Bitcoin Forum
September 19, 2019, 09:56:48 AM *
News: If you like a topic and you see an orange "bump" link, click it. More info.
 
   Home   Help Search Login Register More  
Warning: One or more bitcointalk.org users have reported that they strongly believe that the creator of this topic is a scammer. (Login to see the detailed trust ratings.) While the bitcointalk.org administration does not verify such claims, you should proceed with extreme caution.
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 [45] 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 ... 169 »
  Print  
Author Topic: [ANN][EXCHANGE] Poloniex - Crypto Exchange with BTC/NXT  (Read 266563 times)
Faura888
Member
**
Offline Offline

Activity: 70
Merit: 10


View Profile
May 03, 2014, 08:33:52 AM
 #881

trollboxteam4ever
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
riddler_xyz
Full Member
***
Offline Offline

Activity: 223
Merit: 100


View Profile
May 03, 2014, 08:42:25 AM
 #882

@busoni ... hope u make enought money to finance FTTH to your home and have the servers physically under control ^^

respect for catching the guys with their fingers in the cookiebox Wink

save and secure is a constant struggle ... i wonder if 2FA or even 3FA for root acces would be possible Wink

If bitcoinmining riggs could buy miningriggs with bitcoin by themselves wouldnt that be asexual reproduction ? So wouldnt that make BTC a lifeform ?
deodecagone
Sr. Member
****
Offline Offline

Activity: 490
Merit: 250



View Profile
May 03, 2014, 08:46:32 AM
 #883

Since the beginning  poloniex is gaining trust. At several points, the owner remained very fair and professionnal. I am convinced this is way more important than any fancy html5 flat design.

Congratz.
RhodaGila
Hero Member
*****
Offline Offline

Activity: 613
Merit: 500



View Profile
May 03, 2014, 09:00:15 AM
 #884

Poloniex was great!
eastwind_ja
Hero Member
*****
Offline Offline

Activity: 910
Merit: 500


View Profile
May 03, 2014, 09:04:34 AM
 #885

Is there anyone who lost coins after server comeback?

maccaspacca
Sr. Member
****
Offline Offline

Activity: 278
Merit: 258


Twitter: @maccaspacca1


View Profile
May 03, 2014, 09:14:02 AM
 #886

Great job Busoni and team.

You have all acted responsibly and professionally..... as usual Smiley

That's why I love Poloniex so much

ibfragalot
Member
**
Offline Offline

Activity: 98
Merit: 10


View Profile
May 03, 2014, 09:27:15 AM
 #887

Great job Busoni and team.

You have all acted responsibly and professionally..... as usual Smiley

That's why I love Poloniex so much

+1

ParkExcite
Member
**
Offline Offline

Activity: 89
Merit: 10


View Profile
May 03, 2014, 09:28:54 AM
 #888

Me too, very great support. I will always trust poloniex.
lordzskull
Member
**
Offline Offline

Activity: 70
Merit: 10


View Profile
May 03, 2014, 09:47:07 AM
 #889

All funds are safe. Poloniex does use cold wallets.

What happened was an attacker used social engineering to gain root access to a wallet server. This was made possible by absolutely jaw-dropping negligence on the part of the hosting provider. Fortunately, I caught the attempt in time and was able to shut down the server before anything was taken. All BTC has been moved into cold storage, and then next step is to set up a new server with a different provider.

Please stop sending BTC to your old BTC deposit addresses. The funds will not be lost, but all new addresses must be generated, as I must assume the old wallet is compromised. It is very unlikely that it was, but "unlikely" is not good enough.

I appreciate everyone's patience while I take proper security measures before bringing the exchange back online.

Dam impressive +2
ShiThing
Member
**
Offline Offline

Activity: 60
Merit: 10


View Profile
May 03, 2014, 10:00:39 AM
 #890

Always trust polo.
Good job.

altcoinherald
Full Member
***
Offline Offline

Activity: 126
Merit: 100


View Profile WWW
May 03, 2014, 10:06:57 AM
 #891

Nobody else is concerned that this person was able to ssh to the server without firewall rules blocking him?  

Sounds like the only reason anyone even knew what was going on was due to the entire server being down and a bunch of wallets being offline.  



Unfortunately Busoni will probably not be able to give the exact details except that he "caught" it and it never went down
as the attacker hoped. You cannot show all your cards as of course hackers read all this that we write.

