|
braxx
|
 |
February 05, 2014, 01:01:34 AM |
|
have you made a deposit earlier to the same adress...
on the site states: "From time to time your wallet addresses may change"
did you checked that?
post as soon as possible to the dev your transaction ID
|
|
|
|
|
|
|
|
|
|
Once a transaction has 6 confirmations, it is extremely unlikely that an attacker without at least 50% of the network's computation power would be able to reverse it.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
Sanokil76
Newbie
 Offline
Activity: 33
Merit: 0
|
|
February 05, 2014, 01:08:12 AM |
|
I've deposit doge before and all well done. But there are a problem with my first dosit nyancoin...
60 confirmations on my local wallet, and anythinf on freshmarket...
|
|
|
|
|
surfer43
Sr. Member
Offline
Activity: 560
Merit: 250
"Trading Platform of The Future!"
|
|
February 05, 2014, 01:13:17 AM |
|
don't believe us? see for yourselfMy thoughts have been maybe they renamed legit files to this?  I'm pretty sure now those files are the closed source trading engine. OpenEx named the files obscurely so it would be difficult to copy their setup. freshmarket is either run by r3wt or freshmarket was sold the trading engine by r3wt. Hello again. You should clearly read op-post. It is written there - we use part of openex trade engine. It's not just named openex, it's kinda OPENsource (without deposits, withdraws, trade, but still open ). So it's not a secret, and it's clearly written at the start post of this thread. I don't follow. You can clearly see, that i said about trade engine. This page (with blue screen) was just an analogue of 404-page of our site with a little fun. It is not connected with trade engine, obviously. oh lol.  It is very confusing though.  |
|
|
|
|
|
def_ender (OP)
|
|
February 05, 2014, 04:58:16 AM |
|
You might have had it reported already.. but.. I filled out the forgot password form correctly, when I clicked the button I got this message. "Fatal error attempting mail, contact your server administrator" Thought you would like to know  Try mailing to support@freshmarket.co.in |
|
|
|
|
|
def_ender (OP)
|
|
February 05, 2014, 05:11:17 AM |
|
I've sent 7.000 nyancoin on my deposit adress but after 24 hours, no coins on freshmarket. A real shit...
Can you provide us transaction id of your deposit? |
|
|
|
|
|
def_ender (OP)
|
|
February 05, 2014, 05:23:08 AM |
|
Gonna go to work now, so couldn't answer for an hour. Don't panic  Also, we have made new security system. For your own safiness - please enable email confirmation and change your password into something more safe. Thanks! |
|
|
|
|
|
def_ender (OP)
|
|
February 05, 2014, 06:25:48 AM |
|
This moment when your work ip adress was banned on your own website Waitin for admins return (~2.5 hours), he can unban me Never thought it can happen Opened session expires if it stays without action, and if you press "refresh" you will have ACCESS DENIED page. 15 DENIED pages = ipban. Sorry for waiting guys, it's really force-major to me |
|
|
|
|
7rue
Newbie
Offline
Activity: 6
Merit: 0
|
|
February 05, 2014, 07:57:44 AM |
|
Site is down for me since about 3 minutes.
|
|
|
|
|
|
rze
|
|
February 05, 2014, 08:04:25 AM |
|
Site is down for me since about 3 minutes.
++ |
|
|
|
|
|
def_ender (OP)
|
|
February 05, 2014, 08:04:55 AM |
|
I'm really sorry to say this, but it seems that our security system wasn't enough.
Just now i received a message from someone that he has hacked our exchange, and if we want to stop this, we have to pay 10 BTC. Obviously, we are not going to pay our users' money, and we temporarily closed the exchange. We have made an secutity audit to see what's missing, and found ~1200 LTC stolen (nearly 40% of all LTC), nearly ~50% of LEAFcoins, and ~20% NYANcoins. All other currencies remained nearly unchanged.
Just now we deciding what refund can we make (dev team has nearly 200 LTC on their own, and i can give up some too). We will make a message after we have an agreement. We will 100% refund all other (not-leaf, nyan or LTC) currencies, and try to refund as much ltc as we can.
