monbux
Legendary
Offline
Activity: 1736
Merit: 1029
|
|
October 23, 2013, 10:43:55 PM |
|
What bot did you use, who was this user, and how did he scam you? Was the bot set up to cash out the bitcoins to the scammer?
|
|
|
|
culexevilman
Legendary
Offline
Activity: 1064
Merit: 1000
Bitcoin is too valuable to be used as a currency
|
|
October 24, 2013, 01:13:19 AM Last edit: October 24, 2013, 01:23:56 AM by culexevilman |
|
If you paid for this bot, then really theres nothin to say, greed kills all... http://dalanmao.net/
|
|
|
|
dooglus
Legendary
Offline
Activity: 2940
Merit: 1333
|
|
October 24, 2013, 02:05:06 AM |
|
- use different login/pass for each sites,
That seems to be the one that would have worked in this instance. Someone had a list of usernames and passwords from a different site and tried them on Just-Dice. Most of the usernames they tried didn't even exist on Just-Dice, but some did, and some of those use the same password as on the hacked site. Some of those ones with the same username and password also had 2FA disabled, or had it enabled, but not required to withdraw. Those are the people who lost coins. The lesson here is twofold: 1) don't reuse passwords 2) do use 2FA when available I'm sorry for people's losses. It's an expensive way to learn about password security. Incidentally, I would be very interested to learn which site the list of usernames and passwords was hacked from. If your account was compromised and you only used the same account details on a few other sites, please list those other sites here so we can see if a pattern emerges. I've checked the logs. It appears that the amounts stolen were (in size order): 0.00018560, 0.00069031, 0.00930999, 0.00990000, 0.01006117, 0.01137880, 0.01773303, 0.02915000, 0.04515912, 0.04542498, 0.04976687, 0.08471695, 0.60705816, 0.88197790, 3.87314367, 60.07364941 Total: 65.74930596 BTC. The stolen coins were sent to 1GtAri6QDusZVFPtCBufA7ti6R34BxRwBB (14 transactions) and 1sCaMzrzY6sCaRMUY9WjM35QnwHYLyBEd (2 transactions). If anyone would like to donate to make the victims whole, I set up address 1GbDrpVNGxC8CxfZrYMPVPZ2KNwvcXEHT7 for donations. Anything sent there will go to the 16 who lost funds.
|
Just-Dice | ██ ██████████ ██████████████████ ██████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████ ██████████████ ██████ | Play or Invest | ██ ██████████ ██████████████████ ██████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████ ██████████████ ██████ | 1% House Edge |
|
|
|
aksplace (OP)
|
|
October 24, 2013, 04:07:41 AM Last edit: October 24, 2013, 04:21:08 AM by aksplace |
|
- use different login/pass for each sites,
That seems to be the one that would have worked in this instance. Someone had a list of usernames and passwords from a different site and tried them on Just-Dice. Most of the usernames they tried didn't even exist on Just-Dice, but some did, and some of those use the same password as on the hacked site. Some of those ones with the same username and password also had 2FA disabled, or had it enabled, but not required to withdraw. Those are the people who lost coins. The lesson here is twofold: 1) don't reuse passwords 2) do use 2FA when available I'm sorry for people's losses. It's an expensive way to learn about password security. Incidentally, I would be very interested to learn which site the list of usernames and passwords was hacked from. If your account was compromised and you only used the same account details on a few other sites, please list those other sites here so we can see if a pattern emerges. I've checked the logs. It appears that the amounts stolen were (in size order): 0.00018560, 0.00069031, 0.00930999, 0.00990000, 0.01006117, 0.01137880, 0.01773303, 0.02915000, 0.04515912, 0.04542498, 0.04976687, 0.08471695, 0.60705816, 0.88197790, 3.87314367, 60.07364941 Total: 65.74930596 BTC. The stolen coins were sent to 1GtAri6QDusZVFPtCBufA7ti6R34BxRwBB (14 transactions) and 1sCaMzrzY6sCaRMUY9WjM35QnwHYLyBEd (2 transactions). If anyone would like to donate to make the victims whole, I set up address 1GbDrpVNGxC8CxfZrYMPVPZ2KNwvcXEHT7 for donations. Anything sent there will go to the 16 who lost funds. Good Idea and with some reasonable problem solving we can probably find the source of this. Did Casinobit recently "find" some bitcoins? if I recall some of the investors was recently paid "need source". So I guess we need to ask other victims, what bitcoin gambling companies have you joined and eliminate one by one?
|
|
|
|
dooglus
Legendary
Offline
Activity: 2940
Merit: 1333
|
|
October 24, 2013, 05:35:16 AM |
|
I would be very interested to learn which site the list of usernames and passwords was hacked from. If your account was compromised and you only used the same account details on a few other sites, please list those other sites here so we can see if a pattern emerges.
