dload.1
Legendary
Offline
Activity: 994
Merit: 1004
BTC
|
|
May 03, 2014, 04:06:01 AM |
|
Go party on this lovely Friday night and come back later.
And while you are partying I will login the first minute the site is up and buy any and all XBC that are left.
gonna hold ya to that mate buy up to at least .01 i think we would have made it this morning but polo went down
|
|
|
|
mugwampbro
|
|
May 03, 2014, 04:09:51 AM |
|
Poloniex is simply amazing, highly dedicated hard working mods and the super human Busoni.
only exchange i have coins on, now i feel much better about my storage choice!
great work my friends.
POLO OR GTFO.
Already GTFO because of constantly having to sign in if you leave the page for a minute or two. Oh and that sign in Craptcha (intentionally mis-spelled)..LOVE THAT
|
|
|
|
kryptologist
|
|
May 03, 2014, 04:10:57 AM |
|
I'm glad I pulled most of my BTC after that 1400 XBC heist a few nights ago. I would have pulled it all but the mods assured me everything was good. Damn my fault the warning signs were there. I hope everyone gets their coins back.
|
|
|
|
qiwoman
|
|
May 03, 2014, 04:12:40 AM |
|
Weird. I just saw polo with a dysfunctional trollbox and many markets frozen and logged and now it's gone again lol..I got migraine anyway so cant troll at all plus we had death in family so i will pop back tomorrow.
|
|
|
|
dload.1
Legendary
Offline
Activity: 994
Merit: 1004
BTC
|
|
May 03, 2014, 04:15:05 AM |
|
Weird. I just saw polo with a dysfunctional trollbox and many markets frozen and logged and now it's gone again lol..I got migraine anyway so cant troll at all plus we had death in family so i will pop back tomorrow.
hi quiwoman hope you feel better soon. and sorry to hear about your aunt.
|
|
|
|
kyma
|
|
May 03, 2014, 04:17:20 AM |
|
Poloniex is simply amazing, highly dedicated hard working mods and the super human Busoni.
only exchange i have coins on, now i feel much better about my storage choice!
great work my friends.
POLO OR GTFO.
Already GTFO because of constantly having to sign in if you leave the page for a minute or two. Oh and that sign in Craptcha (intentionally mis-spelled)..LOVE THATextra security measures are always a bad thing! poor soul
Go party on this lovely Friday night and come back later. And while you are partying I will login the first minute the site is up and buy any and all XBC that are left.
In all seriousness Polo and it's trollbox are like my drug of choice. I am having withdrawal symptoms. Must ... have... my Polo.
Be sure to turn on XBC market first please.
hahaha i love this +1
|
|
|
|
wemine
Newbie
Offline
Activity: 56
Merit: 0
|
|
May 03, 2014, 04:19:51 AM |
|
Weird. I just saw polo with a dysfunctional trollbox and many markets frozen and logged and now it's gone again lol..
+1 it's dead again
|
|
|
|
chiznitz
|
|
May 03, 2014, 04:22:28 AM |
|
Nobody else is concerned that this person was able to ssh to the server without firewall rules blocking him?
Sounds like the only reason anyone even knew what was going on was due to the entire server being down and a bunch of wallets being offline.
|
|
|
|
IBGigglin
Legendary
Offline
Activity: 910
Merit: 1006
BCH Advocate.
|
|
May 03, 2014, 04:22:37 AM |
|
All funds are safe. Poloniex does use cold wallets.
What happened was an attacker used social engineering to gain root access to a wallet server. This was made possible by absolutely jaw-dropping negligence on the part of the hosting provider. Fortunately, I caught the attempt in time and was able to shut down the server before anything was taken. All BTC has been moved into cold storage, and then next step is to set up a new server with a different provider.
Please stop sending BTC to your old BTC deposit addresses. The funds will not be lost, but all new addresses must be generated, as I must assume the old wallet is compromised. It is very unlikely that it was, but "unlikely" is not good enough.
I appreciate everyone's patience while I take proper security measures before bringing the exchange back online.
Top notch owner. I feel safe after easily finding this. You rock.
|
Im baaaack! Looking for sig campaign. DM me if interested.
|
|
|
YoyodyneSystems
Legendary
Offline
Activity: 1386
Merit: 1023
|
|
May 03, 2014, 04:25:29 AM |
|
Go party on this lovely Friday night and come back later.
And while you are partying I will login the first minute the site is up and buy any and all XBC that are left.
gonna hold ya to that mate buy up to at least .01 i think we would have made it this morning but polo went down Yeah. I was thinking of strategy for the day's trading for XBC when I got to the comp and saw the site was down but the CMC listing had just gone up. Bad timing. But 0.01 is not far off at all. I think there was only a dozen of so BTC left up to that mark and then pretty much we get to a whole new level after that. I started getting a bit exited with the thought that Bitcoin Scrypt got to a 4 million dollar market cap totally out of nowhere. That would be a 20x increase for XBC. And XBC has community, Dev, and a massive following on Polo. Etc...etc.. Anyways shameless plug over. I'll be watching the twitter. Polo and Busoni have my highest level of trust. Just want to get back in there and do some battle.
|
|
|
|
mugwampbro
|
|
May 03, 2014, 04:25:37 AM |
|
constantly having to sign in if you leave the page for a minute or two. Oh and that sign in Craptcha
Odd, never usually get logged out. Captcha takes about 5s it would be ok if they at least gave you the option "keep me logged in for____ mins.
|
|
|
|
GiorgosK
|
|
May 03, 2014, 04:28:24 AM |
|
thanks for the update hope all funds are safe for cryptos sake
|
BitBay - The Future of Free Markets | BCT thread | https://bitbay.market Dynamic Peg - Whitepaper out - Working implementation to be released soon Web Markeplace coming Fall 2018
|
|
|
YoyodyneSystems
Legendary
Offline
Activity: 1386
Merit: 1023
|
|
May 03, 2014, 04:28:46 AM |
|
Nobody else is concerned that this person was able to ssh to the server without firewall rules blocking him?