As i see, it was sql-injection, but it doesn't helped him much - all passwords are stored as hashed ones. So he just brute-forced all low-security passwords to steal their money. So if you haven't got email auth - it is possible that your account was just jacked.
I also have possible ideas about openex malware in source code, but without proofs i can't do anything.
|
|
|
|
|
|
tsjaar
|
|
February 05, 2014, 08:39:20 AM |
|
I'm really sorry to say this, but it seems that our security system wasn't enough.
Just now i received a message from someone that he has hacked our exchange, and if we want to stop this, we have to pay 10 BTC. Obviously, we are not going to pay our users' money, and we temporarily closed the exchange. We have made an secutity audit to see what's missing, and found ~1200 LTC stolen (nearly 40% of all LTC), nearly ~50% of LEAFcoins, and ~20% NYANcoins. All other currencies remained nearly unchanged.
Just now we deciding what refund can we make (dev team has nearly 200 LTC on their own, and i can give up some too). We will make a message after we have an agreement. We will 100% refund all other (not-leaf, nyan or LTC) currencies, and try to refund as much ltc as we can.
As i see, it was sql-injection, but it doesn't helped him much - all passwords are stored as hashed ones. So he just brute-forced all low-security passwords to steal their money. So if you haven't got email auth - it is possible that your account was just jacked.
I also have possible ideas about openex malware in source code, but without proofs i can't do anything.
Whoot, what a big shit that is. Good luck fixing the exchange! Please keep us informed! |
WARNING HIGH SPEED - UTC - Ultracoin
|
|
|
|
meade16
|
|
February 05, 2014, 08:48:00 AM |
|
So all those people lost their money! If you don't have the knowledge to secure an exchange then WTF are you running one for?
|
|
|
|
|
|
def_ender (OP)
|
|
February 05, 2014, 08:55:09 AM |
|
So all those people lost their money! If you don't have the knowledge to secure an exchange then WTF are you running one for?
Before starting the exchange we ordered external secutiry audit. It haven't found any issues in out security. SSH is made with certificate, nor password, so it's impossible to compromise it (and if it is possible, i don't even know what is secure in internet). In a few hours we will open support mail, to which you have to send email FROM EMAIL YOU USED ON REGISTRATION your account name, your approximate balances, and adresses to which we should send you coins. I am completely transparent. Here is the file with our balances until the shut down:http://rghost.ru/52214474 As you see, we are missing 1700 ltc from 3000, and we have transferred ~700 LTC to our cryptsy wallet for safety. So summary lack is nearly ~1000/3000. We still think about what we can do. |
|
|
|
|
|
rze
|
|
February 05, 2014, 09:28:06 AM |
|
|
|
|
|
|
|
r3wt
|
|
February 05, 2014, 09:33:59 AM |
|
I'm really sorry to say this, but it seems that our security system wasn't enough.
Just now i received a message from someone that he has hacked our exchange, and if we want to stop this, we have to pay 10 BTC. Obviously, we are not going to pay our users' money, and we temporarily closed the exchange. We have made an secutity audit to see what's missing, and found ~1200 LTC stolen (nearly 40% of all LTC), nearly ~50% of LEAFcoins, and ~20% NYANcoins. All other currencies remained nearly unchanged.
Just now we deciding what refund can we make (dev team has nearly 200 LTC on their own, and i can give up some too). We will make a message after we have an agreement. We will 100% refund all other (not-leaf, nyan or LTC) currencies, and try to refund as much ltc as we can.
As i see, it was sql-injection, but it doesn't helped him much - all passwords are stored as hashed ones. So he just brute-forced all low-security passwords to steal their money. So if you haven't got email auth - it is possible that your account was just jacked.
