Bitcoin Forum
March 28, 2024, 10:07:09 AM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Warning: One or more bitcointalk.org users have reported that they strongly believe that the creator of this topic is a scammer. (Login to see the detailed trust ratings.) While the bitcointalk.org administration does not verify such claims, you should proceed with extreme caution.
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 [35] 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 ... 280 »
  Print  
Author Topic: Eligius: 0% Fee BTC, 105% PPS NMC, No registration, CPPSRB  (Read 1061036 times)
This is a self-moderated topic. If you do not want to be moderated by the person who started this topic, create a new topic.
bolverk
Newbie
*
Offline Offline

Activity: 52
Merit: 0


View Profile
March 13, 2014, 11:37:06 PM
 #681

Pay attention to what was said:  the pool servers are fine, they didn't get hacked.  The portal, however, is a different story.  Wiz is on it.

Wiz:  I hope you're logging IP addresses, and have some back logs to troll.  I'd be interested in knowing if the jack wagon changing the NMC address did so from the same IP as one of your registered users.  He'd be a poor hacker if he did, but half these script kiddies don't understand how network services work, anyway.

The IP of the attacker is 178.252.115.200, but this obviously isn't all that useful.  This IP is actually associated with some attempted low-hashrate mining with the following addresses: 141Ui93eV83HSnpyDcvdtGtR3UqwYss5q7, 17hpCt7vWLCksCpUgQpFURjWHjZDhNDYhz, 1MsMx8hfYW6tS1Y9oGZhAbSqvrD8DDgNzN.  But, no earnings to speak of on these, really.

Note: I have no issues publicly revealing private data like this on attackers.

Yeh. thx for sharing

Russian IP from Saint Petersburg based home internet. fun to know at least  Grin

That ISP appears only to have 8K addresses, I'd be curious to know how many Eligius members also hail from the 178.252.96.0 - 178.252.127.255 block.
"There should not be any signed int. If you've found a signed int somewhere, please tell me (within the next 25 years please) and I'll change it to unsigned int." -- Satoshi
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1711620429
Hero Member
*
Offline Offline

Posts: 1711620429

View Profile Personal Message (Offline)

Ignore
1711620429
Reply with quote  #2

1711620429
Report to moderator
1711620429
Hero Member
*
Offline Offline

Posts: 1711620429

View Profile Personal Message (Offline)

Ignore
1711620429
Reply with quote  #2

1711620429
Report to moderator
roy7
Sr. Member
****
Offline Offline

Activity: 434
Merit: 250


View Profile
March 13, 2014, 11:50:42 PM
 #682

If that is their real IP and not a proxy, it wouldn't be that hard for the ISP to see which customer was assigned that IP address at the times Eligus was accessed. Should law enforcement get involved that is. And on top of that, isn't cryptocurrency illegal in Russian? Some extra charges that could be filed. Wink
JakeTri
Full Member
***
Offline Offline

Activity: 154
Merit: 100


View Profile
March 13, 2014, 11:59:55 PM
 #683

I guess I don't understand how everyone's NMC address was changed to the same thing if there was no hack.  I also haven't seen an NMC payout since the 9th.  Do we need to go back and change our NMC addresses to what they should be or will they be restored from backup?

It was an exploit of the stats code (open source), not a hack of the actual server(s).

And, no, I will fix everyone's NMC addresses using the verified data on the core server, which is not affected by this (since the new options/signatures didn't pass the re-verification).

I will also get the proper payouts out to everyone.

If the exploit affected only the stat server and the core server data is still unchanged (due to fail verification of the new data) then how it is possible that new address (available only on the stat server) was used for the payment ? ...

I think this could only happened if payment is done (or at least transaction was prepared) on the stats server instead of a server with more security ....  If my assumption is correct the a hack on the stats server may cause far bigger issues that just the stats pages ....

I hope I'm wrong ... Please confirm that I'm wrong ....