Usually in a security situation the site owner cannot say anything at all.

Way to skirt the question.  The explanation given does not make any sense if they are really using proper firewall rules for server access.  All I can read from this as a security expert is that the SSH port of the wallet server has been open to the entire world this whole time.

Frankly, using SSH keys and disabling PermitRootLogin with password seem like very important steps anyone would use.

Then locking down the one machine with the keys IP address and making sure there's no physical access to the machine, is how I might do it.

But that's just me.



BigBoy89
Legendary
*
Offline Offline

Activity: 1302
Merit: 1000


View Profile
May 03, 2014, 10:39:59 AM
 #892

nice work, we can use poloniex now
hope i can withdraw FLT as soon as possible
withdrawal still frozen, need some time
good job busoni


███████████████████████████████████████████
███████████████████████████████████████████
███████████████████████████████████████████
'''''''''''''''''''''''''''''Z█████████
                          _o█████████
                        ,d████████
                      ,d████████
                     █████████
███████████████████████████
█████████████████████████
███████████████████████
          ███████████
        ,d████████
      ,█████████
   _o█████████
  d█████████
███████████████████████████████████████████
███████████████████████████████████████████
███████████████████████████████████████████

▄▄▄██████▄▄▄
▄▄████████████████▄▄
▄█████▀▀        ▀▀█████▄
████▀                ▀████
███▀    ▄▄▄▄▄▄▄▄▄       ▀███
███      █   ▄▄ █▀▄        ███
██▀      █  ███ █  ▀▄      ▀██
███       █   ▀▀ ▀▀▀▀█       ███
███       █  ▄▄▄▄▄▄  █       ███
███       █  ▄▄▄▄▄▄  █       ███
██▄      █  ▄▄▄▄▄▄  █      ▄██
███      █          █      ███
███▄    ▀▀▀▀▀▀▀▀▀▀▀▀    ▄███
████▄                ▄████
▀█████▄▄        ▄▄█████▀
▀▀████████████████▀▀
▀▀▀██████▀▀▀

◾ 0%  trading  FEE
Zooom

Ex

CRYPTO
EXCHANGE
......  BITCOINTALK               

..A N N..

....B O U N T Y....
......
......
......
......
..TRADE NOW..
dcgirl
Sr. Member
****
Offline Offline

Activity: 448
Merit: 250


View Profile
May 03, 2014, 10:51:11 AM
 #893

great job polo, clearing this up so quickly. isnt the crypto world fun?
juve4v
Hero Member
*****
Offline Offline

Activity: 506
Merit: 500


View Profile
May 03, 2014, 10:59:41 AM
 #894

I made 2 EBT deposits -one of my wallet+one of pool- that don't show up in my balance nor on last 25 deposit history on poloniex.They're both confirmed .Anyone experience same problems?
rmoraos
Sr. Member
****
Offline Offline

Activity: 453
Merit: 250



View Profile
May 03, 2014, 11:47:25 AM
 #895

Nobody else is concerned that this person was able to ssh to the server without firewall rules blocking him?  

Sounds like the only reason anyone even knew what was going on was due to the entire server being down and a bunch of wallets being offline.  



Unfortunately Busoni will probably not be able to give the exact details except that he "caught" it and it never went down
as the attacker hoped. You cannot show all your cards as of course hackers read all this that we write.

Usually in a security situation the site owner cannot say anything at all.

Way to skirt the question.  The explanation given does not make any sense if they are really using proper firewall rules for server access.  All I can read from this as a security expert is that the SSH port of the wallet server has been open to the entire world this whole time.

Frankly, using SSH keys and disabling PermitRootLogin with password seem like very important steps anyone would use.

Then locking down the one machine with the keys IP address and making sure there's no physical access to the machine, is how I might do it.

But that's just me.





Yeah, only login by ssh key (.pem or .ppk) and allow only login from 1 IP, all the others deny (the service denyhosts works great in this). But good work by not losing the coins.

Best Regards.

