[ANN][Pool][Profit-Switch][Optional Auto-Exchange per Coin][Vardiff] ~ Hashcows

[Burninj]

Ops should reimburse users, but only partially - if someone is too stupid to leave 0.5+ BTC on pool ran by two (doesn´t matter how honest) guys, where no one can expect robust security platform, deserves nothing more than loose it. During 6 months of mining I lost coins in various scams (Unocs, Orbit Coin, PhenixEx..) and I learned one thing - You are on enemy territory and if You loose, it was by your mistake so blame no one but You.

aTriz and nearmiss did great job here, so stop complain and try to be supportive.

The only person stupid here is you... Be supportive for a bunch of f... amateurs. I WANT MY FUCKING MONEY BACK

[1715523538]

1715523538

[1715523538]

1715523538

[1715523538]

1715523538

[1715523538]

1715523538

[1715523538]

1715523538

[Tay]

The down side to an unregulated system of transferring currency.  It isn't the first and wont be the last.

Spent a bit of time on Blockchain looking at the trail it left earlier. Very messy.  I hope everybody that lost currency, gets it back.

[Troll Toll]

let's all calm down and just relax until they sort this out. I am hopeful everything will be reimbursed and we can return to mining here. time will tell.

[skyhawk]

While I dislike the automatic daily payout if account > 0.001 BTC over at middlecoin it certainly mitigates this issue.

I've had nothing stolen, though my payout address was changed. Even if my balance had been stolen, it's only a couple days of mining income. Why do people treat a small mining pool like a bank? If you have hundreds of dollars worth of BTC stored in such a place you have only yourself to blame when it gets stolen. This is 10x more applicable to this pool, because they're running some 20-odd? different crypto blockchains and clients, plus all the logic for auto-trading and accounting. The more complex a system is the more likely it will have vulnerabilities.

I'm continuing to mine here, hoping that the operators will identify and fix the problem, and communicate to end users how/if they intend to make this right. I'm also going to suggest the pool impose a maximum BTC balance for auto-payout to limit their liability in the event of future hacks.

[g0re79]

Ops should reimburse users, but only partially - if someone is too stupid to leave 0.5+ BTC on pool ran by two (doesn´t matter how honest) guys, where no one can expect robust security platform, deserves nothing more than loose it. During 6 months of mining I lost coins in various scams (Unocs, Orbit Coin, PhenixEx..) and I learned one thing - You are on enemy territory and if You loose, it was by your mistake so blame no one but You.

aTriz and nearmiss did great job here, so stop complain and try to be supportive.

The only person stupid here is you... Be supportive for a bunch of f... amateurs. I WANT MY FUCKING MONEY BACK

Would you left bag of money lying on the table? Its the same - You´re either stupid or don´t need them at all. Reimburse up to 3 days of mining sounds more than fair to me, even 2 should be OK. Its everyone´s responsibility to take care of their hardly mined coins.

[aTriz]

Ops should reimburse users, but only partially - if someone is too stupid to leave 0.5+ BTC on pool ran by two (doesn´t matter how honest) guys, where no one can expect robust security platform, deserves nothing more than loose it. During 6 months of mining I lost coins in various scams (Unocs, Orbit Coin, PhenixEx..) and I learned one thing - You are on enemy territory and if You loose, it was by your mistake so blame no one but You.

aTriz and nearmiss did great job here, so stop complain and try to be supportive.

The only person stupid here is you... Be supportive for a bunch of f... amateurs. I WANT MY FUCKING MONEY BACK

Glad you are being so mature about all this, we can tell who are the adults in the room!

In other news, we continue to have login's/payouts DISABLED, we will update here and in IRC within a few hours after me and nearmiss have a sit down and discuss things.

~Hashcows Team~

P.S. Merry Christmas everyone, sorry to start it off with this bad day!

[worldlybedouin]

Ops should reimburse users, but only partially - if someone is too stupid to leave 0.5+ BTC on pool ran by two (doesn´t matter how honest) guys, where no one can expect robust security platform, deserves nothing more than loose it. During 6 months of mining I lost coins in various scams (Unocs, Orbit Coin, PhenixEx..) and I learned one thing - You are on enemy territory and if You loose, it was by your mistake so blame no one but You.

aTriz and nearmiss did great job here, so stop complain and try to be supportive.

The only person stupid here is you... Be supportive for a bunch of f... amateurs. I WANT MY FUCKING MONEY BACK

Glad you are being so mature about all this, we can tell who are the adults in the room!

