Bitcoin Forum
December 03, 2016, 11:53:18 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 3 »  All
  Print  
Author Topic: Is this a security issue? Massive worker un & pw list found through google ...  (Read 3445 times)
strictlyfocused
Jr. Member
*
Offline Offline

Activity: 55


View Profile
September 22, 2011, 02:57:13 AM
 #1

http://50.19.139.134/test.php

I found it by simply doing a google search for my email address. I wonder how many people used a password on there that may be to an actual account somewhere else?
1480809198
Hero Member
*
Offline Offline

Posts: 1480809198

View Profile Personal Message (Offline)

Ignore
1480809198
Reply with quote  #2

1480809198
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480809198
Hero Member
*
Offline Offline

Posts: 1480809198

View Profile Personal Message (Offline)

Ignore
1480809198
Reply with quote  #2

1480809198
Report to moderator
1480809198
Hero Member
*
Offline Offline

Posts: 1480809198

View Profile Personal Message (Offline)

Ignore
1480809198
Reply with quote  #2

1480809198
Report to moderator
ineededausername
Hero Member
*****
Offline Offline

Activity: 784


bitcoin hundred-aire


View Profile
September 22, 2011, 02:59:49 AM
 #2

O.o
phew, I'm not on that list.
ok... what the hell!?
Why is somebody storing passwords in plaintext!?

(BFL)^2 < 0
simonk83
Hero Member
*****
Offline Offline

Activity: 896


View Profile
September 22, 2011, 03:27:01 AM
 #3

Oh dear.   A lot of the guys on that list might want to change their passwords... quicksmart.
Keninishna
Hero Member
*****
Offline Offline

Activity: 551



View Profile WWW
September 22, 2011, 03:29:12 AM
 #4

looks like the nofeemining pool worker passwords.
paraipan
Legendary
*
Offline Offline

Activity: 924


Firstbits: 1pirata


View Profile WWW
September 22, 2011, 03:38:58 AM
 #5

looks like the nofeemining pool worker passwords.

... or some real ones if you ask me

BTCitcoin: An Idea Worth Saving - Q&A with bitcoins on rugatu.com - Check my rep
Phinnaeus Gage
Legendary
*
Offline Offline

Activity: 1302


Bitcoin: An Idea Worth Spending


View Profile
September 22, 2011, 03:41:44 AM
 #6

Looks like there's a lot of SA members there. But no one here would dare to...Surely not...No Way!

Remember: Play nice!
Isepick
Full Member
***
Offline Offline

Activity: 181


View Profile
September 22, 2011, 03:43:46 AM
 #7

Those look like workers...foolish is someone who uses the same password for their workers as their actual login. Good way to get your account emptied.
lightbox
Full Member
***
Offline Offline

Activity: 212


View Profile WWW
September 22, 2011, 03:47:29 AM
 #8

http://50.19.139.134/  directory index is on too theres a few other files there,,,, none output anything else bad tho

https://www.canadianbitcoins.com for quick & easy buy/sell with $CAD
Canada's Oldest Bitcoin Brokerage.  Serving Canadian Bitcoiners since 2011!
RandyFolds
Sr. Member
****
Offline Offline

Activity: 434



View Profile
September 22, 2011, 03:57:56 AM
 #9

worker passwords are totally pointless. mine are all default. you guys wanna mine for me? feel free.

▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓
▓▓ ONEDICE.ME ▓▓▓▓▓ BEST DICE EXPERIENCE ▓▓▓▓ PLAY OR INVEST ▓▓▓▓▓▓
▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓
Phinnaeus Gage
Legendary
*
Offline Offline

Activity: 1302


Bitcoin: An Idea Worth Spending


View Profile
September 22, 2011, 04:09:30 AM
 #10

Looks like there's a lot of SA members there. But no one here would dare to...Surely not...No Way!

Remember: Play nice!

