Bitcoin Forum
December 12, 2017, 06:53:44 AM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 [12] 13 14 15 16 17 18 »  All
  Print  
Author Topic: NiceHash hacked?  (Read 28428 times)
kabi123
Full Member
***
Offline Offline

Activity: 168


View Profile
December 07, 2017, 09:18:49 PM
 #221

watched that livestream... fu.k them all

simple message..if we dontrecover that BTC...u get nothing....
yeee...we lost all..., they never can get that BTC back from that adress......

Pokercoin.net - The Future of Poker! Welcome to the 1st cryptocurrency which is created for pokerplayers!
Join Now and Start Playing Online Poker on the first platform where accepting Pokercoin!
Website || Poker || Bounty || Twitter || Facebook
1513061624
Hero Member
*
Offline Offline

Posts: 1513061624

View Profile Personal Message (Offline)

Ignore
1513061624
Reply with quote  #2

1513061624
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1513061624
Hero Member
*
Offline Offline

Posts: 1513061624

View Profile Personal Message (Offline)

Ignore
1513061624
Reply with quote  #2

1513061624
Report to moderator
1513061624
Hero Member
*
Offline Offline

Posts: 1513061624

View Profile Personal Message (Offline)

Ignore
1513061624
Reply with quote  #2

1513061624
Report to moderator
1513061624
Hero Member
*
Offline Offline

Posts: 1513061624

View Profile Personal Message (Offline)

Ignore
1513061624
Reply with quote  #2

1513061624
Report to moderator
dlezama
Newbie
*
Offline Offline

Activity: 28


View Profile
December 07, 2017, 09:28:14 PM
 #222

watched that livestream... fu.k them all

simple message..if we dontrecover that BTC...u get nothing....
yeee...we lost all..., they never can get that BTC back from that adress......

It was pathetic. So someone stole a dev credentials, logged in and directed the payment system to his account. They call that a "highly sophisticated attack"...
Za1n
Hero Member
*****
Offline Offline

Activity: 770


View Profile
December 07, 2017, 09:45:39 PM
 #223

watched that livestream... fu.k them all

simple message..if we dontrecover that BTC...u get nothing....
yeee...we lost all..., they never can get that BTC back from that adress......

It was pathetic. So someone stole a dev credentials, logged in and directed the payment system to his account. They call that a "highly sophisticated attack"...

Sound's like an inside job if you ask me. All these recent hacks always have such weak excuses too, like "someone stole someones credentials". Well first thing that should not be enough for someone to be able to hack in and send all the BTC off, there should have been several layers with each one limited to what it could do.

I always avoided Nicehash for the most part, but did mine a few of the up and coming coins on there once in awhile. I didn't have a large amount in my wallet, but no one likes to see this happen to anyone and it always seems like the same weak security excuse. If they even did file a report with the authorities, they should all be subjected to intense scrutiny from law enforcement over the next several months as I just have a bad feeling one or more of their employees is involved.
Raimy
Member
**
Offline Offline

Activity: 98

★777Coin.com★ Fun BTC Casino!


View Profile
December 07, 2017, 10:32:25 PM
 #224

The bigger guy of the two (the one doing all of the talking) looked like he could hardly contain himself. At times it looked almost as if he was smiling, as if he was thinking "I cannot believe we are getting away with this, we are going to be so f**king rich".

The smaller dude looked just as guilty, they probably think they are being clever with all these updates and videos to throw everyone off. If they did get in touch with law enforcement the first ones they should be looking into is those two clowns.

Sjeikz
Jr. Member
*
Offline Offline

Activity: 51


View Profile
December 07, 2017, 10:39:10 PM
 #225

The bigger guy of the two (the one doing all of the talking) looked like he could hardly contain himself. At times it looked almost as if he was smiling, as if he was thinking "I cannot believe we are getting away with this, we are going to be so f**king rich".

The smaller dude looked just as guilty, they probably think they are being clever with all these updates and videos to throw everyone off. If they did get in touch with law enforcement the first ones they should be looking into is those two clowns.

Excactly what I thought.
joblo
Legendary
*
Offline Offline

Activity: 966


View Profile
December 07, 2017, 10:58:12 PM
 #226

Sound's like an inside job if you ask me. All these recent hacks always have such weak excuses too, like "someone stole someones credentials". Well first thing that should not be enough for someone to be able to hack in and send all the BTC off, there should have been several layers with each one limited to what it could do.