I also have possible ideas about openex malware in source code, but without proofs i can't do anything.
i told you to upgrade to our latest code, you wouldn't listen. also there is not malware in the source. you clearly have no idea what you are talking about, and its not sql injection either, unless its something arbirtrary you and your "devs" added to your source.Now before you try and blame me, i want you to open our github readme and read the very first sentence, aloud to yourself. "THIS IS BETA SOFTWARE. USE AT YOUR OWN RISK" It was never our intension for a handful of greedy people to clone our repo and start up fly by night exchanges, but hey they did and now you are paying the price for it. you need to check auth.log to make sure it wasn't ssh. or chech your mysql configuration. its possible you had mysql listening on something other than localhost and they bruteforced your db. finally check your ufw configuration or whatever other firewall you use. other than that the only possible entry for sql injection was newticket.php, and you said you fixed it when i tweeted you about it. in the end, it is very likely the attacker was simply bruteforcing accounts then draining the accounts. similar thing was happening at openex, probably same hacker, so we reacted by upping the security. i think i even mentioned to you about the need to tighten down bruteforce protection on all the forms. this is the risk you run cloning my repo while we are still in beta. this is the exact reason openex doesn't allow withdrawals without admin approval, and ip bans on 3 strikes on all forms where apassword is required. it is imperative to stay ahead of the game, and cloning my repo in beta is the equivalent of jumping off a cliff with a backpack. the point is, not that you are stupid. but this is a cat and mouse game and you cna't be running one of these things if you are prepared to fight with the hackers to defend your site. they are smart and if they cna't find a crack to exploit, they will make one. |
My negative trust rating is reflective of a personal vendetta by someone on default trust.
|
|
|
|
def_ender (OP)
|
|
February 05, 2014, 09:34:42 AM |
|
I'm really sorry to say this, but it seems that our security system wasn't enough.
Just now i received a message from someone that he has hacked our exchange, and if we want to stop this, we have to pay 10 BTC. Obviously, we are not going to pay our users' money, and we temporarily closed the exchange. We have made an secutity audit to see what's missing, and found ~1200 LTC stolen (nearly 40% of all LTC), nearly ~50% of LEAFcoins, and ~20% NYANcoins. All other currencies remained nearly unchanged.
Just now we deciding what refund can we make (dev team has nearly 200 LTC on their own, and i can give up some too). We will make a message after we have an agreement. We will 100% refund all other (not-leaf, nyan or LTC) currencies, and try to refund as much ltc as we can.
As i see, it was sql-injection, but it doesn't helped him much - all passwords are stored as hashed ones. So he just brute-forced all low-security passwords to steal their money. So if you haven't got email auth - it is possible that your account was just jacked.
I also have possible ideas about openex malware in source code, but without proofs i can't do anything.
[ Posting from hacked up account of bitcointalk. I hope that the owner does not object and it will not edit declaration. Someone, to if you please, repost this. ] Thus, to us it is necessary to establish the record directly on this before history it goes out of control. People must know, when exchange became the victim of theft, and when exchange itself it stole coins. I am the hacker, who sent communication. I took less than 200 LTC. I am confident, that no one yet stole 1000 LTC, if this was not in the last hour. How I can be so confident? Freshmarket it did not have somewhere closely to 1200 LTC until only pair of hours back. Their maximum balance LTC was 260 LTC before I began consuming them. The only time, when it obtained more than 1000 LTC was in the pair of hours back, because some player added 1000+ LTC. So that I think that def_ender saw the possibility to require the hacker it stole all his coins, when hacker did not steal that it is much. In reality, def_ender, possibly, planned this during several days. You do see, def_ender was known about 5 days that the site was completely broken up. I stole 50 LTC from his account of administrator first. He understood in 12 hours and changed his password. By that time I stole 100 LTC. I assumed that he will be closed exchange, because he clearly could see what occurs. But this did not make. So that I stole 100 additional LTC during the next several days. Entire time of def_ender message to bitcointalk about how there were 1 or 2 accounts, which lost 0,4 LTC or 0,8 LTC. He knew always that 200 LTC disappeared, including 50 LTC of his own! Thus, once he saw the enormous player: 1000+ LTC, he used possibility in order to require that hackers they stole. This is what I think. def_ender, if I make mistakes, this is easy for you in order to prove. You said that 1200 LTC it composed 40% of the sum total. This means that you must have 1800 LTC to the left. I speak, you never had it. If you are actual, place reference to your LTC address, which has, the 1800 of balance. Do transaction on 1,337 to prove this your account. I bet, you will not be able. The proof that this is I: defender buddha55 d_def@bk.ruI bet, you will not be able. Hello again. Just now we have > 2000 LTC on my cryptsy account, and i can prove it easily. It is halfly exchange money, and partially (~500 ltc) my own or devteam money. So where should i post 1.337 to prove it? I don't get it. |
|
|
|
|
|
def_ender (OP)
|
|
February 05, 2014, 09:37:02 AM |
|
Yes, it's maindev cryptsy account, where money was securely stored. As i said, ~500 of it was mine or maindev ones, which was withdrawn from our exchange, and >2000 of it is exchange amount. |
|
|
|
|
|
r0b1nuk
|
|
February 05, 2014, 09:38:54 AM |
|
i had a few withdrawls that spent all day yesterday as pending. is this why they havent come through
|
Bitrated user: r0b1nuk.
