moriartybitcoin (OP)
|
|
December 12, 2013, 08:23:21 PM |
|
WARNING!!!
I've been using Gridlane.com for some of my websites (BitPlastic.com debit card, BitLaunder.com bitcoin laundering and BitFiverr.com micro gigs), and I have multiple different (separate, compartamentalized, and unconnected) accounts with gridlane.
On *EACH* account, my wallet.dat file was stolen, almost simultaneously. No evidence whatsoever of a hacker or outside breach. No login by ssh or root. The wallet was just emptied - POOF, gone.
We never store client funds in hot wallets on the server, so they only got chump change (less than 1 btc in total). Nevertheless, we had to move our entire network off Gridlane and onto dedicated servers, which was a real hassle.
Just wanted to warn everyone here about Gridlane. Any webhosting company which accepts bitcoin is, in my view, automatically under suspicion because the incentive to rip off a customers' wallet.dat is just so high. If you run a website which accepts bitcoin, and especially if you hold client funds online in a hot wallet, you had better be 100% sure about your hosting company! And if you get mysteriously hacked, that's the FIRST (not the last) place where suspicion should fall.
As much as I love bitcoin, I am forced to switch to a non-bitcoin accepting hosting company.
Be careful ...
Dr. Michael Moriarty, owner of the Bitcoin Network
PS: This is why we never store client funds in hot wallets, ever. We run bitcoind and incoming deposits credit automatically, but the wallets are flushed every minute to offline cold wallets, and withdrawals are processed manually from the cold wallets. This means withdrawals from our sites take a little longer (2-3 hrs on average), but there is NO WAY for a hacker to steal client funds, as happened to bitfloor and inputs.io and many others
|