BTC donations always welcome: 1JakeTriwbahMYp1rSfJbTn7Afd1w62p2q
2GOOD
Hero Member
*****
Offline Offline

Activity: 547
Merit: 531


First bits: 12good


View Profile WWW
March 14, 2014, 12:07:49 AM
 #684

Can I suggest a rather simple solution for the problem with the NMC addresses and the signing. Is it possible to use for worker the following template:

BTCADDRESS_workername_NMCADDRESS

That way the NMC address stays in the backend server ie securely stored in the db.

I don't know if this is possible, just thinking out laud Smiley

The downside on this will be that you have to assign worker to use merged mining, not a big deal Smiley


bolverk
Newbie
*
Offline Offline

Activity: 52
Merit: 0


View Profile
March 14, 2014, 12:11:18 AM
 #685


If the exploit affected only the stat server and the core server data is still unchanged (due to fail verification of the new data) then how it is possible that new address (available only on the stat server) was used for the payment ? ...

I think this could only happened if payment is done (or at least transaction was prepared) on the stats server instead of a server with more security ....  If my assumption is correct the a hack on the stats server may cause far bigger issues that just the stats pages ....

I hope I'm wrong ... Please confirm that I'm wrong ....


I think you misunderstand the problem.  This only affected NMC payments which are done manually, based on the addresses in the database.  It doesn't matter where he issued the payments from, it was from a tainted data set.  Luckily, the real money in this pool is in BTC, and that payment system isn't vulnerable to the same attack.
bolverk
Newbie
*
Offline Offline

Activity: 52
Merit: 0


View Profile
March 14, 2014, 12:13:46 AM
 #686

Can I suggest a rather simple solution for the problem with the NMC addresses and the signing. Is it possible to use for worker the following template:

BTCADDRESS_workername_NMCADDRESS

That way the NMC address stays in the backend server ie securely stored in the db.

I don't know if this is possible, just thinking out laud Smiley

The downside on this will be that you have to assign worker to use merged mining, not a big deal Smiley



Or, all addresses from the database (as part of our configuration settings) could simply be authenticated by the cryptographic signature we have to upload... assuming those signatures are being stored, of course.  Which would be much less intrusive that screwing around with the pool code.
kodiak1120
Full Member
***
Offline Offline

Activity: 220
Merit: 100


View Profile
March 14, 2014, 12:30:13 AM
 #687

So how long were the NMCs being paid to that address?  Was it only a single payout for each miner or was it multiple days?  Also, is there any way to tell how many NMCs were obtained by the hacker?
wizkid057 (OP)
Legendary
*
Offline Offline

Activity: 1223
Merit: 1006


View Profile
March 14, 2014, 12:33:04 AM
 #688

So how long were the NMCs being paid to that address?  Was it only a single payout for each miner or was it multiple days?  Also, is there any way to tell how many NMCs were obtained by the hacker?

There was just one payout to the attacker address, today, when I pushed the payouts through without doing my normal checks on them.

Tips: 1LDQrLr6dPVqNJmpZm82eZVKqDFRk7ERW8
Operator of the Eligius Mining Pool - 0% Fee, SAPPLNS, GBT, Stratum, IRC+Phone Support, Share Market (coming soon), Generation payouts, and more.
Don't feed the trolls. Science Confirms: Internet Trolls Really Are Narcissistic, Psychopathic, and Sadistic (1)
fsb4000
Legendary
*
Offline Offline

Activity: 1400
Merit: 1000



View Profile
March 14, 2014, 12:43:01 AM
 #689

How many bytes in Eligius block are set aside for  high priority transactions ? 30 000 bytes or 50 000 bytes or different value?
wizkid057 (OP)
Legendary
*
Offline Offline

Activity: 1223
Merit: 1006


View Profile
March 14, 2014, 02:30:54 AM
 #690

Ok, I restored everyone's latest signature-valid options to the My Eligius page.

I'm moving some NMC coins out of cold storage to complete the correct NMC payouts, but my cold storage for NMC is very far behind and probably wont catch up until tomorrow.

Everything should be good now, and I will keep an eye on things.  I will also do a detailed write up tomorrow after I get NMC and BTC payouts all caught up.

-wk


Note: Deleted a sarcastic, not-helpful-in-any-way post.