And don't even think about sending Cosby Coins to any of the SA members on the list.
mb300sd
Legendary
*
Offline Offline

Activity: 1232

Drunk Posts


View Profile WWW
September 22, 2011, 04:15:00 AM
 #11

Whats the point of having passwords for workers? I'd be glad if someone mined on my account Cheesy

My password for all workers on every pool is bitcoin123 feel free to use it.

1D7FJWRzeKa4SLmTznd3JpeNU13L1ErEco
simonk83
Hero Member
*****
Offline Offline

Activity: 896


View Profile
September 22, 2011, 04:18:52 AM
 #12

Yes, well, we're the smart ones apparently.  Not everyone is.   You have a nice list now of email addresses and potential passwords.  You do the maths.
RandyFolds
Sr. Member
****
Offline Offline

Activity: 434



View Profile
September 22, 2011, 04:21:41 AM
 #13

Yes, well, we're the smart ones apparently.  Not everyone is.   You have a nice list now of email addresses and potential passwords.  You do the maths.

It is kind of terrible...taking a closer look, a LOT of people have complex passwords set for their workers. It makes me want to start trying them on facebook, but I am not enough of a dick.

▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓
▓▓ ONEDICE.ME ▓▓▓▓▓ BEST DICE EXPERIENCE ▓▓▓▓ PLAY OR INVEST ▓▓▓▓▓▓
▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓
Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1442



View Profile
September 22, 2011, 04:32:07 AM
 #14

... but I am not enough of a dick.

Got me fooled!

Isepick
Full Member
***
Offline Offline

Activity: 181


View Profile
September 22, 2011, 04:37:30 AM
 #15

I bet a few of those passwords work on those emails...and that a few more work on their Gox accounts as well...
giszmo
Legendary
*
Offline Offline

Activity: 1568


¡ɥɔʇɐʍ ʇsnɾ &#7


View Profile WWW
September 22, 2011, 11:04:03 AM
 #16

Ok, I'm a dick. 3rd try of a gmail account worked. I'll try to inform gmail to lock them all but ... hmm ... how to reach all mail hosters?

giszmo
Legendary
*
Offline Offline

Activity: 1568


¡ɥɔʇɐʍ ʇsnɾ &#7


View Profile WWW
September 22, 2011, 11:04:49 AM
 #17

@OP actually you're the dick for posting the link without any attempt to warn those affected.

giszmo
Legendary
*
Offline Offline

Activity: 1568


¡ɥɔʇɐʍ ʇsnɾ &#7


View Profile WWW
September 22, 2011, 11:19:12 AM
 #18

Ok, the one gmail account I tried out and worked got this message a minute ago:
Your request (#....) has been received, and will be reviewed by our support staff.

Our help desk is experiencing unusually high traffic currently. We regret to inform you that you will experience some delays (currently 48-72 hrs) in us getting back to you.

We sincerely apologize for the inconvenience and are working on all fronts to improve our response times.

To review the status of the request and add additional comments, follow the link below:
http://support.mtgox.com/tickets/....


This means somebody even more evil than the OP and me is already at it. I could have logged into Gox but didn't as from having his main mail account I know the rest is trivial.


HOW TO RING THE BELLS?Huh?

deslok
Sr. Member
****
Offline Offline

Activity: 448


It's all about the game, and how you play it


View Profile
September 22, 2011, 11:25:34 AM
 #19

Write a script to just pull the email addresses from the list end send an email to all of them.

"If we don't hang together, by Heavens we shall hang separately." - Benjamin Franklin

If you found that funny or something i said useful i always appreciate spare change
1PczDQHfEj3dJgp6wN3CXPft1bGB23TzTM
giszmo
Legendary
*
Offline Offline

Activity: 1568


¡ɥɔʇɐʍ ʇsnɾ &#7


View Profile WWW
September 22, 2011, 11:35:57 AM
 #20

Write a script to just pull the email addresses from the list end send an email to all of them.

Write a script to change all their passwords faster than somebody does what you suggested ...

No, this should go to the email provider's attention don't you think so?

Pages: [1] 2 3 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!