Sounds like the only reason anyone even knew what was going on was due to the entire server being down and a bunch of wallets being offline.
Unfortunately Busoni will probably not be able to give the exact details except that he "caught" it and it never went down as the attacker hoped. You cannot show all your cards as of course hackers read all this that we write. Usually in a security situation the site owner cannot say anything at all.
|
|
|
|
blitz78
Newbie
Offline
Activity: 50
Merit: 0
|
|
May 03, 2014, 04:31:34 AM |
|
constantly having to sign in if you leave the page for a minute or two. Oh and that sign in Craptcha
Odd, never usually get logged out. Captcha takes about 5s it would be ok if they at least gave you the option "keep me logged in for____ mins. make a suggestion to one of the mods in trollbox or email it busoni is always open to new ideas
|
|
|
|
chiznitz
|
|
May 03, 2014, 04:32:53 AM |
|
Nobody else is concerned that this person was able to ssh to the server without firewall rules blocking him?
Sounds like the only reason anyone even knew what was going on was due to the entire server being down and a bunch of wallets being offline.
Unfortunately Busoni will probably not be able to give the exact details except that he "caught" it and it never went down as the attacker hoped. You cannot show all your cards as of course hackers read all this that we write. Usually in a security situation the site owner cannot say anything at all. Way to skirt the question. The explanation given does not make any sense if they are really using proper firewall rules for server access. All I can read from this as a security expert is that the SSH port of the wallet server has been open to the entire world this whole time.
|
|
|
|
busoni (OP)
Sr. Member
Offline
Activity: 364
Merit: 250
Owner of Poloniex
|
|
May 03, 2014, 04:34:44 AM |
|
Nobody else is concerned that this person was able to ssh to the server without firewall rules blocking him?
Sounds like the only reason anyone even knew what was going on was due to the entire server being down and a bunch of wallets being offline.
The provider, as most providers do, allowed booting into "recovery mode." They did this first via support tickets, then got on the phone to get the password reset. Ordinarily, firewalls are up at all times on all servers.
|
Poloniex.com - Fast crypto exchange with margin trading, advanced charts, and stop-limit orders
|
|
|
chiznitz
|
|
May 03, 2014, 04:35:18 AM |
|
Nobody else is concerned that this person was able to ssh to the server without firewall rules blocking him?
Sounds like the only reason anyone even knew what was going on was due to the entire server being down and a bunch of wallets being offline.
That is a good point, the sshd_conf should be locked down.. Password authentication should be turned off immediately. Shell keys should be used otherwise _YOU HAVE ZERO SECURITY_. I love Poloniex and Busoni, Angela, all of them, but seriously guys, a wallet server that you do not own, that means the host always has root access. Either you own the server and co-locate, which isn't happening right now, or someone else owns the server and co-locates and you rent it from them, which is what is happening right now. They will ALWAYS have a backdoor into the server, they have to since they own it. I work for a webhost and this is exactly how we (and all others) have to do it. So, you need to turn off password authentication in sshd_conf , turn off root login too. Set up an account in the wheel group (su privileges) and create shell keys for that user. Log in to that user with your shell keys and su to root. You host will have to do the same thing if they log in for tech support. I hope this helps. Well thats a good start but seriously, the entire internet shouldn't be able to get that far, thats what firewalls are for. The firewall should have ssh access locked to only the IPs of personnel who should be accessing it.
|
|
|
|
chiznitz
|
|
May 03, 2014, 04:36:33 AM |
|
Nobody else is concerned that this person was able to ssh to the server without firewall rules blocking him?
Sounds like the only reason anyone even knew what was going on was due to the entire server being down and a bunch of wallets being offline.
The provider, as most providers do, allowed booting into "recovery mode." They did this first via support tickets, then got on the phone to get the password reset. Ordinarily, firewalls are up at all times on all servers. So you are confirming that there are no network level protections in place? You are relying solely on the host firewall? Or did the provider also bring down the network level firewall for this user?
|
|
|
|
mugwampbro
|
|
May 03, 2014, 04:40:06 AM |
|
constantly having to sign in if you leave the page for a minute or two. Oh and that sign in Craptcha
Odd, never usually get logged out. Captcha takes about 5s it would be ok if they at least gave you the option "keep me logged in for____ mins. make a suggestion to one of the mods in trollbox or email it busoni is always open to new ideas Tried that already..couple guys commented about their hate for the captcha. Busoni was on and asked everyone about the log off problem but no was interested in answering...coins to talk about, yah know..then busoni went back to trolling, so i said fuck it support said: we've never had anyone complain about a log-off problem. So I suggested they put up a poll for.... log off/ captcha problem, and never heard back.
|
|
|
|
mugwampbro
|
|
May 03, 2014, 04:53:55 AM |
|
Nobody else is concerned that this person was able to ssh to the server without firewall rules blocking him?
Sounds like the only reason anyone even knew what was going on was due to the entire server being down and a bunch of wallets being offline.
Unfortunately Busoni will probably not be able to give the exact details except that he "caught" it and it never went down as the attacker hoped. You cannot show all your cards as of course hackers read all this that we write. Usually in a security situation the site owner cannot say anything at all. Way to skirt the question. The explanation given does not make any sense if they are really using proper firewall rules for server access. All I can read from this as a security expert is that the SSH port of the wallet server has been open to the entire world this whole time. good answer
|
|
|
|
|