Tips: 1LDQrLr6dPVqNJmpZm82eZVKqDFRk7ERW8
Operator of the Eligius Mining Pool - 0% Fee, SAPPLNS, GBT, Stratum, IRC+Phone Support, Share Market (coming soon), Generation payouts, and more.
Don't feed the trolls. Science Confirms: Internet Trolls Really Are Narcissistic, Psychopathic, and Sadistic (1)
wizkid057 (OP)
Legendary
*
Offline Offline

Activity: 1223
Merit: 1006


View Profile
March 14, 2014, 02:40:10 AM
 #691

Also a quick note, I set the stats to once again reverify everything against the latest database copy, and while it does it will probably complain about a failsafe (since it won't be checking a realtime copy until its done).

It will correct itself though, in probably less than an hour.  As always, no earnings lost, mining works, etc.

-wk

Tips: 1LDQrLr6dPVqNJmpZm82eZVKqDFRk7ERW8
Operator of the Eligius Mining Pool - 0% Fee, SAPPLNS, GBT, Stratum, IRC+Phone Support, Share Market (coming soon), Generation payouts, and more.
Don't feed the trolls. Science Confirms: Internet Trolls Really Are Narcissistic, Psychopathic, and Sadistic (1)
Fastblack3
Newbie
*
Offline Offline

Activity: 10
Merit: 0


View Profile
March 14, 2014, 03:33:32 AM
 #692

To go off topic, has anyone else received payouts of 0.00000001 BTC from 1Enjoy1 or 1SochiWw? I've had 1 payout from each this month and am wondering what the issue could be. Both transactions are not in the blockchain and the transaction from 1Enjoy1 has disappeared from my wallet. These transactions were sent to over 500+ wallets from what I can sort out. Is this an attempted hack on wallets?

Thanks for the time.
eleuthria
Legendary
*
Offline Offline

Activity: 1750
Merit: 1007



View Profile
March 14, 2014, 04:18:32 AM
 #693

To go off topic, has anyone else received payouts of 0.00000001 BTC from 1Enjoy1 or 1SochiWw? I've had 1 payout from each this month and am wondering what the issue could be. Both transactions are not in the blockchain and the transaction from 1Enjoy1 has disappeared from my wallet. These transactions were sent to over 500+ wallets from what I can sort out. Is this an attempted hack on wallets?

Thanks for the time.

It's somebody trying to spam the blockchain.  They've been doing it for a few months, but as far as I'm aware few (none?) of them have ever managed to actually get confirmed.

RIP BTC Guild, April 2011 - June 2015
organofcorti
Donator
Legendary
*
Offline Offline

Activity: 2058
Merit: 1007


Poor impulse control.


View Profile WWW
March 14, 2014, 04:33:30 AM
Last edit: March 14, 2014, 05:33:45 AM by organofcorti
 #694

To go off topic, has anyone else received payouts of 0.00000001 BTC from 1Enjoy1 or 1SochiWw? I've had 1 payout from each this month and am wondering what the issue could be. Both transactions are not in the blockchain and the transaction from 1Enjoy1 has disappeared from my wallet. These transactions were sent to over 500+ wallets from what I can sort out. Is this an attempted hack on wallets?

Thanks for the time.

It's somebody trying to spam the blockchain.  They've been doing it for a few months, but as far as I'm aware few (none?) of them have ever managed to actually get confirmed.

You using the Multibit wallet? A recent update removed the fakey txs.

Bitcoin network and pool analysis 12QxPHEuxDrs7mCyGSx1iVSozTwtquDB3r
follow @oocBlog for new post notifications
TodaysGandalf
Newbie
*
Offline Offline

Activity: 47
Merit: 0


View Profile
March 14, 2014, 05:07:15 AM
 #695

My data hack (if that's what all this stuff amounted to be) was to reset all my settings to zero donation and no namecoin address.  Great...  Settings change... take two.  Sure glad namecoin wasn't a big financial "thing" for me.
freebit13
Hero Member
*****
Offline Offline

Activity: 616
Merit: 500

I got Satoshi's avatar!