For what it's worth, I don't expect HCows to reimburse me for any of my losses.  No pool is insured against any kind of losses...this isn't the bank, there's no FDIC and we all know this -- whether we choose to accept it or not is another story.  This isn't Coinbase or something where I've got an upfront understanding of the safety/security of my coins...no pool mananger out there would be crazy enough insure against losses.  If a pool owner decides to reimburse some/all of their members' losses that's a different story.

That being said, I think that the team at HCows will have to work extra hard to regain trust of the pool members in order to keep things going forward.

I consider this nothing more than 1 more lesson learned in the new world of crypto.  As individuals we can choose to bitch and moan but it won't change a thing.  Going forward I would like to ask us all to try and remain somewhat professional about this and see what the HCows team does next...the ball is in their court.

[Tay]

Ops should reimburse users, but only partially - if someone is too stupid to leave 0.5+ BTC on pool ran by two (doesn´t matter how honest) guys, where no one can expect robust security platform, deserves nothing more than loose it. During 6 months of mining I lost coins in various scams (Unocs, Orbit Coin, PhenixEx..) and I learned one thing - You are on enemy territory and if You loose, it was by your mistake so blame no one but You.

aTriz and nearmiss did great job here, so stop complain and try to be supportive.

The only person stupid here is you... Be supportive for a bunch of f... amateurs. I WANT MY FUCKING MONEY BACK

Glad you are being so mature about all this, we can tell who are the adults in the room!

In other news, we continue to have login's/payouts DISABLED, we will update here and in IRC within a few hours after me and nearmiss have a sit down and discuss things.

~Hashcows Team~

P.S. Merry Christmas everyone, sorry to start it off with this bad day!

Hope it all works out for you. It all looked very promising.

Alas, I moved to middlecoin a few days ago, seemed more stable for my kind of limited mining.

Given the crap thats just happened, I hope you can salvage some of your Christmas!

[phrozenspite]

the absolute coolest thing the pool could do is reimburse people.  Even if that means the end of this incarnation of the pool.  Mtred paid everyone back when the pool went broke.  I could see the pool not being responsible if someone had their password set as password and pin set as 1234, but this looks to be something quite different.

With that said, i support Atriz and Nearmiss and I know that they'll do everything they can to rectify the situation

[Hueristic]

Why doesn't the pool just add a credit of the amount lost to the fee's and allow the pool to pay the community back over time?

[MIN3R]

Not sure if my BTC was taken or not... But when I tried logging in via my cellphone to check my balance so far today, mainly to make sure my miner is still up & running since I'm away from home, I couldn't log in. I have the https://hashco.ws/stats.php page bookmarked so I didn't even see the message about accounts being compromised, but since I couldn't log in I automatically assumed something like that had happened. So I remoted into my miner, and it was still hashing away! Quickly switched it to another pool! Then pulled out the laptop just in case to see if there was some issue with using my phone to log in. That's when I saw the warning message... Luckily, I have my auto-payout set low enough that I'm paid out daily.

But it definitely sucks that it has been mining all day, probably 18+ hours since last payout before I switched it, possibly just going into someone else wallet and costing me electricity/time. Hopefully they'll get this all sorted out soon, I've enjoyed (short of downtime and high reject rates) using hashcows



* Note that you may wanna put the warning message on the stats page as well to make sure people are aware if they don't go to the main page first...

[billionaire]

Ops should reimburse users, but only partially - if someone is too stupid to leave 0.5+ BTC on pool ran by two (doesn´t matter how honest) guys, where no one can expect robust security platform, deserves nothing more than loose it. During 6 months of mining I lost coins in various scams (Unocs, Orbit Coin, PhenixEx..) and I learned one thing - You are on enemy territory and if You loose, it was by your mistake so blame no one but You.

aTriz and nearmiss did great job here, so stop complain and try to be supportive.

I will be a lot more supportive if I receive my coins back in a timely manner (if I receive them at all). Sure, any website can be hacked. It is hard to pay for proper security, and even that often isn't enough. However, not only did Hashcows allow a hacker to access all the users' account passwords and PINS, they didn't even have a failsafe in place for if/when the site was compromised.

The theft was ongoing for two full HOURS before withdraws were halted. Are you saying that the site should not have considered adding a flagging system when the withdraw rate from it's users shot up 1,000% all at once that could have at least stopped SOME of the thefts? This would have reduced the losses and made it more likely that the smaller amount of lost coins could be refunded. You can blame people for not withdrawing every day if you want, but it seems like (to me at least) that when you have tons of people who typically withdraw only every few days/weeks and/or they have their auto payout threshold set to a "high" figure, that Hashcows should have halted withdraws MUCH faster than two hours later. All those occational withdrawing users all didn't decide to lower their thresholds and pull their funds at the same time and all to the SAME ADDRESS.

