Wallet address changed in Slush's pool.

[Hook^]

On Slush's website, the latest news is a warning to change your password if your wallet address has changed.  When I logged in, the wallet address was set to Slush's site.

I changed it back to my wallet, and nothing has been lost.

So how could the password have been compromised?  It was like 14 chars of random uppercase,lowercase, numbers.  And not used anywhere else.

Anyone else with the same story?

[1715473684]

1715473684

[1715473684]

1715473684

[Shuffle]

mine got changed twice a few days apart, i dont mine anymore so i only lost 0.2 btc that i didnt even know i had
my btc guild wallet was also changed

[Hook^]

mine got changed twice a few days apart, i dont mine anymore so i only lost 0.2 btc that i didnt even know i had
my btc guild wallet was also changed

There must be someone on the inside, or the pooling software has some kind of security hole in it.  I know it isn't because of the Gox debacle, because I didn't use the same password or username.

Damn Hackers 

[phorensic]

That's why BTCguild has a payout lock.  I'm pretty sure you had a similar password on Mt. Gox as your BTCguild account.

[beeph]

That's why BTCguild has a payout lock.  I'm pretty sure you had a similar password on Mt. Gox as your BTCguild account.

someone keeps repeatedly changing my wallet address on BTCGuild, but the payout lock owned them the first time, and the email-verification owned em the second time... hax away hax0rs.. i spose.. the box has nothing on it but ubuntu and the miner running so even if the box is compromised they cant get anything

A++ to btcguild for some common sense security maybe u should give mark kaspareto some lessons...

[Hook^]

That's why BTCguild has a payout lock.  I'm pretty sure you had a similar password on Mt. Gox as your BTCguild account.

Nope, randomly generated passwords.  No similarities at all.

[kcobra]

No HTTPS by default on slush's pool when logging in. Certainly not good...