I PM'ed one user who I saw had been compromised by the attacker. He replied: BTC-sites I can think of that have the same pw (though not necessarily the same login-name) are Bitcointalk, BTCT, Havelock and Bitfunder.
So there's datapoint 1. Anyone else? You may be wondering "was my account compromised?" Well, here's a list of compromised userids: 983 2018 2436 2828 3095 3258 3481 4259 6700 8509 8606 8660 8815 9825 9895 10167 11303 12326 12732 34054 34490 36411 38924 43386 44554 46462 48038 48131 48640 48781 56101 57228 58436 61376 64827 67755 69701 69908 70295 71528 74347 78524 79308 79539 80125 83971 84543 84943 94532 98378 103149 103388 105449 107711 112714 115375 116667 119688 120272 121724 122727 127888 134617 135093 136202 148465 157053 157854 181501 182131 If one of these is yours, please tell me where else you used your JD password.
|
Just-Dice | ██ ██████████ ██████████████████ ██████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████ ██████████████ ██████ | Play or Invest | ██ ██████████ ██████████████████ ██████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████ ██████████████ ██████ | 1% House Edge |
|
|
|
SpaceJelly
Member
Offline
Activity: 106
Merit: 10
|
|
October 24, 2013, 07:20:16 AM |
|
Two words...
Password Manager
Personally I use lastpass.com and have used roboform in the past but there are many more out there. You just need to remember one very secure master password then the rest you let the PW Manager handle it for you.
I have no idea what my password is for just-dice, or this forum without looking at my password vault! None are the same, all unique, and all very long with letters, numbers and symbols in them.
|
1Je11yL4Fqw5nvaP6KUs2JDABBp29vKeEU 1JeLLyv8o7YwooSg53qEdDSPXeAT3ShQoc
|
|
|
dooglus
Legendary
Offline
Activity: 2940
Merit: 1333
|
|
October 24, 2013, 05:14:43 PM |
|
Two words...
Password Manager
I condone this message.
|
Just-Dice | ██ ██████████ ██████████████████ ██████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████ ██████████████ ██████ | Play or Invest | ██ ██████████ ██████████████████ ██████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████ ██████████████ ██████ | 1% House Edge |
|
|
|
dooglus
Legendary
Offline
Activity: 2940
Merit: 1333
|
|
October 24, 2013, 05:47:48 PM |
|
I've checked the logs. It appears that the amounts stolen were (in size order):
0.00018560, 0.00069031, 0.00930999, 0.00990000, 0.01006117, 0.01137880, 0.01773303, 0.02915000, 0.04515912, 0.04542498, 0.04976687, 0.08471695, 0.60705816, 0.88197790, 3.87314367, 60.07364941
If anyone would like to donate to make the victims whole, I set up address 1GbDrpVNGxC8CxfZrYMPVPZ2KNwvcXEHT7 for donations. Anything sent there will go to the 16 who lost funds.
Thanks for all the donations. A total of 2.40995525 BTC was received so far (not including the guy who paid one of the victims back in full privately). That's enough to pay all but the biggest three back in full. If I give the biggest 3 the same as the 4th, then it totals 2.696 BTC. I'll make up the difference: 0.00018560 0.00069031 0.00930999 0.00990000 0.01006117 0.01137880 0.01773303 0.02915000 [0.04515912] 0.04542498 0.04976687 0.08471695 0.60705816 0.60705816 0.60705816 0.60705816 I will refund the victims as soon as they reclaim their accounts and enable 2FA. I don't want the attacker withdrawing the refunds too!
|
Just-Dice | ██ ██████████ ██████████████████ ██████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████ ██████████████ ██████ | Play or Invest | ██ ██████████ ██████████████████ ██████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████ ██████████████ ██████ | 1% House Edge |
|
|
|
wasserman99
|
|
October 24, 2013, 07:27:33 PM |
|
so just to confirm -- this is just because people recycled usernames and passwords right?
|
|
|
|
Redcoin
|
|
October 24, 2013, 08:15:35 PM |
|
Seems the sites fault... the site should of had a type of 2 factor authentication on the withdraw system compulsary. like enter an emailed pin or what ever. And a system that blocks users who login mulitiple wrong accounts, and also alerts the site admins something dodgie is going on.
