Zahlen
Member
 Offline
Activity: 98
Merit: 10
|
 |
January 02, 2014, 03:23:50 AM |
|
intel, the person you're after is EpicThomas, not EvilDave |
|
|
|
xyzzyx
Sr. Member
Offline
Activity: 490
Merit: 250
I don't really come from outer space.
|
|
January 02, 2014, 03:25:20 AM |
|
If you still didnt understand, there was a patched NXT Client which logged all password to server of EvilDave!
You certain it was EvilDave? I'm just not seeing that here. |
"An awful lot of code is being written ... in languages that aren't very good by people who don't know what they're doing." -- Barbara Liskov
|
|
|
|
opticalcarrier
|
|
January 02, 2014, 03:26:09 AM |
|
Please edit your post, it looks like you are saying there is bogus software at info.nxtcrypto.org It looks like you got the bogus software directly from the thief. My guess is that is where paulyC got his as well. Some folks are claiming that dextern is involved and changed the link on nextcoin - i dont believe that is the case, Graviton removed his moderator access when that mess went down But as far as I know, dex has still not returned the donation NXT. well, I didn't mean that, I didn't accussed anyone or any site. in fact, the current IP of info.nxtcrypto.org is 46.28.204.121, and it's different from 162.243.246.223, that's where I downloaded the malware Im the DNS admin for all nxtcrypto.org sites. 46.28.204.121 has always been the address, since info got created; its never been 162.243.246.223. No one else has access to change the records. Someone else admins the info website, the guy Intel from these forums here. So did you ever download 0.4.8 from any other place than the info site? If that is the only place you downloaded from then there are only 2 explanations I can think of. Either I changed the IP in DNS temporarily to make people download a bogus client, or intel made a temporary redirect to a bogus client at 162.243.246.223. Which would have been dumb, it would have been much much simpler for him to just temporarily post a bogus client directly on his info site. So step back, take a few deep breaths, go through your chrome history, and be detailed and tell us how you got the bogus client. |
|
|
|
|
Anon136
Legendary
Offline
Activity: 1722
Merit: 1217
|
|
January 02, 2014, 03:26:17 AM |
|
By the way, I just checked and Drexme was last online here two hours ago.
There is a good chance he will try to cash in tonight if he read this thread now that we are on, to him...
And just how many accounts is he gonna plunder, I wonder? This is gonna get really, really bad... I will be the first to ask the question "Do we wanna stop the blockchain and roll it back?" At this point, I don't think there are more than a few cases. The thief will certainly take the fund right when he gets the pass. We have two reported cases so far. It is important to locate the source of the bogus link. 1. What about that guy who lost 250k of coins? Total is about 300K, there are many reports on nextcoin.org forum. 2. Already located. 1. Can you give me the link to 250k loss case. 2. We still don't know where it was posted. Nextcoin or nxtcrypto or where ? I would support a roll-back if that much money involved. the problem here is that a rollback may cause even more loss because plenty of btc nxt trades would have happened and no one is rolling back the btc blockchain for us  |
Rep Thread: https://bitcointalk.org/index.php?topic=381041If one can not confer upon another a right which he does not himself first possess, by what means does the state derive the right to engage in behaviors from which the public is prohibited? |
|
|
|
opticalcarrier
|
|
January 02, 2014, 03:28:59 AM |
|
By the way, I just checked and Drexme was last online here two hours ago.
There is a good chance he will try to cash in tonight if he read this thread now that we are on, to him...
And just how many accounts is he gonna plunder, I wonder? This is gonna get really, really bad... I will be the first to ask the question "Do we wanna stop the blockchain and roll it back?" At this point, I don't think there are more than a few cases. The thief will certainly take the fund right when he gets the pass. We have two reported cases so far. It is important to locate the source of the bogus link. 1. What about that guy who lost 250k of coins? Total is about 300K, there are many reports on nextcoin.org forum. 2. Already located. 1. Can you give me the link to 250k loss case. 2. We still don't know where it was posted. Nextcoin or nxtcrypto or where ? I would support a roll-back if that much money involved. in fact I almost feel like taking all of my VPSs offline until firm rollback has been initiated network wide |
|
|
|
|
utopianfuture
Sr. Member
Offline
Activity: 602
Merit: 268
Internet of Value
|
|
January 02, 2014, 03:29:33 AM |
|
By the way, I just checked and Drexme was last online here two hours ago.
