Bitcoin Forum
October 21, 2020, 11:19:06 AM *
News: Latest Bitcoin Core release: 0.20.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 [24] 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 ... 88 »
  Print  
Author Topic: Network Attack on XVG / VERGE  (Read 28821 times)
jl777B
Full Member
***
Offline Offline

Activity: 476
Merit: 133


View Profile
April 05, 2018, 07:21:50 PM
 #461

I was in the Verge/Discord room when OCMiner came in yesterday, that's where the initial conversation between him and VergeDEV went down, I saw it all live.  Here's my take on the situation if anyone wants to listen to a BTCTalk newb:

Verge/Discord is better than Verge/TG, but not by a huge degree.  People come in there all the time making wild accusations, trash talking the coin and DEV team, sometimes making threats etc.....it is sort of the wild west at times.

What I witnessed, was an un-established, newb Discord member, who's never been there and never been a member of the community come in and starts making all these accusations.  VergeDEV did just happen to be online so he took a step back to dig in and see what was happening.  In the meantime, OCMiner kept going on and on and on, being rude and somewhat demanding of VergeDEV and everyone else in there.....just like all the usual unknown trash talkers do when they come in the room.  What's even more annoying is he never announced himself as the guy who runs any pools, and that he might have intimate knowledge of what happening, just started trash talking right away.....and VergeDEV even asked him if he ran a pool and wanted to talk in private.....to which he never answered.  Then he continued being quite rude, making demands, until he got himself banned.  

I, myself, didn't even take him seriously for about 15 minutes until I started looking at my own miner and the block explorers because he was being quite unprofessional and rude to VergeDEV and everyone in the group as well.....like all the other trash talkers that stop by.

Do I agree that this has been handled by the Verge team in the best way possible?  No, but hindsight is 20/20.  But the way OCMiner conducted himself in a public chat room yesterday morning could have been compared to me walking into the middle of the US Capitol building with a mask over my face so no one could see me, and not identifying myself, screaming "someone is printing extra money at the federal reserve and taking it home with them" then demanding that they fix it right away over and over again while proclaiming this was the end of everything for Verge, among many other insulting things.  You can imagine how well that was received and how seriously he was taken at first.  

There is a reason when exploits are found in software, no matter if they are actively being exploited or not, if you want to minimize damage to all parties involved, you keep things quiet at first and take things through officials channels to allow a fix to be implemented so that others don't take advantage of the exploit right away, not blast it all over the interwebs.  

I work in internet/cyber security, and couldn't imagine the world if every time a security researcher who found an exploit in software or hardware immediately ran out and posted every detail about how it works before giving the software vendor/dev team a chance to patch the code?  Well, I can, and I would rather dig ditches for a living than try to do my current job if that's the way everyone operated when it came to bugs or security flaws.

That's my 2cents
I thought ocminer used "ocminer" in the discord. He is a very well known person.

Also, this isnt any zeroday exploit that needs super secrecy anyway. It is a known exploit already done to other coins that cloned from the same upstream. It seems all attacks on those coins are attacks that could happen to XVG.

Does that need to be kept a secret? Did I just let random hackers on the internet know something they didnt already know?

1603279146
Hero Member
*
Offline Offline

Posts: 1603279146

View Profile Personal Message (Offline)

Ignore
1603279146
Reply with quote  #2

1603279146
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1603279146
Hero Member
*
Offline Offline

Posts: 1603279146

View Profile Personal Message (Offline)

Ignore
1603279146
Reply with quote  #2

1603279146
Report to moderator
1603279146
Hero Member
*
Offline Offline

Posts: 1603279146

View Profile Personal Message (Offline)

Ignore
1603279146
Reply with quote  #2

1603279146
Report to moderator
noicyminer
Newbie
*
Offline Offline

Activity: 13
Merit: 0


View Profile
April 05, 2018, 07:28:35 PM
 #462

I was in the Verge/Discord room when OCMiner came in yesterday, that's where the initial conversation between him and VergeDEV went down, I saw it all live.  Here's my take on the situation if anyone wants to listen to a BTCTalk newb:
That's my 2cents


Nice try to put some shit on ocminer....

Anyone can say opposite- any evidence ?
usmanperwaiz
Newbie
*
Offline Offline

Activity: 4
Merit: 0


View Profile
April 05, 2018, 07:31:48 PM
 #463

Lendroid Support Token (LST) holders were airdropped Verge. I guess maybe they hacked Verge and mined 20M XVG and pleased their token holders. Check if they are behind this.
ocminer
Legendary
*
Offline Offline

Activity: 2520
Merit: 1236



View Profile WWW
April 05, 2018, 07:38:44 PM
Merited by Lafu (2)
 #464

So many newbies posting stuff here.. It's really funny Smiley

Just FYI..

