TL;DR: The Webdollar developers staged a hacking event. We found out and they try to cover the story.
SHADYOr: Lead developer gets scammed and issues a hardfork to undo his fuckup.
Events:
WebDollar.io - Alexandru Budisteanu:
A few days ago we encountered 2 types of attacks.
1. One out of 40 Genesis wallets was stolen - via a malware we believe now.
2. Botnet attack for increasing to ~ 1 GB/s the Global Difficulty blocking network for 2 hours. This had been done by somebody with a powerful Computation Power. After 60 hours of straight coding, we were able to finally solve all the attacks damages. We did an update on experimental pools and now in the main network too. The update contains two updates 1. Hard fork to "cancel" the effect of ALL transactions sent by the attacker using the Stolen Wallet. 2. Network optimizations for preventing other 50%+1 to change the Network Global Hashrate (difficulty). Right before doing the update, someone which was in our intranet did cut our internet connection and then after we connected directly to the internet our computers was attacked with ddos.
WebDollar.io - Alexandru Budisteanu:
WebDollar had a series of attacks organized by a big network of hackers and those did the followings:
1. Hack our local network where they found a wallet from genesis.
2. When we announced we can get back all funds which were theft from genesis the attacker started to make crazy transactions for lost the money track and make our recovery work harder.
3. After we developed and pushed the recursive transaction software for recover the funds the attackers used a boot net to rise the difficulty from 30 MH/s to 900MH/s which did cost few tens of thousands dollars for keeping the attack 5 minutes.
4. Before pushing the code, attackers did stop our internet connection.
5 After we connected to the network the attackers used ddos on our devices.
6. After 1 day the attacker started to mine blocks in the future and we fixed this issue.
7. Then he started to create his own forks with consecutive mined blocks and then propagate them into the network.
Their story is a big lie:1. Hack our local network where they found a wallet from genesis.
So the genesis wallet is kept on plaintext files? No password/passphase protected? Smells like an inside job.
2. When we announced we can get back all funds which were theft from genesis the attacker started to make crazy transactions for lost the money track and make our recovery work harder.
So you were communicating with hackers. This is not plain incompetence, is another mark of an inside job.
3. After we developed and pushed the recursive transaction software for recover the funds the attackers used a boot net to rise the difficulty from 30 MH/s to 900MH/s which did cost few tens of thousands dollars for keeping the attack 5 minutes.
Again this is a lie. Botnets are cheap and renting does not cost $X0,000 for 5 minutes. This really unfolds like a fantasy story.
4. Before pushing the code, attackers did stop our internet connection.
So the hackers had full root privileges (you need that to configure network settings) on your network? Seems improbable unless you are really incompetent. Again this seems like an inside job.
5 After we connected to the network the attackers used ddos on our devices.
So you managed to connect back? So some hackers managed to hack your network, find plaintext wallets, transfer funds, cut your internet, but you managed to get back online? The hackers do not seem incompetent, they would have wiped out your PCs. Again, this seem like a fantasy story.
6. After 1 day the attacker started to mine blocks in the future and we fixed this issue.
7. Then he started to create his own forks with consecutive mined blocks and then propagate them into the network.
So webdollar had some serious bugs. It seems that you use this fact to socialize the hardfork which recovered your funds.
Really, this is just a fantasy story. There were no attackers with big networks, insane hacking skills and tens of thousand of dollars at their disposal.
How can you lie like this?
The devs are changing the narative, it's Linux fault now.
I have explained everything that the wallets were not encrypted with any password and stored on my personal computer and somebody exploited a vulnerability in my linux machines or the local network. There were no problem with the code and you can check the github repository. There were no issues with the code and nobody can steal money from an account with 51% attacks. They can only invalidate transactions usually to attack exchanges.
Somebody had got remote control of my computer and had stolen the wallet from my personal computer. Regarding Linux - have a lot of exploits. Checking this database https://www.exploit-db.com/platform/?p=linux different distribution of Linuxes had over 2777 exploits which were publicly published. The wallets were recovered entirely and it didn't affect the network in any way. Team are still collecting data from attacks to open a criminal file for theft and unauthorized entry into a computer system, wich in Romanian law conduct to jail.
Where is the data? What really happened? It has been weeks since this event? What is the status?