There is a good chance he will try to cash in tonight if he read this thread now that we are on, to him...
And just how many accounts is he gonna plunder, I wonder? This is gonna get really, really bad... I will be the first to ask the question "Do we wanna stop the blockchain and roll it back?" At this point, I don't think there are more than a few cases. The thief will certainly take the fund right when he gets the pass. We have two reported cases so far. It is important to locate the source of the bogus link. 1. What about that guy who lost 250k of coins? Total is about 300K, there are many reports on nextcoin.org forum. 2. Already located. 1. Can you give me the link to 250k loss case. 2. We still don't know where it was posted. Nextcoin or nxtcrypto or where ? I would support a roll-back if that much money involved. the problem here is that a rollback may cause even more loss because plenty of btc nxt trades would have happened and no one is rolling back the btc blockchain for us Time travel paradox. I did not think about it. It looks like the roll back option would not be possible since it is going to kill DGEX and any other BTC-NXT exchange. We don't even know when the bogus link started to appear. The best option here to to locate the hacker and demand him to pay back. |
|
|
|
bitcoinrocks
Legendary
Offline
Activity: 1372
Merit: 1000
|
|
January 02, 2014, 03:30:29 AM |
|
Can anyone confirm that this is the bogus client?(  ) 7177834 Dec 31 11:43 nxt-client-0.4.8.zip |
|
|
|
|
intel
Member
Offline
Activity: 98
Merit: 10
|
|
January 02, 2014, 03:30:44 AM |
|
EpicThomas <> EvilDave, sorry my error, just was confused by a screen where EpicThomas quotes the EvilDave message.
|
|
|
|
intel
Member
Offline
Activity: 98
Merit: 10
|
|
January 02, 2014, 03:35:45 AM |
|
intel, the person you're after is EpicThomas, not EvilDave Yes, it was my mistake. During fast-track i was confused by the fact that EpicThomas replied to EvilDave and that somehow saved in my brain as EvilDave. |
|
|
|
bitcoinrocks
Legendary
Offline
Activity: 1372
Merit: 1000
|
|
January 02, 2014, 03:38:30 AM |
|
Can anyone confirm that the size of the good client is 7173063 and the bad client is 7177834?
|
|
|
|
|
xyzzyx
Sr. Member
Offline
Activity: 490
Merit: 250
I don't really come from outer space.
|
|
January 02, 2014, 03:38:55 AM
Last edit: January 02, 2014, 04:12:37 AM by xyzzyx |
|
Can anyone confirm that this is the bogus client?( ) 7177834 Dec 31 11:43 nxt-client-0.4.8.zip If that is your installed client, do this: 1. Copy the files nxt/blocks.nxt and nxt/transactions.nxt to a different directory. 2. Delete your current client.3. Go to this link and download a new client: http://info.nxtcrypto.org/nxt-client-0-4-8-released/4. Install. 5. Copy the two saved .nxt files over to the new install. 6. Open a new account with a new secret phrase. 7. Open old account in a new tab. 8. Transfer your balance from the old account to the new account. Do this now.Edit: I forgot about well-known peers. If you find your new client can't connect to the network, here's my list: <init-param> <param-name>wellKnownPeers</param-name> <param-value>78.46.63.221; 95.85.22.142; 95.85.46.233; 162.243.140.133; 146.185.129.54; 162.243.117.63; 192.241.155.44; 162.243.214.68; 95.85.46.164; 162.243.216.55; 162.243.143.15; 95.85.46.249; 93.190.92.74; 37.209.120.192; 93.190.92.75; 85.25.134.59; 93.190.92.76; vps1.nxtcrypto.org; vps2.nxtcrypto.org; vps3.nxtcrypto.org; vps4.nxtcrypto.org; vps5.nxtcrypto.org; nxtwallet.com; 31.220.50.208; nxt.ddos.me; 203.174.12.25; 88.198.142.92;</param-value> </init-param> If your client doesn't connect, edit this into the file nxt/webapps/root/WEB-INF/web.xml |
"An awful lot of code is being written ... in languages that aren't very good by people who don't know what they're doing." -- Barbara Liskov
|
|
|
|
|
|
newcn
|
|
January 02, 2014, 03:42:43 AM |
|
Im the DNS admin for all nxtcrypto.org sites. 46.28.204.121 has always been the address, since info got created; its never been 162.243.246.223. No one else has access to change the records.
