CapeTownMinter
Member
 Offline
Activity: 87
Merit: 10
|
 |
September 10, 2017, 12:29:52 AM |
|
hi....I was mining on both Zpool and Yiimp...... it appears that Zpool also possibly hacked as they have been offline round about the same time as yiimp.
|
|
|
|
|
egyptianbman
Full Member
Offline
Activity: 216
Merit: 100
https://equipool.1ds.us
|
|
September 10, 2017, 12:35:43 AM |
|
hi....I was mining on both Zpool and Yiimp...... it appears that Zpool also possibly hacked as they have been offline round about the same time as yiimp.
Yes, both zpool and yiimp run on yiimp's mining software. Any pool running on yiimp is at-risk, if not already hacked. |
|
|
|
CapeTownMinter
Member
Offline
Activity: 87
Merit: 10
|
|
September 10, 2017, 01:20:24 AM
Last edit: September 10, 2017, 02:07:09 AM by CapeTownMinter |
|
looks like i lost about 26 bitsend and 50 featherCoin from Zpool and about 8 bitsend from yiimp ... about 2 day's and half worth of mining on my small rig  |
|
|
|
|
scryptr
Legendary
Offline
Activity: 1797
Merit: 1028
|
|
September 10, 2017, 04:02:08 AM |
|
YIIMP HAS TRACED SOME WALLET ADDRESSES--
The YIIMP pool maintained by tpruvot, the author of the YIIMP software, has left a trail to certain withdrawals by theft and subsequent deposits. If the evidence of withdrawal by theft is provided to exchange management, there is a chance of recovery.
I did not loose any BSD mined on YIIMP. Tpruvot likely reimbursed miners from his own pocket. --scryptr
|
|
|
|
CapeTownMinter
Member
Offline
Activity: 87
Merit: 10
|
|
September 10, 2017, 04:38:24 AM |
|
yea i think my Yiimp bsd is safe....but i may have lost BSD and FTC on zpool .... i was waiting for currency to be exchanged and paid.
|
|
|
|
|
xtraelv
Legendary
Offline
Activity: 1288
Merit: 1926
฿ear ride on the rainbow slide
|
|
September 10, 2017, 05:21:46 AM |
|
|
|
|
|
|
Bulletdodger
|
|
September 10, 2017, 08:25:29 AM |
|
Any news about zpool, I am still mining there, and receiving some payments...
|
_
|
|
|
crombiecrunch
Member
Offline
Activity: 98
Merit: 10
|
|
September 10, 2017, 12:42:56 PM |
|
So I ran wapiti again on my site after loading the last code from the githib. The XSS vulnerability still shows.
But when I run wapiti against some of the other sites, some show the vulnerability and some dont.
There hasn't been any more code updates though. Could we get a solution shared?
|
|
|
|
|
Decker
Member
Offline
Activity: 121
Merit: 61
|
|
September 10, 2017, 02:52:41 PM |
|
Have somebody recovered lds.php or logged the cookies payload used in php object injection by attackers through unserialize() funcs? Interesting to understand this attack vector more completely.
|
💰 Komodo (KMD) Enthusiast 💰 🚀 Supporting Decentralization with Komodo Wallet 🚀 🔗 Embrace the Future of Decentralized Exchanges 🔗⚡ Stay Secure, Stay Independent, Go Decentralized! ⚡ |
|
|
crackfoo
Legendary
Offline
Activity: 3556
Merit: 1126
|
|
September 10, 2017, 02:53:13 PM |
|
Any news about zpool, I am still mining there, and receiving some payments...
no balances will end up not being paid or cleared. It's the risk of running a pool. This hack caused a major overload of work to do to update wallets and transfer balance from old to new. It doesn't help that two of my servers crashed a burned this week too so trying to rebuilding those as well. One still hasn't identified the cause, the other had the CacheCade SSD replaced yesterday. They'll all get caught up for payments, just patients is needed. Hang in there, Cheers |
ZPOOL - the miners multipool! Support We pay 10 FLUX Parallel Assets (PA) directly to block rewards! Get paid more and faster. No PA fee's or waiting around for them, paid instantly on every block found!
|
|
|
|
bney
|
|
September 10, 2017, 03:03:40 PM |
|
Appreciate the work you do. This has got to be costing you sleep and making your hair go grey
|
|
|
|
|
crackfoo
Legendary
Offline
Activity: 3556
Merit: 1126
|
|
September 10, 2017, 07:34:31 PM |
|
We're back online with the frontend and api.
|
ZPOOL - the miners multipool! Support We pay 10 FLUX Parallel Assets (PA) directly to block rewards! Get paid more and faster. No PA fee's or waiting around for them, paid instantly on every block found!
|
|
|
|
bney
|
|
September 10, 2017, 10:38:39 PM |
|
Looks like a few minor things missing. icons, and coins mined on the wallet display screen
|
|
|
|
|
crackfoo
Legendary
Offline
Activity: 3556
Merit: 1126
|
|
September 10, 2017, 11:26:08 PM |
|
Looks like a few minor things missing. icons, and coins mined on the wallet display screen
Hrmm seem fine on my side... I'll check into it more I'm back on a terminal. |
ZPOOL - the miners multipool! Support We pay 10 FLUX Parallel Assets (PA) directly to block rewards! Get paid more and faster. No PA fee's or waiting around for them, paid instantly on every block found!
|
|
|
tazmako
Full Member
Offline
Activity: 350
Merit: 100
XDNA - Most innovative cryptocurrency in 2018
|
|
September 10, 2017, 11:35:06 PM |
|
How long for all pool got fix?
|
|
|
|
|
bney
|
|
September 11, 2017, 12:08:32 AM |
|
All looking good on Zpool. Thanks for the hard work.
|
|
|
|
|
okane818
Legendary
Offline
Activity: 1176
Merit: 1000
|
|
September 11, 2017, 03:07:34 AM |
|
I think there is a manipulation inside.
I mean the one making to this is only the insider.
Making reason to cover. That is an old reason to believe. NOT NEW!
That's it.
Thank you.
|
|
|
|
|
|
doktor83
|
|
September 11, 2017, 05:29:38 AM |
|
Looks like a few minor things missing. icons, and coins mined on the wallet display screen
Hrmm seem fine on my side... I'll check into it more I'm back on a terminal. only the top menu shows, clicking the menu links does nothing. |
|
|
|
|
lyolyalya
|
|
September 11, 2017, 06:46:00 AM |
|
Looks like a few minor things missing. icons, and coins mined on the wallet display screen
Hrmm seem fine on my side... I'll check into it more I'm back on a terminal. only the top menu shows, clicking the menu links does nothing. confirmed=) |
|
|
|
|
enkayz
Full Member
Offline
Activity: 298
Merit: 100
hashbag.cc
|
|
September 11, 2017, 07:02:46 AM |
|
hashbag also back online. have made all the payments to miners that were stolen/delayed, cost me some of my own funds but at least this time I had spare funds for it. servers locked down much harder, hopefully this doesn't happen again.. i don't really charge much fees but maybe I should begin moving what I -do- get out of the pool  |
|
|
|
|