Your second "fix".. Is still not working at all, the edit you have here:

https://github.com/vergecurrency/VERGE/blob/master/src/main.cpp#L2306-L2321

You also need here:

https://github.com/vergecurrency/VERGE/blob/master/src/main.cpp#L2219


One is for reading blocks from disk e.g. resyncing and the other is for accepting blocks via peers...



suprnova pools - reliable mining pools - #suprnova on freenet
https://www.suprnova.cc - FOLLOW us @ Twitter ! twitter.com/SuprnovaPools
shadi1989
Newbie
*
Offline Offline

Activity: 22
Merit: 0


View Profile
April 05, 2018, 07:40:29 PM
 #465

Is there a reliable pool where you can mine Verge with Myriad-Gröstl?

Curious about that too...
Hopefully a few pools will accept the Verge coin after this shltstorm is over.
ocminer
Legendary
*
Offline Offline

Activity: 2520
Merit: 1236



View Profile WWW
April 05, 2018, 07:40:46 PM
Merited by Lafu (2)
 #466


So many newbies posting stuff here.. It's really funny Smiley

Just FYI..

Your second "fix".. Is still not working at all, the edit you have here:

https://github.com/vergecurrency/VERGE/blob/master/src/main.cpp#L2306-L2321

You also need here:

https://github.com/vergecurrency/VERGE/blob/master/src/main.cpp#L2219


One is for reading blocks from disk e.g. resyncing and the other is for accepting blocks via peers...




suprnova pools - reliable mining pools - #suprnova on freenet
https://www.suprnova.cc - FOLLOW us @ Twitter ! twitter.com/SuprnovaPools
iluvbitcoins
Legendary
*
Offline Offline

Activity: 2058
Merit: 1134


Freedom&Honor


View Profile WWW
April 05, 2018, 07:42:01 PM
 #467


So many newbies posting stuff here.. It's really funny Smiley

Just FYI..

Your second "fix".. Is still not working at all, the edit you have here:

https://github.com/vergecurrency/VERGE/blob/master/src/main.cpp#L2306-L2321

You also need here:

https://github.com/vergecurrency/VERGE/blob/master/src/main.cpp#L2219


One is for reading blocks from disk e.g. resyncing and the other is for accepting blocks via peers...





If Sunerok was a better guy, he'd pay you to join the team instead of calling you out.
It would be a good move for XVG, even now.

Betnomi.300%..
.
█████████████████████   ████   ██
DEPOSIT
BONUS

████   ████
▄▄▄█████████▄▄▄
▄██▄▄▀▀▀▀▀▀▀▀▀▄▄██▄

▀▀█▀███████████▀█▀▀
▄▄█▄███████████▄█▄▄
▀█████▄▄▄▄▄▄▄▄▄█████▀
▀█▀▀▀█████████▀▀▀█▀
█▄▀▀▀█████████▀▀▀▄█
▄▀███▄▄▄▄▄▄▄▄▄███▀▄
▀█▄▄▄▀▀▀▀▀▀▀▀▀▄▄▄█▀
█▄▀▀▀█████████▀▀▀▄█
▄▀███▄▄▄▄▄▄▄▄▄███▀▄
▀█
▄▄▄▀▀▀▀▀▀▀▀▀▄▄▄█▀
▀▀▀█████████▀▀▀
.
UP
TO
.20%..
.
█████████████████████   ████   ██
WEEKLY
CASHBACK

████   ████
▄▄▄█████████▄▄▄
▄██▄▄▀▀▀▀▀▀▀▀▀▄▄██▄

▀▀█▀███████████▀█▀▀
▄▄█▄███████████▄█▄▄
▀█████▄▄▄▄▄▄▄▄▄█████▀
▀█▀▀▀█████████▀▀▀█▀
█▄▀▀▀█████████▀▀▀▄█
▄▀███▄▄▄▄▄▄▄▄▄███▀▄
▀█▄▄▄▀▀▀▀▀▀▀▀▀▄▄▄█▀
█▄▀▀▀█████████▀▀▀▄█
▄▀███▄▄▄▄▄▄▄▄▄███▀▄
▀█
▄▄▄▀▀▀▀▀▀▀▀▀▄▄▄█▀
▀▀▀█████████▀▀▀
.100%..
.
█████████████████████   ████   ██
.
RAKEBACK
.

████   ████
..Play now!..
ChekaZ
Legendary
*
Offline Offline

Activity: 1881
Merit: 1005



View Profile
April 05, 2018, 07:55:20 PM
 #468


So many newbies posting stuff here.. It's really funny Smiley

Just FYI..

Your second "fix".. Is still not working at all, the edit you have here:

https://github.com/vergecurrency/VERGE/blob/master/src/main.cpp#L2306-L2321

You also need here:

https://github.com/vergecurrency/VERGE/blob/master/src/main.cpp#L2219


One is for reading blocks from disk e.g. resyncing and the other is for accepting blocks via peers...