Someone else admins the info website, the guy Intel from these forums here.
So did you ever download 0.4.8 from any other place than the info site? If that is the only place you downloaded from then there are only 2 explanations I can think of. Either I changed the IP in DNS temporarily to make people download a bogus client, or intel made a temporary redirect to a bogus client at 162.243.246.223. Which would have been dumb, it would have been much much simpler for him to just temporarily post a bogus client directly on his info site.
So step back, take a few deep breaths, go through your chrome history, and be detailed and tell us how you got the bogus client.
I'm sorry, I didn't know you r the admin of nxtcrypto.org DNS, but In my post, I didn't accuse the DNS admin either, I just talked about the possibilities, and now you elliminated one(I trust you from your eliear posts!). the thief might be an expert on computer/networks, he might have some skills we don't understand. the chrome history is ok, I didn't miss anything, but the thief might changed the history, that's also an possibility |
BTC:1NzzfeHCgN8fF6mSG1UeBFCVd2cxKbGyHk
NXT:13187911577562526278
|
|
|
|
opticalcarrier
|
|
January 02, 2014, 03:45:55 AM |
|
I'm sorry, I didn't know you r the admin of nxtcrypto.org DNS,
but In my post, I didn't accuse the DNS admin either, I just talked about the possibilities,
and now you elliminated one(I trust you from your eliear posts!).
the thief might be an expert on computer/networks, he might have some skills we don't understand.
the chrome history is ok, I didn't miss anything, but the thief might changed the history, that's also an possibility
I didnt take it as accusation. but we MUST KNOW where you and paulyc got the link from!!!! And where EXACTLY you clicked all around. Come on guys we need to track this down. |
|
|
|
|
|
seek4dream
|
|
January 02, 2014, 03:47:52 AM |
|
need help urgently! I downloaded 0.4.8 client from https://nextcoin.org/index.php/topic,4.0.htmlas you guys told, i probably lose Nxt for this. so i must transfer Nxt to another account now i have download new client from first page of this thread, but the client doesn't sync. What should i do? |
|
|
|
|
|
|
xyzzyx
Sr. Member
Offline
Activity: 490
Merit: 250
I don't really come from outer space.
|
|
January 02, 2014, 03:53:10 AM |
|
Can anyone confirm that the size of the good client is 7173063 and the bad client is 7177834?
The size of my good client is 7173063 bytes. The way to know for sure if you have a good or bogus client is to check the SHA-256 hash. 0.4.8 good hash is: ec7c30a100717e60d8abe50eedb23641952847d91ff90b9b05a74ff98d8a4cf2 How to check SHA256 on Win/OSX/Linux: https://bitcointalk.org/index.php?topic=345619.msg4259260#msg4259260 |
"An awful lot of code is being written ... in languages that aren't very good by people who don't know what they're doing." -- Barbara Liskov
|
|
|
xyzzyx
Sr. Member
Offline
Activity: 490
Merit: 250
I don't really come from outer space.
|
|
January 02, 2014, 03:57:09 AM |
|
need help urgently! I downloaded 0.4.8 client from https://nextcoin.org/index.php/topic,4.0.htmlas you guys told, i probably lose Nxt for this. so i must transfer Nxt to another account now i have download new client from first page of this thread, but the client doesn't sync. What should i do? Be calm. Check the hash of your .zip. Go to: http://hash.online-convert.com/sha256-generatorChoose the option to upload and generate a SHA-256 checksum of a file, and select your .zip. The good hash is ec7c30a100717e60d8abe50eedb23641952847d91ff90b9b05a74ff98d8a4cf2 If you got that then you're ok. If not, follow these instructions: https://bitcointalk.org/index.php?topic=345619.msg4264317#msg4264317 |
"An awful lot of code is being written ... in languages that aren't very good by people who don't know what they're doing." -- Barbara Liskov
|
|
|
|
|
bitcoinrocks
Legendary
Offline
Activity: 1372
Merit: 1000
|
|
January 02, 2014, 04:00:04 AM |
|
I ended up with the bad client on 3 out of 3 VPS nodes. FOR SURE I downloaded the bad client like this: wget http://162.243.246.223/nxt-client-0.4.8.zipIt's as plain as day in my bash history. The weird part is I had about 2000 Nxt in the 3 accounts and none of it was transferred out. I just transfered it out myself and I'm shutting down the nodes. |
|
|
|
|
|