|
|
|
|
def_ender (OP)
|
|
February 05, 2014, 09:39:10 AM |
|
Also, if it was really you, what was the hack you used? You don't lose anything now - exchange is closing, so you wouldn't be able to steal anything.
|
|
|
|
|
|
def_ender (OP)
|
|
February 05, 2014, 09:42:53 AM |
|
I'm really sorry to say this, but it seems that our security system wasn't enough.
Just now i received a message from someone that he has hacked our exchange, and if we want to stop this, we have to pay 10 BTC. Obviously, we are not going to pay our users' money, and we temporarily closed the exchange. We have made an secutity audit to see what's missing, and found ~1200 LTC stolen (nearly 40% of all LTC), nearly ~50% of LEAFcoins, and ~20% NYANcoins. All other currencies remained nearly unchanged.
Just now we deciding what refund can we make (dev team has nearly 200 LTC on their own, and i can give up some too). We will make a message after we have an agreement. We will 100% refund all other (not-leaf, nyan or LTC) currencies, and try to refund as much ltc as we can.
As i see, it was sql-injection, but it doesn't helped him much - all passwords are stored as hashed ones. So he just brute-forced all low-security passwords to steal their money. So if you haven't got email auth - it is possible that your account was just jacked.
I also have possible ideas about openex malware in source code, but without proofs i can't do anything.
i told you to upgrade to our latest code, you wouldn't listen. also there is not malware in the source. you clearly have no idea what you are talking about, and its not sql injection either, unless its something arbirtrary you and your "devs" added to your source.Now before you try and blame me, i want you to open our github readme and read the very first sentence, aloud to yourself. "THIS IS BETA SOFTWARE. USE AT YOUR OWN RISK" It was never our intension for a handful of greedy people to clone our repo and start up fly by night exchanges, but hey they did and now you are paying the price for it. you need to check auth.log to make sure it wasn't ssh. or chech your mysql configuration. its possible you had mysql listening on something other than localhost and they bruteforced your db. finally check your ufw configuration or whatever other firewall you use. other than that the only possible entry for sql injection was newticket.php, and you said you fixed it when i tweeted you about it. in the end, it is very likely the attacker was simply bruteforcing accounts then draining the accounts. similar thing was happening at openex, probably same hacker, so we reacted by upping the security. i think i even mentioned to you about the need to tighten down bruteforce protection on all the forms. this is the risk you run cloning my repo while we are still in beta. this is the exact reason openex doesn't allow withdrawals without admin approval, and ip bans on 3 strikes on all forms where apassword is required. it is imperative to stay ahead of the game, and cloning my repo in beta is the equivalent of jumping off a cliff with a backpack. the point is, not that you are stupid. but this is a cat and mouse game and you cna't be running one of these things if you are prepared to fight with the hackers to defend your site. they are smart and if they cna't find a crack to exploit, they will make one. >you need to check auth.log to make sure it wasn't ssh No logins on ssh, it's certificate-proven. >other than that the only possible entry for sql injection was newticket.php, Fixed it. >bruteforcing accounts then draining the accounts We have fail2ban to unable bruteforce. Man, we used all security features i know, and i want to hear from hacker how this was done. Also, i still don't see what i have to do to to prove this cryptsy account belongs to me. |
|
|
|
|
|