Until thats implemented it will keep happening.
|
|
|
|
dooglus
Legendary
Offline
Activity: 2940
Merit: 1333
|
|
October 25, 2013, 12:16:26 AM |
|
so just to confirm -- this is just because people recycled usernames and passwords right?
I can't be sure. It's possible that some of the usernames and passwords were collected using a keylogger on compromised users' computers. Someone claiming to be the hacker was in the JD chat talking about their "java driveby", which I imagine is some kind of exploit. Disable the java plugin in your browser if you have it installed.
|
Just-Dice | ██ ██████████ ██████████████████ ██████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████ ██████████████ ██████ | Play or Invest | ██ ██████████ ██████████████████ ██████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████ ██████████████ ██████ | 1% House Edge |
|
|
|
dooglus
Legendary
Offline
Activity: 2940
Merit: 1333
|
|
October 25, 2013, 12:19:26 AM |
|
Seems the sites fault... the site should of had a type of 2 factor authentication on the withdraw system compulsary. like enter an emailed pin or what ever. And a system that blocks users who login mulitiple wrong accounts, and also alerts the site admins something dodgie is going on.
I know you're new to Bitcoin gaming, but requiring users to register an email address typically doesn't fly.
|
Just-Dice | ██ ██████████ ██████████████████ ██████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████ ██████████████ ██████ | Play or Invest | ██ ██████████ ██████████████████ ██████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████ ██████████████ ██████ | 1% House Edge |
|
|
|
galbros
Legendary
Offline
Activity: 1022
Merit: 1000
|
|
October 25, 2013, 12:22:37 AM |
|
Dooglus said it best on the other JD thread: Because casual players want as few barriers between them and the dice as possible. They want to deposit, play, maybe withdraw winnings, and forget about the account. Account registration and 2FA is boring.
For people intending to leave coins on their accounts though, it's clearly a good idea to use 2FA.
In short, this is not JD's fault. I also appreciate how open you've been about which accounts the hacker tried to access.
|
|
|
|
dooglus
Legendary
Offline
Activity: 2940
Merit: 1333
|
|
October 25, 2013, 12:25:12 AM |
|
I also appreciate how open you've been about which accounts the hacker tried to access.
Oh, in case I wasn't clear, those are accounts the hacker DID access. Most of them either had no funds or were protected by 2FA. 'Only' 16 of them had funds that the hacker was able to withdraw.
|
Just-Dice | ██ ██████████ ██████████████████ ██████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████ ██████████████ ██████ | Play or Invest | ██ ██████████ ██████████████████ ██████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████ ██████████████ ██████ | 1% House Edge |
|
|
|
b!z
Legendary
Offline
Activity: 1582
Merit: 1010
|
|
October 25, 2013, 10:32:03 AM |
|
so just to confirm -- this is just because people recycled usernames and passwords right?
I can't be sure. It's possible that some of the usernames and passwords were collected using a keylogger on compromised users' computers. Someone claiming to be the hacker was in the JD chat talking about their "java driveby", which I imagine is some kind of exploit. Disable the java plugin in your browser if you have it installed. This is what a java driveby looks like: http://www.xylibox.com/2012/07/sparkyjava.htmlIt will only be able to download and run malware if you allow it, which doesn't really make it an "exploit".
|
|
|
|
KgBC
Newbie
Offline
Activity: 55
Merit: 0
|
|
October 25, 2013, 01:41:12 PM |
|
Well maybe I'll get some pledges this time for making a bot that won't steal anyones cash... Any interest in this?