I have to agree. Devs should never be allowed access to live systems.

Where I used to work only support engineers were allowed to login to customer sites and only
with express permission and supervision including logging. Devs were never allowed, they could
watch and advise but never toch the keyboard.

It wasn't all about security, support engineers had specific training on what not to do when logged in to a customer
site, devs are used to a lab where anything goes.

Principal developer of cpuminer-opt, the optimized multi-algo CPU miner.
BTC donation address: 12tdvfF7KmAsihBXQXynT6E6th2c2pByTT
https://bitcointalk.org/index.php?topic=1326803.0
kahc
Jr. Member
*
Offline Offline

Activity: 56


View Profile
December 07, 2017, 11:09:41 PM
 #227

Sound's like an inside job if you ask me. All these recent hacks always have such weak excuses too, like "someone stole someones credentials". Well first thing that should not be enough for someone to be able to hack in and send all the BTC off, there should have been several layers with each one limited to what it could do.

I have to agree. Devs should never be allowed access to live systems.

Where I used to work only support engineers were allowed to login to customer sites and only
with express permission and supervision including logging. Devs were never allowed, they could
watch and advise but never toch the keyboard.

It wasn't all about security, support engineers had specific training on what not to do when logged in to a customer
site, devs are used to a lab where anything goes.


Their security is really trash if one stolen credential could move all the BTC. They should have implemented proper security measures like 3-of-5 multisig for that amount they are dealing with daily.
Longsnowsm
Hero Member
*****
Offline Offline

Activity: 686


View Profile
December 07, 2017, 11:58:47 PM
 #228

No one on these sites with access to wallets has heard of 2 factor authentication?  I mean even if you get someones credentials you would have to get access to the fido key or to google authenticator or some variation of that.  That message needs to be broadcast that if you fail to do basic things to protect customers you will be sued into the ground... 
RealKariverson
Full Member
***
Offline Offline

Activity: 131


View Profile
December 08, 2017, 12:33:09 AM
 #229

so much hate for nicehash...

It was the easiest way to setup mining and bring in BTC. I can't think of any other simpler way to download 1 software, and bring in 100 dollars worth of bitcoin every month on a 5 year old gaming computer.

100% correct.  When I first started mining I used Nicehash while I learned the ropes.  I realized it was more profitable to mine to a pool directly but didn't know enough.  Still though, I can see why so many people continued to use it.  You didn't have to mess around with a bunch of different altoin exchanges or following the markets to be sure the the coins you were mining weren't crashing, or checking to see if difficulty and hashrate was rising at an extreme rate.  Strangely you don't see this much hate for Nemos Miner, Multipoolminer, Zpool, or anything else.  I can assure everyone that ZPool is more responsible for killing profitability than Nicehash.
Zpool....flat out thieves. I wonder how many of these butthurt screamers still have currency sitting in other wallets.....like Coinbase.....which BTW is down right now.

Dude I know. I have some fiat in coinbase that I put right after LTC doubled. Not much barely 4 digis. Such terrible timing and now I'm scared shitless but I'm keeping them in coinbase until BTC or LTC drop again. I don't want to buy at these prices and coinbase exchage rate is ridiculous too.
EpicJimmy5
Newbie
*
Offline Offline

Activity: 1


View Profile
December 08, 2017, 12:35:09 AM
 #230

Someone did try to get into my account a month back, luckily, I withdrew everything before they could get in. Also, 2FA is a good thing to do.

I'm cool Smiley
BitBot.V2
Member
**
Offline Offline

Activity: 63


View Profile
December 08, 2017, 12:39:37 AM
 #231

The bigger guy of the two (the one doing all of the talking) looked like he could hardly contain himself. At times it looked almost as if he was smiling, as if he was thinking "I cannot believe we are getting away with this, we are going to be so f**king rich".

The smaller dude looked just as guilty, they probably think they are being clever with all these updates and videos to throw everyone off. If they did get in touch with law enforcement the first ones they should be looking into is those two clowns.