Major security breach that users had no part in their information being changed and coins stolen. Site had no early warning alarms in place to catch blatantly obvious theft occurring. Many users paid a premium to the Hashcows owners for them to autotrade the coins they mined, on top of the regular mining fees paid to the site. These funds were apparently never used to increase DDOS protection to levels seen at other comparable sized pools, as Hashcows always had a lot of downtime, pretty much on a daily basis.

Where is the part where these guys did a great job? They didn't run a charity. They provided services for a price. I would say the price paid certainly did not match the quality of service.

At the very least these guys should reimburse all mining and autotrading fees accumulated for every affected user. Doesn't really seem fair for them to keep the profits they made from miners/autotraders when they allowed all of what was actually left to the miners to get stolen.In reality, they should refund all lost coins, but I will be very surprised if this happens.

[BrewCrewFan]

Ops should reimburse users, but only partially - if someone is too stupid to leave 0.5+ BTC on pool ran by two (doesn´t matter how honest) guys, where no one can expect robust security platform, deserves nothing more than loose it. During 6 months of mining I lost coins in various scams (Unocs, Orbit Coin, PhenixEx..) and I learned one thing - You are on enemy territory and if You loose, it was by your mistake so blame no one but You.

aTriz and nearmiss did great job here, so stop complain and try to be supportive.

The only person stupid here is you... Be supportive for a bunch of f... amateurs. I WANT MY FUCKING MONEY BACK

Glad you are being so mature about all this, we can tell who are the adults in the room!

For what it's worth, I don't expect HCows to reimburse me for any of my losses.  No pool is insured against any kind of losses...this isn't the bank, there's no FDIC and we all know this -- whether we choose to accept it or not is another story.  This isn't Coinbase or something where I've got an upfront understanding of the safety/security of my coins...no pool mananger out there would be crazy enough insure against losses.  If a pool owner decides to reimburse some/all of their members' losses that's a different story.

That being said, I think that the team at HCows will have to work extra hard to regain trust of the pool members in order to keep things going forward.

I consider this nothing more than 1 more lesson learned in the new world of crypto.  As individuals we can choose to bitch and moan but it won't change a thing.  Going forward I would like to ask us all to try and remain somewhat professional about this and see what the HCows team does next...the ball is in their court.

Yep this has happen to other pools and this one will not be the last one.
Only fools would keep more than one days worth of mining of ANY coin in a pool, let alone BTC.
I also dont understand wanting autopayout with it only going on for a day.  I take extra precautions when dealing with BTC, as in not only taking out as soon as the balance says I can, fees be damned, but I dont do auto pay because I need to verify EACH TIME that the addy is indeed correct for there is not going back if there is a typo or the wrong addy in the box.

People who are bitching about the time frame it took to stop and attack, ask a lot of cryptsy traders how long they have been waiting or have waited for coins to show up or have just vanished. In this kind of world stuff happens, can happen at any pool at any time. You hard earned BTC is best kept not in a pool but a wallet on your thumb drive that only connected when your transferring BTC in or out of your wallet, along with a BU of that too.

[Anubite]

 

Anyone consider the breach was an internal gig? To make it a very merry xmas for the hosts?

 

[BrewCrewFan]

Ops should reimburse users, but only partially - if someone is too stupid to leave 0.5+ BTC on pool ran by two (doesn´t matter how honest) guys, where no one can expect robust security platform, deserves nothing more than loose it. During 6 months of mining I lost coins in various scams (Unocs, Orbit Coin, PhenixEx..) and I learned one thing - You are on enemy territory and if You loose, it was by your mistake so blame no one but You.

aTriz and nearmiss did great job here, so stop complain and try to be supportive.

I will be a lot more supportive if I receive my coins back in a timely manner (if I receive them at all). Sure, any website can be hacked. It is hard to pay for proper security, and even that often isn't enough. However, not only did Hashcows allow a hacker to access all the users' account passwords and PINS, they didn't even have a failsafe in place for if/when the site was compromised.

