[ANN][BETA][EXCHANGE][REALTIME] CoinEX realtime exchange

[lostmojo]

he needs to post a list of what was stolen. So we can judge what markets will be dumped

rumour is 2 billion Lottocoins were dumped over 2 days following the theft

[shair]

I have watched the comments, attempted hijacking, slagging, ass kissing, help, anger and all the other emotions from this incident.

For what its worth, here are my comments/input - take what you want, throw away what you don't:

Transparency in public relations earns the communities respect, be transparent, be quick to respond and ensure that you are keeping customers informed.  
-- Trust me, it is the best strategy, happens all the time in my industry and those that choose this path, always are rewarded for their honesty, communications and earn the respect of their customers and the community.

-- replace your maintenance page with an update = This is what happened, here is where we are at, this is what we are doing, this is when customers should expect the return of their coins, you can/can't keep mining with our pools, etc... prob take 15 minutes to write, just ensure what you write you will do.
-- tweet daily to say "we are still here" working on getting ____ and ____ done, on track...
-- update your facebook page
-- listen to the community, communicate, you have a strong customer following, be loyal, they are to you

Coinex is the best exchange/mining combination out there today (imho), improve the security, preform audits, set up a honeypot, cut a reputable security firm into the profit equation to monitor, audit and fix any potential issues.  If you can't get this done in a reasonable time frame, don't let this stop you doing what you said you would do:

When someone says they will do something, do it.  In this example, you say you will return coins, you have in the past, this is what customers are counting on, make it happen.  

For those thread hijackers, your exchange will not get any of my future business.  Opportunism has its place, when people have lost their coins, some of their earnings, it so tasteless for you to do that, you should have deleted your post, negativity is growing towards your exchange.

I could go on...  but won't

Waiting to see what happens next, earn respect, trust and loyalty, or fuk the community and his own reputation...

Happy days!

[techman05]

-- replace your maintenance page with an update = This is what happened, here is where we are at, this is what we are doing, this is when customers should expect the return of their coins, you can/can't keep mining with our pools, etc... prob take 15 minutes to write, just ensure what you write you will do.
-- tweet daily to say "we are still here" working on getting ____ and ____ done, on track...
-- update your facebook page
-- listen to the community, communicate, you have a strong customer following, be loyal, they are to you

They've improved in the fact of the maintenance page. When I first started here they didn't even have that. I just wish the first words on twitter weren't go to bitcointalk for news. twitter doesn't get denial'd of service as much . I never checked how many users go to coin ex(or if there is a number posted) but I'm blaming gateway error to here on people checking this page.

Maybe once this is over they should add a blog page right there on the maintenance mode page when these things happen so we don't have to bounce around from twitter to here. It did wonders for bfl and their pre order's 

[allcrypt]

Here goes. Fire suit on, wearing my cup, and stepping out on the limb:

https://www.allcrypt.com/blog/2014/03/on-security-and-hacking/

AllCrypt.com is NOT hack proof. But we are transparent, and stand on our integrity. We came up with the idea for the site while chatting in the CoinEx troll box. Give us a looksee. Read that blog post above. Judge for yourself.

[so142001]

Here goes. Fire suit on, wearing my cup, and stepping out on the limb:

https://www.allcrypt.com/blog/2014/03/on-security-and-hacking/

AllCrypt.com is NOT hack proof. But we are transparent, and stand on our integrity. We came up with the idea for the site while chatting in the CoinEx troll box. Give us a looksee. Read that blog post above. Judge for yourself.

I just read it over, seems like a pretty good security to me. I'll consider using it if more coins are added, especially the top 25 on coinmarketcap.com.

[milly6]

What do you have against craigslist? Its a simple platform that always works flawlessly and has great spam control. ??

Craigslist has pretty close to zero spam control. Just have a look at all the car dealer ads posted multiple times per day for the same vehicles.

yep, the community has a responsibility to flag them, and they are taken down. Next...

[Bitcoinpro]

Some friends of mine lost coin I will be happy to take the site of you when you eventually give it up, ill be happy to share control with other investors who lost money? my friends could also possibly try to seize the domain in compensation for lost funds.

[OkieDoke]

Some friends of mine lost coin I will be happy to take the site of you when you eventually give it up, ill be happy to share control with other investors who lost money? my friends could also possibly try to seize the domain in compensation for lost funds.

Lol.

[buddynuno]

If you lost money on Coinex its YOUR fault.  The ONLY safe storage system is your home computer with a quick USB back up or a paper wallet if you have sizable stash.  Why would anyone leave coins on ANY exchange?  Mt Gox?  Poloniex? Coinex,  [Insert name of next one here]?.  Its coming... it will happen and everyone will run around say [Insert name of next one here] is a scam.  In reality it takes lots of sheep, yes sheep (followers) to pull off this type of stunt... It doesn't take hackers... it takes "stoopid"....

