Bitcoin Forum
November 02, 2024, 11:23:38 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 [43] 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 ... 171 »
  Print  
Author Topic: [ANN][EXCHANGE] Poloniex - Crypto Exchange with BTC/NXT  (Read 272431 times)
busoni (OP)
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250

Owner of Poloniex


View Profile
May 03, 2014, 05:03:12 AM
 #841

mugwampbro, I hear you, I really do. I haven't been able to duplicate the log-out issue, and I will change the Captcha. But I need to get the site running again first.

Let me ask you guys this -- is there any defense against incompetent systems administrators? They decided this guy was me. Are they going to say "sorry, you're locked out forever"?

Poloniex.com - Fast crypto exchange with margin trading, advanced charts, and stop-limit orders
getmining.info
Full Member
***
Offline Offline

Activity: 182
Merit: 100


View Profile
May 03, 2014, 05:05:09 AM
 #842

Nobody else is concerned that this person was able to ssh to the server without firewall rules blocking him?  

Sounds like the only reason anyone even knew what was going on was due to the entire server being down and a bunch of wallets being offline.  

Who said anyone was able to SSH into the server without firewall rules blocking him? Stop spreading garbage.

What happened was an attacker used social engineering to gain root access to a wallet server. This was made possible by absolutely jaw-dropping negligence on the part of the hosting provider.

All views are my own, except those that I have subconsciously inherited from my parents and those that I have nicked from far cleverer people.
chiznitz
Hero Member
*****
Offline Offline

Activity: 574
Merit: 500


View Profile WWW
May 03, 2014, 05:09:57 AM
 #843

Nobody else is concerned that this person was able to ssh to the server without firewall rules blocking him?  

Sounds like the only reason anyone even knew what was going on was due to the entire server being down and a bunch of wallets being offline.  

Who said anyone was able to SSH into the server without firewall rules blocking him? Stop spreading garbage.

What happened was an attacker used social engineering to gain root access to a wallet server. This was made possible by absolutely jaw-dropping negligence on the part of the hosting provider.

Ok.  How do you access your servers?  Console access?  That's not locked down via ip then either?  So I can login from anwhere in the world?

Yes, you can't stop bad system admins from making mistakes but you CAN also limit damage in other ways.  In this case maybe not, but without locking things down to known good IPs, you are missing a very basic security feature that can give a huge increase over not doing it.

So please, "Stop spreading garbage" as this was a basic query for information on how it could happen if network level firewall rules are in place, which they should be.

Looking for the best exchange? -> https://bittrex.com
YoyodyneSystems
Legendary
*
Offline Offline

Activity: 1386
Merit: 1023



View Profile
May 03, 2014, 05:11:56 AM
 #844

Setup a protocol with your new host so that every time you want to enter recovery mode or anything of that nature - they MUST call you
at the phone number you provided upon signup. And that phone number cannot ever be changed unless you provide payment details and the like.
And if that phone number is changed they must call the old one to make sure you changed it.

That would solve it. Well... it would if it was followed 100% of the time.

The only other solution would be on-site servers in your own offices or a locked cage at the datacenter. Where there is a physical
restriction to the servers. Which is obviously far more expensive.
mugwampbro
Full Member
***
Offline Offline

Activity: 182
Merit: 100


View Profile
May 03, 2014, 05:12:43 AM
 #845

mugwampbro, I hear you, I really do. I haven't been able to duplicate the log-out issue, and I will change the Captcha. But I need to get the site running again first.

Let me ask you guys this -- is there any defense against incompetent systems administrators? They decided this guy was me. Are they going to say "sorry, you're locked out forever"?

Thank you..I figured you cared cause you did at least ask all the trollers. I don't think it is a firefox issue, because it doesn't happen to me on MP , c-cex or Bittrex.

tripppn
Hero Member
*****
Offline Offline

Activity: 756
Merit: 500


View Profile WWW
May 03, 2014, 05:13:57 AM
Last edit: May 03, 2014, 05:24:05 AM by tripppn
 #846

Is the trollbox really just an irc chan we can join?  I need my fix and I'm pretty sure I'm not alone.