The "smaller dude" as you put it, has already served time for hacking/malware. I have no judgement whether he was a part of this or not, although I would assume he is a decent coder ( hey, at least his father hires good developers!). I know if I were to try and use someones login credentials to pull this off, I would have certainly tried for his, at the very least for the comedy factor.
Deathwing
Legendary
*
Offline Offline

Activity: 1302


circa 2012


View Profile
December 08, 2017, 12:45:27 AM
 #232

I actually remembered that isn't this NiceHash 2nd or 3rd time getting hacked? I know that the accounts were hacked a while back and some accounts were accessed. After that they implemented 2FA, well sad that Nicehash is gone, forever.

leonix007
Sr. Member
****
Offline Offline

Activity: 392


Oh Look! Bitcoin is Growing!


View Profile
December 08, 2017, 12:53:42 AM
 #233

Sound's like an inside job if you ask me. All these recent hacks always have such weak excuses too, like "someone stole someones credentials". Well first thing that should not be enough for someone to be able to hack in and send all the BTC off, there should have been several layers with each one limited to what it could do.

I have to agree. Devs should never be allowed access to live systems.

Where I used to work only support engineers were allowed to login to customer sites and only
with express permission and supervision including logging. Devs were never allowed, they could
watch and advise but never toch the keyboard.

It wasn't all about security, support engineers had specific training on what not to do when logged in to a customer
site, devs are used to a lab where anything goes.


Their security is really trash if one stolen credential could move all the BTC. They should have implemented proper security measures like 3-of-5 multisig for that amount they are dealing with daily.

whats so frustrating is that there were lousy or worse no security for withdrawing A HUGE amount, it is so basic for every financial institutions that for every BIG amounts of withdrawal there are approvals needed, at least to interrupt the attempt.

       ▀
   ▄▄▄   ▄▀
   ███ ▄▄▄▄  ██
       ████
    ▄  ▀▀▀▀
▄▄
      ██    ▀▀
██▄█▄▄▄████████
▄▄▄▄▄▄▄▄▀▀███▀▀▀
██████████████████
████▄▀▄▀▄▀███▀▀▀▀▀
████▄▀▄▀▄▀███ ▀
████▄▀▄▀▄▀████████
▀█████████████████
]
CoinPayments
█████
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████
█████
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████
█████
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████
n00bsaibot
Jr. Member
*
Offline Offline

Activity: 56


View Profile
December 08, 2017, 12:56:58 AM
 #234

so much hate for nicehash...

It was the easiest way to setup mining and bring in BTC. I can't think of any other simpler way to download 1 software, and bring in 100 dollars worth of bitcoin every month on a 5 year old gaming computer.

100% correct.  When I first started mining I used Nicehash while I learned the ropes.  I realized it was more profitable to mine to a pool directly but didn't know enough.  Still though, I can see why so many people continued to use it.  You didn't have to mess around with a bunch of different altoin exchanges or following the markets to be sure the the coins you were mining weren't crashing, or checking to see if difficulty and hashrate was rising at an extreme rate.  Strangely you don't see this much hate for Nemos Miner, Multipoolminer, Zpool, or anything else.  I can assure everyone that ZPool is more responsible for killing profitability than Nicehash.
Zpool....flat out thieves. I wonder how many of these butthurt screamers still have currency sitting in other wallets.....like Coinbase.....which BTW is down right now.

Dude I know. I have some fiat in coinbase that I put right after LTC doubled. Not much barely 4 digis. Such terrible timing and now I'm scared shitless but I'm keeping them in coinbase until BTC or LTC drop again. I don't want to buy at these prices and coinbase exchage rate is ridiculous too.

Coinbase is up and running just fine (just used it)... site must be overwhelmed with transaction requests
ad5os
Newbie
*
Offline Offline

Activity: 2


View Profile
December 08, 2017, 01:13:12 AM
 #235

So I am looking at the wallet address a few days later still pissed and now I see there are several small deposits into the wallet.  I am curious to wonder where are these coming from?  Could this hacker now be mining some data from nicehash to hack other wallets that were linked to nicehash that maybe have easy passwords or the same password that their nicehash users used?  I am going to double check that whatever nicehash password I used is DEAD!  Here is the link to the wallet if you want to look for yourself.

https://bitinfocharts.com/bitcoin/address/1EnJHhq8Jq8vDuZA5ahVh6H4t6jh1mB4rq
trackers
Newbie
*
Offline Offline

Activity: 22


View Profile
December 08, 2017, 01:23:22 AM
 #236

So I am looking at the wallet address a few days later still pissed and now I see there are several small deposits into the wallet.  I am curious to wonder where are these coming from?  Could this hacker now be mining some data from nicehash to hack other wallets that were linked to nicehash that maybe have easy passwords or the same password that their nicehash users used?  I am going to double check that whatever nicehash password I used is DEAD!  Here is the link to the wallet if you want to look for yourself.