Are you mad bro?
Do you really think people leave their coins cold stored on wallets other than Bitcoin and Litecoin?
People are daytrading with alternative coins to profit.
How do you think people make money? They need to send their coins to the exchanges wallets so they can trade them. Yes or no?
It is the exchange fault to not have the proper security system to ensure their clients funds safety.
So it is also their responsibility to refund those clients for any loss while those funds were in possession of the exchange!

[nyktalgia]

Still waiting... patience running thin.

And why the hell are people posting about cryptsy being "illegal" .... I think you completely miss the idea of cryptocurrency.   Don't need this fincen bullshit, just the gov trying to stick it's dirty hands in the cryptmarket.

[towni]

Please send your BTC to

14jvemph495AaYKfjexQF254PWqun7Rz4H

(min. 0.02 BTC) and you will get back 50% shortly.

This is much better exchange rate than CoinEX, where you will never get anything back.     

[bigb159]

Were only Bitcoin stolen or were alt wallets emptied too. If the case is the former, I'd like to withdraw all my alts, and "Maintenance Mode" doesn't seem to be working for people in my situation.

[nyktalgia]

Were only Bitcoin stolen or were alt wallets emptied too. If the case is the former, I'd like to withdraw all my alts, and "Maintenance Mode" doesn't seem to be working for people in my situation.

I'm under the impression everything did :/  Who even know whats going on honestly.  I don't trust these people anymore than I trust so-called "hacker".   If all my stuff is still there, I will have more respect, but for now... who da hell knows.

[OkieDoke]

Were only Bitcoin stolen or were alt wallets emptied too. If the case is the former, I'd like to withdraw all my alts, and "Maintenance Mode" doesn't seem to be working for people in my situation.

As stated by myself and others several times since page 65 of this thread, yes other coins were taken too.
My post on page 65 shows how I was able to prove that LTC were taken from random accounts on the 18th March (2 days after the site was inaccessible).

[kaaskop]

Just 2 things (ok there will come a lot blabla because i'm new here )

1.-

Often you are forced to leave coins at an exchange, a nice example is cryptsy.
If you have BTC you can only withdrawl it when you reach the minimum amount, BUT you can often only change them for other coins when you have a minimum amount.
At cryptsy it's often 0.1 BTC
So if such an exchange falls, they will always have coins of you. (even if you know they will fall down, you can never withdrawl the money that belongs to you)
For some altcoins i have lets say 24 or so and am not allowed to change them or to withdrawl them before i have 100, so i am forced to mine these missing coins. (this for the people that say, never leave coins or certain amounts of coins at an exchange)

2.-

The Coinex story:
I've been there for some months and if there was an issue i was always helped within the hour, so maybe i was the lucky guy

Let's take the possibility that somebody took the money and got on the run. (i hope i'm wrong)
What i see happening is what, in my opinion, profs / experts or give them a name, would do.
You rob everything, try to erase your info from the internet, you hear or see people want to do the worst things with you.
To let everybody calm down you suddenly post something with a explanation, so everybody changes his point of view against you and what you see in the 86 pages of chat, this happened.
From willing to kill, paying a visit etc etc suddenly changed in security chats.
In the meanwhile the person who robbed everything has a chance to get away because nobody is paying attention anymore.
So every now and then this person posts something to calm down everybody.
In the meanwhile nothing is changed.

I hope i'm completely wrong, but if i am, i want to get informed.
If coinex realy wants to start again and survive they have to give info on a regular base here in this chat / twitter, or online.
Let people hear what you are doing, let them hear how long all will take etc etc. INFORM PEOPLE !!

Sorry for the bad english.

[Thies1965]

Well, things seem to be bad.

I cannot understand why it takes so long to analyse what has happened, what is still there and what is lost.
As argued by erundook, they wait for investors comments, I guess they on a wrong path.

Clear communication and consise communication is key to get trust in crypto currencies not in 'selling' the future to some new (naiv?) investors to cover the loss of a couple of thousand coinex.pw deposit owners.

A quick look-up showed me that erundook has withdrawn his github account (even though he is referencing it).

I am really sorry about those wrong characters.

Close this thread, they are gone!

[wackenroader]

Were only Bitcoin stolen or were alt wallets emptied too. If the case is the former, I'd like to withdraw all my alts, and "Maintenance Mode" doesn't seem to be working for people in my situation.

As stated by myself and others several times since page 65 of this thread, yes other coins were taken too.
My post on page 65 shows how I was able to prove that LTC were taken from random accounts on the 18th March (2 days after the site was inaccessible).

My Zeit, WDC and Moon still in coinex , were not stolen.

[Thies1965]

Were only Bitcoin stolen or were alt wallets emptied too. If the case is the former, I'd like to withdraw all my alts, and "Maintenance Mode" doesn't seem to be working for people in my situation.