Screw it.. I made my own...  #polotrollbox

Nevermind... everyone seems to be gathering here:  #poloniextraders

“You can't be a real country unless you have a beer and an airline - it helps if you have some kind of football team, or some nuclear weapons, but in the very least you need a beer.”
― Frank Zappa
Kuttingcorners
Sr. Member
****
Offline Offline

Activity: 446
Merit: 250


View Profile
May 03, 2014, 05:18:28 AM
 #847

when do you expect to be back online?
ibfragalot
Member
**
Offline Offline

Activity: 98
Merit: 10


View Profile
May 03, 2014, 05:19:05 AM
 #848

Can't...live...without...polo & trollboxxxx

chiznitz
Hero Member
*****
Offline Offline

Activity: 574
Merit: 500


View Profile WWW
May 03, 2014, 05:19:13 AM
 #849

Anyways, sounds like maybe the box was brought up on a separate network without the firewall rules or maybe the user was given access to the entire account and not just a single box.


In the end all that matters is our coins our safe.

But please do the above mentioned questions etc for account recovery and lock down all access to your accounts via associated IPs as well.

The bad guys will always find a way but its our job to make them work harder.

Looking for the best exchange? -> https://bittrex.com
getmining.info
Full Member
***
Offline Offline

Activity: 182
Merit: 100


View Profile
May 03, 2014, 05:22:32 AM
 #850

Ok.  How do you access your servers?  Console access?  That's not locked down via ip then either?  So I can login from anwhere in the world?

Yes, you can't stop bad system admins from making mistakes but you CAN also limit damage in other ways.  In this case maybe not, but without locking things down to known good IPs, you are missing a very basic security feature that can give a huge increase over not doing it.

So please, "Stop spreading garbage" as this was a basic query for information on how it could happen if network level firewall rules are in place, which they should be.

I VPN with both certificates & passwords, in some cases also with RSA. Never locked down to IP, so yes from anywhere in the world.

The culprit was able to fool an incompetent sys admin into allowing him access. Probably via console, yes, or by tearing down the firewall, changing the passphrase, etc. At this point we don't know if it was a dedicated or VPS.

Garbage might have been the wrong word. Please, stop fear mongering.

All views are my own, except those that I have subconsciously inherited from my parents and those that I have nicked from far cleverer people.
Faura888
Member
**
Offline Offline

Activity: 70
Merit: 10


View Profile
May 03, 2014, 05:23:53 AM
 #851

so sick!!!
im sure they want to hack XBC! wc and some others coins were frozen since 2 days too.
fucking hackers! go to hell!
ErnieRox
Full Member
***
Offline Offline

Activity: 222
Merit: 101


Novus ordo seclorum


View Profile
May 03, 2014, 05:30:48 AM
 #852

this sucks ass, no friday night trade action  Tongue
Rawdawg-
Member
**
Offline Offline

Activity: 112
Merit: 10


View Profile
May 03, 2014, 05:32:29 AM
 #853

Ok.  How do you access your servers?  Console access?  That's not locked down via ip then either?  So I can login from anwhere in the world?

Yes, you can't stop bad system admins from making mistakes but you CAN also limit damage in other ways.  In this case maybe not, but without locking things down to known good IPs, you are missing a very basic security feature that can give a huge increase over not doing it.

So please, "Stop spreading garbage" as this was a basic query for information on how it could happen if network level firewall rules are in place, which they should be.

I VPN with both certificates & passwords, in some cases also with RSA. Never locked down to IP, so yes from anywhere in the world.

The culprit was able to fool an incompetent sys admin into allowing him access. Probably via console, yes, or by tearing down the firewall, changing the passphrase, etc. At this point we don't know if it was a dedicated or VPS.

Garbage might have been the wrong word. Please, stop fear mongering.