https://bitinfocharts.com/bitcoin/address/1EnJHhq8Jq8vDuZA5ahVh6H4t6jh1mB4rq

I assume those transactions are designed to tag that address somehow
BenRickert
Full Member
***
Offline Offline

Activity: 182


View Profile
December 08, 2017, 01:28:10 AM
 #237

No one on these sites with access to wallets has heard of 2 factor authentication?  I mean even if you get someones credentials you would have to get access to the fido key or to google authenticator or some variation of that.  That message needs to be broadcast that if you fail to do basic things to protect customers you will be sued into the ground... 
NH was sending out notifications to activate 2Authy just before the deed. I thought that as curious.
TXSteve
Sr. Member
****
Offline Offline

Activity: 341


View Profile
December 08, 2017, 01:32:40 AM
 #238

I am leaning towards this hack being an inside job.

Why?? well, leading up to the hack, scrypt hashrate was and still is exploding, rather than upgrade equipment and capacity they simply "upgraded" the minimum share difficulty. As they approached max capacity again with BTC price exploding and NH wallet full, the simplest solution for them, rather than deal with the hassles of hardware upgrades, troubleshooting, downtimes, complaints etc was to just pull the plug by feigning a hack and then walk away.

Just a theory , I personally hope they start back up.  Maybe they'll use the downtime to upgrade and reopen, hurray, if not ... see prior paragraph. It'll be interesting to see how it plays out
armenmerikyan
Member
**
Offline Offline

Activity: 98


BrownieCoin.org The Recognition Cryptocurrency


View Profile WWW
December 08, 2017, 02:55:31 AM
 #239

I am leaning towards this hack being an inside job.

Why?? well, leading up to the hack, scrypt hashrate was and still is exploding, rather than upgrade equipment and capacity they simply "upgraded" the minimum share difficulty. As they approached max capacity again with BTC price exploding and NH wallet full, the simplest solution for them, rather than deal with the hassles of hardware upgrades, troubleshooting, downtimes, complaints etc was to just pull the plug by feigning a hack and then walk away.

Just a theory , I personally hope they start back up.  Maybe they'll use the downtime to upgrade and reopen, hurray, if not ... see prior paragraph. It'll be interesting to see how it plays out


rather than give part of the company away and raise funds let's just take the money we have to give to the customers and restart the service. They lost their money I am not sure why they keep saying it's our bitcoins they lost.

Brownie Coins Available at Apple's App Store
Buy Bitcoins using iTunes and Brownie Coins App
nazzer
Newbie
*
Offline Offline

Activity: 28


View Profile
December 08, 2017, 03:43:16 AM
 #240

I am leaning towards this hack being an inside job.

Why?? well, leading up to the hack, scrypt hashrate was and still is exploding, rather than upgrade equipment and capacity they simply "upgraded" the minimum share difficulty. As they approached max capacity again with BTC price exploding and NH wallet full, the simplest solution for them, rather than deal with the hassles of hardware upgrades, troubleshooting, downtimes, complaints etc was to just pull the plug by feigning a hack and then walk away.

Just a theory , I personally hope they start back up.  Maybe they'll use the downtime to upgrade and reopen, hurray, if not ... see prior paragraph. It'll be interesting to see how it plays out


rather than give part of the company away and raise funds let's just take the money we have to give to the customers and restart the service. They lost their money I am not sure why they keep saying it's our bitcoins they lost.

Our bitcoin was never on our own private key, what was shown were balances owed by them to us - regardless whether they recover BTC stolen this is still BTC owed to us. If they ever come back I expect a full payment - it'll be really stupid for them to ignore this amount owed to their customers.

The amount of hashpower represented by Nicehash is very significant, as seen by the difficulty dropping massively across the board or in other cases (e.g. Scrypt) a sharp spike with people moving over to backup pools - it'll be hard to see why they wouldn't have reserves to pay buyers and sellers alike.

It's hard to see even if they do come back how people would ever trust Nicehash again unless they make good on the balance owed.


1 x S9 | 11 x GTX1070 | 10 x 1050Ti
Pages: « 1 2 3 4 5 6 7 8 9 10 11 [12] 13 14 15 16 17 18 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!