If Sunerok was a better guy, he'd pay you to join the team instead of calling you out.
It would be a good move for XVG, even now.

As ocminer would work for them after all this shit-talk. - The devs still not get that its a real issue.

BTC: 1Ges1taJ69W7eEMbQLcmNGnUZenBkCnn45
FTC: 6sxjM96KMZ7t4AmDTUKDZdq82Nj931VQvY
Gongolo
Full Member
***
Offline Offline

Activity: 374
Merit: 101


View Profile
April 05, 2018, 07:59:22 PM
 #469

Personally, I am quite disgusted by this matter, above all I'm annoied to know that if someone succeeds in this type of attack, nobody has will or way of blocking them.
Maybe even "ex post", that is making useless the enormous illicit gains, at least from the moment the thing becomes known.
Terrible the fact that you prefer to shrug, saying that it already happened to others and will happen again because it works just like.
The only way to discourage others from doing the same, besides trying to lockdown the code, is to make addresses and coins involved unusable. Doing nothing is like inviting someone else to do it again.
From my point of view, ocminer did well: much respect for him. A little disappointed by Verge instead: as a miner, I don't feel safe.
And it makes me wonder why I should ever continue to mine XVG when others can use illicit shortcuts to get many more coins without consequences.

BTC: 1ABBEJJtTaz8wSvFSsFvUoNkmQXNh7rq2U
kamenrunner
Newbie
*
Offline Offline

Activity: 15
Merit: 0


View Profile
April 05, 2018, 08:00:22 PM
 #470

xmrscott here. ocminer, just want to say you did the right thing in informing the greater crypto community and didn't really do anything that would make for unethical disclosure. The hack was already ongoing and impacting users by the hacker(s) not really including tx in the blocks and depriving honest miners of money.

Withholding the info you found to the public would have only left users and miners in the dark as to why things were happening, but it wouldn't have stopped the hack itself (although ironically for however brief a window it seems your announcement gave the hacker(s) pause). Worst case some other people figure out the more technical aspects of the exploit because it's more known and now multiple hackers are fighting over control of the blockchain instead of one which arguably isn't worse for end users or miners because the net effect is the same. On the flipside making it more known also means people who want to save a shitcoin that lies about the privacy and security it provides now know what the problem is and can help a dev incapable of doing basic multiplication.

The only situation where it would have made sense to not publicly disclose IMO is if you found the exploit yourself, but no one was executing on it yet.

Again, please do not let a crappy dev deter you from future public disclosure should there be any active exploits in the wild you see; we as a crypto community need people to call out issues like this.
TheNewAnon135246
Legendary
*
Offline Offline

Activity: 2198
Merit: 1933


฿uy ฿itcoin


View Profile
April 05, 2018, 08:02:59 PM
 #471

Perfect in a nutshell I agree on all points with you verge dev has responded super fast and do a really good job.

Could you care to explain how the Verge dev did a really good job exactly?
stronghandsdeeppockets
Member
**
Offline Offline

Activity: 266
Merit: 23


View Profile
April 05, 2018, 08:06:59 PM
 #472

Perfect in a nutshell I agree on all points with you verge dev has responded super fast and do a really good job.

Could you care to explain how the Verge dev did a really good job exactly?
he forgot the /s
siege3967
Jr. Member
*
Offline Offline

Activity: 42
Merit: 1


View Profile
April 05, 2018, 08:21:10 PM
 #473

Perfect in a nutshell I agree on all points with you verge dev has responded super fast and do a really good job.

Could you care to explain how the Verge dev did a really good job exactly?
he forgot the /s

Didn't forget. He's been brainwashed to worship "Sunerok"
VergeLife
Newbie
*
Offline Offline

Activity: 4
Merit: 0


View Profile
April 05, 2018, 08:23:20 PM
 #474

Hey guys... everything is going to be fine... consider a few things.. This is an orchestrated attack because of the pending partnership.

Rival coins want to see Verge fail so they can reign supreme. And others want the coin to tank so they can amass more volume for cheap in order to capitalize on the partnership announcement.

Everything is fine. There was an exploit. It has been discovered and a fork is coming to fix it. It's that simple.

No exit scam. No fraud. No inside job... no none of that. We're all going to be okay. Hold onto your Verge.

If you dump now because of FUD, ill-written headlines, and fall victim to exaggerated misinformation campaign, you will kick yourself come the 17th. Guaranteed. Don't fall for it. Your coins are safe. Just hold them close
ChekaZ
Legendary
*
Offline Offline

Activity: 1881
Merit: 1005



View Profile
April 05, 2018, 08:24:41 PM
 #475

Hey guys... everything is going to be fine... consider a few things.. This is an orchestrated attack because of the pending partnership.