I was going to stay quiet in this, however seeing that you are trying to censor people who have legitimate concerns, and I happen to have a few BTC worth of coins on your exchange, I think its time to say something.

#1. its not "fear mongering" if he is speaking the truth, he is just asking questions/making statements that YOU dont like, therefor its "FUD"
#2. You are too easily passing the blame on to the Sys admin, your site has already been hacked once and lost money that you then ILLEGALY created debt instruments to get back the money that your incompetence lost in the first place.
#3. Chiz is the guy that I talk to when I have a question about security for any of my sites, so if i were you I would be asking him for help or to tell you how he might fix an issue like this so it never happens again, not just calling him a "fear mongerer".

TLDR, dont be a douchebag and listen when people ask you questions. You haven't learned from the last hack, so start learning now or shut down your exchange.
ibfragalot
Member
**
Offline Offline

Activity: 98
Merit: 10


View Profile
May 03, 2014, 05:36:32 AM
 #854

Yeah, its an awesome exchange but nobody can run something so big alone man. You need to get a crew on board, a security specialist. Don't let your pride ruin the magic you have created! Smiley


seek4dream
Hero Member
*****
Offline Offline

Activity: 966
Merit: 501



View Profile
May 03, 2014, 05:40:42 AM
 #855

poloniex doesnt work for me most of the time recently. am i alone?
byteflush
Full Member
***
Offline Offline

Activity: 154
Merit: 100


View Profile
May 03, 2014, 05:54:25 AM
 #856

poloniex doesnt work for me most of the time recently. am i alone?
Yep, it's just you. It works for everyone else.

Hash72
Sr. Member
****
Offline Offline

Activity: 294
Merit: 250


★YoBit.Net★ 350+ Coins Exchange & Dice


View Profile
May 03, 2014, 06:28:23 AM
 #857

All funds are safe. Poloniex does use cold wallets.

What happened was an attacker used social engineering to gain root access to a wallet server. This was made possible by absolutely jaw-dropping negligence on the part of the hosting provider. Fortunately, I caught the attempt in time and was able to shut down the server before anything was taken. All BTC has been moved into cold storage, and then next step is to set up a new server with a different provider.

Please stop sending BTC to your old BTC deposit addresses. The funds will not be lost, but all new addresses must be generated, as I must assume the old wallet is compromised. It is very unlikely that it was, but "unlikely" is not good enough.

I appreciate everyone's patience while I take proper security measures before bringing the exchange back online.

Thanks For clarification because of the honesty you have ...Many trust you and a few will attempt to attack good luck ...we will wait .

Wolf Rainer
Legendary
*
Offline Offline

Activity: 1960
Merit: 1022


View Profile
May 03, 2014, 06:30:02 AM
 #858

I need to buy more coins and the trollbox!
Jonesd
Legendary
*
Offline Offline

Activity: 1876
Merit: 1014



View Profile
May 03, 2014, 06:38:08 AM
 #859

All funds are safe. Poloniex does use cold wallets.

What happened was an attacker used social engineering to gain root access to a wallet server. This was made possible by absolutely jaw-dropping negligence on the part of the hosting provider. Fortunately, I caught the attempt in time and was able to shut down the server before anything was taken. All BTC has been moved into cold storage, and then next step is to set up a new server with a different provider.

Please stop sending BTC to your old BTC deposit addresses. The funds will not be lost, but all new addresses must be generated, as I must assume the old wallet is compromised. It is very unlikely that it was, but "unlikely" is not good enough.

I appreciate everyone's patience while I take proper security measures before bringing the exchange back online.

Thanks For clarification because of the honesty you have ...Many trust you and a few will attempt to attack good luck ...we will wait .

Thanks for the honest indeed! Good luck! Smiley

Co-Founder and Managing Partner of Block Bastards
Sierpazo
Newbie
*
Offline Offline

Activity: 50
Merit: 0


View Profile
May 03, 2014, 06:50:21 AM
 #860

It's over...
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 [43] 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 ... 171 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!