As stated by myself and others several times since page 65 of this thread, yes other coins were taken too.
My post on page 65 shows how I was able to prove that LTC were taken from random accounts on the 18th March (2 days after the site was inaccessible).

My Zeit, WDC and Moon still in coinex , were not stolen.

How do you know?

Can you actually withdraw your coins? Are you still the owner of the private key of those 'deposit' wallets?

[OkieDoke]

Were only Bitcoin stolen or were alt wallets emptied too. If the case is the former, I'd like to withdraw all my alts, and "Maintenance Mode" doesn't seem to be working for people in my situation.

As stated by myself and others several times since page 65 of this thread, yes other coins were taken too.
My post on page 65 shows how I was able to prove that LTC were taken from random accounts on the 18th March (2 days after the site was inaccessible).

My Zeit, WDC and Moon still in coinex , were not stolen.

To be honest, if I was the thief I wouldn't have bothered with the abundance of other coins.
I would of taken all the BTC and all the LTC and left it there.

At the end of the day, a thief wants to make money quick. They don't wanna mess around trading all the stolen MOON and ZEIT and so on and so on for BTC or LTC. Collectively they may be valuable but not without time put into it, something that a thief doesn't want to do.

[allcrypt]

Here goes. Fire suit on, wearing my cup, and stepping out on the limb:

https://www.allcrypt.com/blog/2014/03/on-security-and-hacking/

AllCrypt.com is NOT hack proof. But we are transparent, and stand on our integrity. We came up with the idea for the site while chatting in the CoinEx troll box. Give us a looksee. Read that blog post above. Judge for yourself.

All the wallets are encrypted. If you managed to somehow get into the wallet servers – you’d need the unlock keys. Which, I assure you, are not on any server, anywhere. When the daemons are restarted, we key them in by hand. I guess maybe you could hack into the wallet servers, and somehow scan the memory of the machines to try to find the encryption key, but good luck with finding that random data.

Even a script kiddie could get encryption keys from memory. If he even needed to - gaining access to the server is usually enough to get access to all of the data. You're only slowing yourself down by keying it in manually. Good luck with your flawed system.

Cloudflare protection. This stops a great many exploits, and makes hackers use more public and traceable networks to even attempt a hack.

Cloudflare only stops really common exploits, like with Wordpress. Relying on it is honestly security through obscurity and so is hiding your source code.

The LTC, BTC and DOGE wallets are distributed. Each user gets assigned a server. We don’t keep them all in one place. Hack one server, you get 1/xth of the BTC we hold. Keep hacking.

Keep hacking! Exactly! Gaining full unhindered access to one server means all of the other servers are IMPOSSIBLE to get into, right? More security through obscurity.

Did we mention our ability to cut the power to the servers, remotely, by multiple methods?

I bet MtGox had a way, too.
One day, your exchange will get hacked, anyway. And it won't matter, because you said your exchange is "not hack proof".

I never disputed that someone with physical access to the machine could wipe you out. Thats pretty much standard reality. Anyone with physical access to a bank vault can, given the time to "hack" it, wipe that out too. So, I'm not sure what you're trying to prove. That we're not hack proof? I never made that absurd claim. As for Cloudflare - I dont give a crap about what exploits they stop. I care about the DDoS protection. I care that they identify known bad source IPs and prevent access or slow that down with captchas, which, yes, can be defeated by scripts, but it slows it down considerably. We don't pay Cloudflare to protect against hacks. We pay Cloudflare to slow them down to the point of them being ineffectual, and forcing russian and chinese hackers to jump hoops with source IPs just to be able to try and land a decent attack. In the past 7 days, Cloudflare has stopped over 1 million potential threats from hitting the site.

And just like the "This house is Protected by ADT" signs/decals that may or may not be real - if a thief has 2 homes side by side - one possibly with an alarm system, and one without, which will he hit first?

As far as a "script kiddie" finding an unknown length random string of characters in an unknown area of memory - we wont say anything is impossible (but a script kiddie finding a random portion of memory seems far fetched), but the time to find it and then try and exploit it is the deterrent. Bank vaults are not hack proof. They are rated in time to break into.

You get into our server to the point where you can start scanning the memory and try encryption keys - well then we're in the "time to hack" phase. Can you beat us hitting the kill switch? Thats how any bank is protected. Once you get in the door - can you beat the security before the cops show up.

We're not hack proof. But we're confident in our ability to hit the switch before you can drill through the door or figure out the combination.

And we're not blowing smoke up anyone's ass. Half the posts in here are "Tell us whats going on!" - people want transparency and honesty. I decided to post that blog because the lack of info from CoinEx was annoying, then that other post full of utter bullshit making their standard security SOUND big and fancy and the hack proof claim pushed me over the edge. Just be honest with people, and you'll earn their trust.