering a 10% deposit bonus.
pretty slick hacker eh? offering 10% bonus is there a possibility they collected email addresses too? as I remember we can set this optionally, right? they could try email phishing soon or later, so heads-up guys... be cautious Hey, The phishing site actually required you to enter your email. So that is defiantly something we look out for. Also if you visited phishing site they got your IP which is also bad. We are doing all we can to still protect users so that is why withdrawals are currently manual and will stay that way untill we are sure all users got their accounts and changed passwords. Also strong recommendation again and this should not even be optional is to use 2FA. Please guys use 2FA everywhere you can!
|
|
|
|
MinerHQ
Legendary
Offline
Activity: 1456
Merit: 1023
|
|
March 10, 2018, 03:20:56 AM |
|
Also strong recommendation again and this should not even be optional is to use 2FA. Please guys use 2FA everywhere you can!
Please take that advice seriously and enable your 2fa feature before you deposit money. This advice is even applicable for all the online sites, not just a gambling sites you should enable 2fa before you deposit money. Not so easy to hack 2fa feature enabled accounts compared to just password protected accounts.
|
|
|
|
eaLiTy
|
|
March 10, 2018, 09:17:36 PM |
|
Glad to see that the site is back and running,lost just 0.05BTC which is not bad because of the prompt action by the team,but i still cannot understand how this happened,is this happened because of the domain registrar, because i did not hear about any other hijack during this time,i guess there is a leak from the team itself,hope to hear the details from Stunna soon.
|
|
|
|
Xylber
|
|
March 10, 2018, 10:08:20 PM |
|
Glad to see that the site is back and running,lost just 0.05BTC which is not bad because of the prompt action by the team,but i still cannot understand how this happened,is this happened because of the domain registrar, because i did not hear about any other hijack during this time,i guess there is a leak from the team itself,hope to hear the details from Stunna soon.
Meanwhile, contact support. Stunna posts the latests news, but the support can help you in your particular case.
|
|
|
|
|