The theft was ongoing for two full HOURS before withdraws were halted. Are you saying that the site should not have considered adding a flagging system when the withdraw rate from it's users shot up 1,000% all at once that could have at least stopped SOME of the thefts? This would have reduced the losses and made it more likely that the smaller amount of lost coins could be refunded. You can blame people for not withdrawing every day if you want, but it seems like (to me at least) that when you have tons of people who typically withdraw only every few days/weeks and/or they have their auto payout threshold set to a "high" figure, that Hashcows should have halted withdraws MUCH faster than two hours later. All those occational withdrawing users all didn't decide to lower their thresholds and pull their funds at the same time and all to the SAME ADDRESS.

Major security breach that users had no part in their information being changed and coins stolen. Site had no early warning alarms in place to catch blatantly obvious theft occurring. Many users paid a premium to the Hashcows owners for them to autotrade the coins they mined, on top of the regular mining fees paid to the site. These funds were apparently never used to increase DDOS protection to levels seen at other comparable sized pools, as Hashcows always had a lot of downtime, pretty much on a daily basis.

Where is the part where these guys did a great job? They didn't run a charity. They provided services for a price. I would say the price paid certainly did not match the quality of service.

At the very least these guys should reimburse all mining and autotrading fees accumulated for every affected user. Doesn't really seem fair for them to keep the profits they made from miners/autotraders when they allowed all of what was actually left to the miners to get stolen.In reality, they should refund all lost coins, but I will be very surprised if this happens.

The service is running a pool for YOU to mine at and auto exchange your coins to BTC. Find ONE POOL that offers to pay you any outstanding balances if something goes wrong there. I bet you will not find ONE.

The fees are comparable to any pool, get over yourself.

[BrewCrewFan]

Anyone consider the breach was an internal gig? To make it a very merry xmas for the hosts?

 

LOL sure, that is why they were active in chat as soon as they got on. Yeah. Unless they got other people who have access.... not likely.

[g0re79]

Anyone consider the breach was an internal gig? To make it a very merry xmas for the hosts?

 

No, no and just NO!. I am milking this cow for more than month and half and I readed all 95 pages of this topic during that time and I can put my hand in the fire for both nearmiss and aTriz. Theese guys were always open to new ideas and they had implement most of good ones quickly, bit messy sometimes, but they did their best. On the other hand, as honest as they are, they also didn´t count with possibility that there is always some scum bag waiting for Your mistake.

[Anubite]

Anyone consider the breach was an internal gig? To make it a very merry xmas for the hosts?

 

No, no and just NO!. I am milking this cow for more than month and half and I readed all 95 pages of this topic during that time and I can put my hand in the fire for both nearmiss and aTriz. Theese guys were always open to new ideas and they had implement most of good ones quickly, bit messy sometimes, but they did their best. On the other hand, as honest as they are, they also didn´t count with possibility that there is always some scum bag waiting for Your mistake.

I hope so...I am relatively new, and after this have been considering switching to their closest competitor. I just got my r9 290x, then this joke.

Maybe their computers were infected at home? Maybe their own passwords were too simple? Maybe people used the same password across a dozen "coin" sites and the guys with malicious intent finally collected enough verification of such fact to unleash themselves.

The enemy of security is expediency, and vise-versa.

[billionaire]

"The service is running a pool for YOU to mine at and auto exchange your coins to BTC. Find ONE POOL that offers to pay you any outstanding balances if something goes wrong there. I bet you will not find ONE.

The fees are comparable to any pool, get over yourself."

The excessive amount of downtime at Hashcows certainly wasn't comparable to most pools.

How many of the other pools have ever allowed all/virtually all of it's users' balances to be all withdrawn to one single rogue address of a hacker? Certainly not comparable to most pools.

If you feel like the comparable fees charged by Hashcows has also equaled the quality of service provided by most other pools, I guess you have had lots of rotten luck in the past with where you have chosen to spend your hashpower at. I am to blame in part for this, though. I knew from past experiences with the site that they are down a large percentage of the time. I chalked that up to them still being fairly new. However, I was also looking for the least hands-on way to mine and convert to BTC and figured HC had moved past the growing pains, so I came back last week hoping things had changed. This was clearly a mistake on my part, as the downtime was still very high and at the end of the week all of my coins not paid into Hashcow's fees was then stolen from me due to their lack of security.

No, I have not seen any other pool guaranteeing the safety of users' balances. If any of them ever lose all of my coins from their own lack of security (completely independent of my own personal computer being hacked) and at the same time allow this exact thing to happen to most/all of  it's userbase, I will call them out on it too. I will also call out anyone telling people not to complain and that the site owners are doing a great job.

Get over myself? I think my response was pretty fair to whoever said that no one should be complaining and that the HC team is doing a great job. They clearly are not.

[gchil0]

Ugh!  I had 0.0388 BTC stolen.