View Profile
March 14, 2014, 05:39:31 AM
 #696

How often are NMC payments made? I'm not sure I've ever gotten one. Smiley

Edit: I passed on the situation via support ticket and IRC. I figure that's more useful than just complaining here. Wink
I suggest checking if the exchange wallet you are using supports mined coins, apparently there are some that don't.
I was referring only to NMC. NMC coins aren't mined directly to the payment addresses I believe.
I would advise against assuming this, even though it is currently correct...
FYI: If you're still not getting NMC payments, then I suggest switching wallets immediately until you are sure it has been resolved. I had a wallet on nmc-wallet.com and actually received some payments and email confirmations for a month or so then they stopped and I noticed the balance didn't match the blockchain. I'm not able to make and NMC transfers and I get no reply from their support, so I'm now 99.9999% sure that nmc-wallet.com is a scam. The site itself looks almost identical to localbitcoins.com which is what gave me a false sense of security which was supported by email confirmations when payments were made.

If they've not replied to you in 24hrs, change your wallet.

Decentralize EVERYTHING!
Kredence
Newbie
*
Offline Offline

Activity: 4
Merit: 0


View Profile
March 14, 2014, 06:38:38 AM
 #697

Have there been any other payout issues? I haven't seen anything from Eligius, in the form of Namecoin payouts, since the 8th. Anyone else seeing this?

Thanks for your hard work on this WK

Kredence

EDIT: the namecoin-qt client just showed up with a second/new address that I don't recall adding. This has been confirmed with another friend/miner who has the same issue.
azdarknet
Newbie
*
Offline Offline

Activity: 24
Merit: 0


View Profile
March 14, 2014, 06:39:59 AM
 #698

Not sure if its related but I haven't gotten a nmc payout since the 8th. Also my min payout amount was changed from .1 to .03. I can tell you for sure that I did not change my min payout since I haven't opened my bitcoin wallet in weeks so I haven't been signing messages.

If its any help wizkid I can get you my address i use to mine to check logs etc.

EDIT - I also had set donation amounts and they also changed to 0.0.
Biomech
Legendary
*
Offline Offline

Activity: 1372
Merit: 1022


Anarchy is not chaos.


View Profile
March 14, 2014, 07:23:55 AM
 #699

That's strange because I'm not getting pop-ups on other websites at all.  I'm using Chrome and when I use IE, I don't get any pop-ups... must be a Chrome issue. 
Chrome *IS* an issue... or perhaps an entire subscription, nay, library. Google has done some really cool stuff, and a few really odious things. Just below selling our personal data on the abomination list, sits Chrome.

It's a shame, too. It's open source derivatives are not bad. Certainly no Firefox, but not bad. Chrome started awful and has gotten worse with every iteration. My new phone has it as the default browser. Only reason I haven't changed it yet is because I intend to root the phone and install cyanogenmod.
Biomech
Legendary
*
Offline Offline

Activity: 1372
Merit: 1022


Anarchy is not chaos.


View Profile
March 14, 2014, 07:33:07 AM
Last edit: March 14, 2014, 07:45:24 AM by Biomech
 #700

^ + 1

Yep. I'm off the pool until this is resolved. Shucks.
Why?

Since the issue is only with NMC why stop mining BTC.  With the 1TH's that I have here on this pool the NMC payouts are just a few extra dollars each time.


My minimum payouts were altered to .2
You sure about that.  The only thing on my account that was changed was the NMC address.

Just checked mine. My NMC addy is gone, and the payout was lowered to .011. I had it at .02.

Not cool. Not too concerned about the "lost" Namecoin, but if they can alter signed messages, that's not good. It was only those two things that were changed, and I don't keep either wallet hot, so I doubt there's a problem in the long run, but I do think I may use this as an opportunity to mine some altcoins for a couple of days.

Edit: I see that Wiz is on it, and will have it in hand. So I'm staying put for the moment. However, my page is still showing a blank for the Namecoin address and the payout is lower than what I had set. I'm leaving it alone for now. Not worried about the payout threshold, I'll put it back once the rest is resolved, but I'd like to know if I need to re-enter my namecoin address.
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 [35] 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 ... 280 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!