Hi there,
we had a lot of time today to find more information about the recent "hacks" of accounts in lots of pools.
It seams that its always the same IP.
Everytime the user logs in, with username + pw + pin, so no bruteforce or something. He MUST have the login information from other pools.
So maybe some of you can get some more info.........
85.25.152.63
india757.startdedicated.com
Server gehört zu ->
http://www.server4you.com/Aber steht in Deutschland ->
http://www.ip-adress.com/ip_lokalisieren/85.25.152.63http://reverseip.domaintools.com/search/?q=85.25.152.63http://whois.domaintools.com/coinfor.ushttp://whois.domaintools.com/amtechcebu.comhttp://www.majesticseo.com/reports/neighbourhood-checker?d=coinfor.us&IndexDataSource=F -> everqueen.net
everqueen.net -> bestätigt Cebu City!
Domain Name: COINFOR.US
Domain ID: D43768243-US
Sponsoring Registrar: ENOM, INC.
Sponsoring Registrar IANA ID: 48
Registrar URL (registration services): whois.enom.com
Domain Status: clientTransferProhibited
Registrant ID: 594753FFB8FF7E49
Registrant Name: Jocelyn Amatong
Registrant Organization: OS
Registrant Address1: ML Quezon
Registrant City: Cebu City
Registrant State/Province: cebu
Registrant Postal Code: 6015
Registrant Country: Philippines
Registrant Country Code: PH
Registrant Phone Number: +63.921645
Registrant Email:
So ALWAYS use different Username + PW + PIN on any pool you mine! Or use 2 fact auth if possible.
Mike
http://poolerino.com