There are already open-source bots available. Could you provide us a list of "known bots" for the website Rannasha? Also we are currently looking for a seasoned veteran coder to review such bots to insure safety and security for players. Here is mine, support included https://github.com/KgBC/just-dice-botIs running as python cli application, which I consider as much more stable than running in a browser window (especially thru tor). Always download it from the original source above, so noone could compromise code. Have Fun gambling
|
|
|
|
01BTC10
VIP
Hero Member
Offline
Activity: 756
Merit: 503
|
|
October 25, 2013, 01:48:23 PM |
|
- use different login/pass for each sites,
That seems to be the one that would have worked in this instance. Someone had a list of usernames and passwords from a different site and tried them on Just-Dice. Most of the usernames they tried didn't even exist on Just-Dice, but some did, and some of those use the same password as on the hacked site. Some of those ones with the same username and password also had 2FA disabled, or had it enabled, but not required to withdraw. Those are the people who lost coins. The lesson here is twofold: 1) don't reuse passwords 2) do use 2FA when available I'm sorry for people's losses. It's an expensive way to learn about password security. Incidentally, I would be very interested to learn which site the list of usernames and passwords was hacked from. If your account was compromised and you only used the same account details on a few other sites, please list those other sites here so we can see if a pattern emerges. I've checked the logs. It appears that the amounts stolen were (in size order): 0.00018560, 0.00069031, 0.00930999, 0.00990000, 0.01006117, 0.01137880, 0.01773303, 0.02915000, 0.04515912, 0.04542498, 0.04976687, 0.08471695, 0.60705816, 0.88197790, 3.87314367, 60.07364941 Total: 65.74930596 BTC. The stolen coins were sent to 1GtAri6QDusZVFPtCBufA7ti6R34BxRwBB (14 transactions) and 1sCaMzrzY6sCaRMUY9WjM35QnwHYLyBEd (2 transactions). If anyone would like to donate to make the victims whole, I set up address 1GbDrpVNGxC8CxfZrYMPVPZ2KNwvcXEHT7 for donations. Anything sent there will go to the 16 who lost funds. Good Idea and with some reasonable problem solving we can probably find the source of this. Did Casinobit recently "find" some bitcoins? if I recall some of the investors was recently paid "need source". So I guess we need to ask other victims, what bitcoin gambling companies have you joined and eliminate one by one? Did not read that anyone got reimbursed. Anyway, his website use an URL as login so he can't have collected any user/pass.
|
|
|
|
aksplace (OP)
|
|
October 26, 2013, 04:06:50 PM |
|
Well maybe I'll get some pledges this time for making a bot that won't steal anyones cash... Any interest in this?
There are already open-source bots available. Could you provide us a list of "known bots" for the website Rannasha? Also we are currently looking for a seasoned veteran coder to review such bots to insure safety and security for players. Here is mine, support included https://github.com/KgBC/just-dice-botIs running as python cli application, which I consider as much more stable than running in a browser window (especially thru tor). Always download it from the original source above, so noone could compromise code. Have Fun gambling Thanks will be coming with article soon, Douglas thanks for the hard work on analyzing actions from the perpetrator hopefully we have more info on this later on. Clearly they used an anonymous program but I show a potential IP out of London that might have been responsible.
|
|
|
|
dooglus
Legendary
Offline
Activity: 2940
Merit: 1333
|
|
October 26, 2013, 04:27:39 PM |
|
Did not read that anyone got reimbursed. Anyway, his website use an URL as login so he can't have collected any user/pass.
I have only reimbursed 3 of the 16 accounts that lost funds so far. I have blocked access to the others, and am waiting for their owners to contact me and demonstrate that they have secured their accounts before refunding them. I expect most of them were old forgotten accounts with what their owners considered 'dust' in them. JD uses URLs as a login until you set up and username and password. Once you've done that, the URL no longer works.
|
Just-Dice | ██ ██████████ ██████████████████ ██████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████ ██████████████ ██████ | Play or Invest | ██ ██████████ ██████████████████ ██████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████ ██████████████ ██████ | 1% House Edge |
|
|
|
01BTC10
VIP
Hero Member
Offline
Activity: 756
Merit: 503
|
|
October 26, 2013, 04:37:45 PM |
|
Did not read that anyone got reimbursed. Anyway, his website use an URL as login so he can't have collected any user/pass.
I have only reimbursed 3 of the 16 accounts that lost funds so far. I have blocked access to the others, and am waiting for their owners to contact me and demonstrate that they have secured their accounts before refunding them. I expect most of them were old forgotten accounts with what their owners considered 'dust' in them. JD uses URLs as a login until you set up and username and password. Once you've done that, the URL no longer works. He was talking about Casinobit Did Casinobit recently "find" some bitcoins? if I recall some of the investors was recently paid "need source". So I guess we need to ask other victims, what bitcoin gambling companies have you joined and eliminate one by one?
|
|
|
|
|