                 ▄▄██████████████▄▄
             ▄███████████████████████▄
           █████████████████████████████
         ███▀▀█████▀▀ ██  ██  ▀▀██████████
        ██▀ ▄  ▀      ██  ██      ▀█████████
       █▀ ▄██▀        ██  ██        █████████
      ▀ ▄███▌      ███████████▄▄  ▄███████████
      ▄████▌        ▀██████████████████████████
    ▄██████     ██▄   ▀███████████████████████████▀
  ▄████████    █████▄▄  ▀███████████████████████▀
▄██████████    ████████▄  ▀███████████████████▀
    ███████    ██████████▄   ▀██████████████▀ ▄█
    ███████    ████████████▄▄  ▀██████████▀ ▄███
    ███████▌    ██████████████▄  ▀██████▀ ▄████
     ███████      ██████████████▄  ▀██▀ ▄██████
      ███████▄      ▀██████████▀      ████████
       ████████       ██  ██        █████████
        █████████▄    ██  ██     ▄██████████
          ██████████▄▄██▄▄██▄▄▄███████████
            ████████████████████████████
              ▀██████████████████████▀
                  ▀▀████████████▀▀
                  

LocalCoinSwap
   World's Most Inclusive 
         Cryptocurrency Marketplace
[]
██████████████
█████████████████
██░░░░░████████████
██░░░░░██████████████
█████████████████████
██░░░░░░░░░░░░░░░░░██
█████████████████████
██░░░░░░░░░░░░░░░░░██
█████████████████████
██░░░░░░░░░░░░░░░░░██
█████████████████████
█████████████████████
TELEGRAM
TWITTER
FACEBOOK
REDDIT
INSTAGRAM
MEDIUM
LINKED IN
STEEMIT
kache
Full Member
***
Offline Offline

Activity: 140
Merit: 100

Bored


View Profile
May 03, 2014, 11:52:26 AM
 #896

All funds are safe. Poloniex does use cold wallets.

What happened was an attacker used social engineering to gain root access to a wallet server. This was made possible by absolutely jaw-dropping negligence on the part of the hosting provider. Fortunately, I caught the attempt in time and was able to shut down the server before anything was taken. All BTC has been moved into cold storage, and then next step is to set up a new server with a different provider.

Please stop sending BTC to your old BTC deposit addresses. The funds will not be lost, but all new addresses must be generated, as I must assume the old wallet is compromised. It is very unlikely that it was, but "unlikely" is not good enough.

I appreciate everyone's patience while I take proper security measures before bringing the exchange back online.
What about BadgerCoin addresses? My pool has been automatically depositing on the old (frozen) address for more than a day already. Are those funds lost?

Rig: http://www.betarigs.com/rig/257
BTC: 15rBivhPYhVnQsgVHucNXHy5b66bUn6njM
Doge: DSdsJdTrmXSAZCdNi1iQ7zEo8nH1iBWGQv
Hotodamoon
Newbie
*
Offline Offline

Activity: 31
Merit: 0


View Profile
May 03, 2014, 11:56:23 AM
 #897

All funds are safe. Poloniex does use cold wallets.

What happened was an attacker used social engineering to gain root access to a wallet server. This was made possible by absolutely jaw-dropping negligence on the part of the hosting provider. Fortunately, I caught the attempt in time and was able to shut down the server before anything was taken. All BTC has been moved into cold storage, and then next step is to set up a new server with a different provider.

Please stop sending BTC to your old BTC deposit addresses. The funds will not be lost, but all new addresses must be generated, as I must assume the old wallet is compromised. It is very unlikely that it was, but "unlikely" is not good enough.

I appreciate everyone's patience while I take proper security measures before bringing the exchange back online.
What about BadgerCoin addresses? My pool has been automatically depositing on the old (frozen) address for more than a day already. Are those funds lost?
OMG. Really? your BadgerCoin lost?
Nthused
Legendary
*
Offline Offline

Activity: 1554
Merit: 1001



View Profile
May 03, 2014, 12:02:17 PM
 #898

That's why your meant to Deposit to your wallet first, it even states it on pools, don't use your Exchange address to deposit your Pool coins...
mayun1
Newbie
*
Offline Offline

Activity: 56
Merit: 0


View Profile
May 03, 2014, 12:22:19 PM
 #899

Great job Busoni and team.

You have all acted responsibly and professionally..... as usual
ZarkMark
Newbie
*
Offline Offline

Activity: 29
Merit: 0


View Profile
May 03, 2014, 01:11:13 PM
 #900

Great job Busoni and team.

You have all acted responsibly and professionally..... as usual
Ppl said polo will be the next nxt-e, but they are wrong. good job.
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 [45] 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 ... 169 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!