Rival coins want to see Verge fail so they can reign supreme. And others want the coin to tank so they can amass more volume for cheap in order to capitalize on the partnership announcement.

Everything is fine. There was an exploit. It has been discovered and a fork is coming to fix it. It's that simple.

No exit scam. No fraud. No inside job... no none of that. We're all going to be okay. Hold onto your Verge.

If you dump now because of FUD, ill-written headlines, and fall victim to exaggerated misinformation campaign, you will kick yourself come the 17th. Guaranteed. Don't fall for it. Your coins are safe. Just hold them close

I love these brand new shilling accounts Cheesy

BTC: 1Ges1taJ69W7eEMbQLcmNGnUZenBkCnn45
FTC: 6sxjM96KMZ7t4AmDTUKDZdq82Nj931VQvY
matricea
Newbie
*
Offline Offline

Activity: 31
Merit: 0


View Profile
April 05, 2018, 08:26:02 PM
 #476

Hey guys... everything is going to be fine... consider a few things.. This is an orchestrated attack because of the pending partnership.

Rival coins want to see Verge fail so they can reign supreme. And others want the coin to tank so they can amass more volume for cheap in order to capitalize on the partnership announcement.

Everything is fine. There was an exploit. It has been discovered and a fork is coming to fix it. It's that simple.

No exit scam. No fraud. No inside job... no none of that. We're all going to be okay. Hold onto your Verge.

If you dump now because of FUD, ill-written headlines, and fall victim to exaggerated misinformation campaign, you will kick yourself come the 17th. Guaranteed. Don't fall for it. Your coins are safe. Just hold them close

There was no FUD!
It's real story, for sure.
I'm glad that I'm not a XVG holder anymore.
Premiermine
Newbie
*
Offline Offline

Activity: 56
Merit: 0


View Profile WWW
April 05, 2018, 08:29:28 PM
 #477

Hey guys... everything is going to be fine... consider a few things.. This is an orchestrated attack because of the pending partnership.

Rival coins want to see Verge fail so they can reign supreme. And others want the coin to tank so they can amass more volume for cheap in order to capitalize on the partnership announcement.

Everything is fine. There was an exploit. It has been discovered and a fork is coming to fix it. It's that simple.

No exit scam. No fraud. No inside job... no none of that. We're all going to be okay. Hold onto your Verge.

If you dump now because of FUD, ill-written headlines, and fall victim to exaggerated misinformation campaign, you will kick yourself come the 17th. Guaranteed. Don't fall for it. Your coins are safe. Just hold them close

What is exactly fine ?
siege3967
Jr. Member
*
Offline Offline

Activity: 42
Merit: 1


View Profile
April 05, 2018, 08:29:49 PM
 #478

Hey guys... everything is going to be fine... consider a few things.. This is an orchestrated attack because of the pending partnership.

Rival coins want to see Verge fail so they can reign supreme. And others want the coin to tank so they can amass more volume for cheap in order to capitalize on the partnership announcement.

Everything is fine. There was an exploit. It has been discovered and a fork is coming to fix it. It's that simple.

No exit scam. No fraud. No inside job... no none of that. We're all going to be okay. Hold onto your Verge.

If you dump now because of FUD, ill-written headlines, and fall victim to exaggerated misinformation campaign, you will kick yourself come the 17th. Guaranteed. Don't fall for it. Your coins are safe. Just hold them close
Hey I know you from the verge telegram. Keep your bullshit to that channel please. We're not brainwashed like you hodlers.
lusa
Jr. Member
*
Offline Offline

Activity: 110
Merit: 5

hodl


View Profile
April 05, 2018, 08:31:58 PM
 #479

Hey guys... everything is going to be fine... consider a few things.. This is an orchestrated attack because of the pending partnership.

Rival coins want to see Verge fail so they can reign supreme. And others want the coin to tank so they can amass more volume for cheap in order to capitalize on the partnership announcement.

Everything is fine. There was an exploit. It has been discovered and a fork is coming to fix it. It's that simple.

No exit scam. No fraud. No inside job... no none of that. We're all going to be okay. Hold onto your Verge.

If you dump now because of FUD, ill-written headlines, and fall victim to exaggerated misinformation campaign, you will kick yourself come the 17th. Guaranteed. Don't fall for it. Your coins are safe. Just hold them close

I can't imagine any big partner/investor to  be partner with XVG after all this clusterfuck. XVG had a problem with the code. Instead of fixing, they attacked the guy who tried to warn community. They tried to fixed and caused an accidental hardfork. They didn't do to mark those stolen coins. Yes, great success story. Amazon will accept XVG Smiley)
vipsvvvv
Newbie
*
Offline Offline

Activity: 68
Merit: 0


View Profile
April 05, 2018, 08:33:50 PM
 #480

so what will happen with the coins at supnova ? , i mined for a few weeks without withdrawn any coins
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 [24] 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 ... 88 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!