CloudFlare has been hacked. FALSE ALARM

ScottWilson (OP)

Newbie

Offline

Activity: 25
Merit: 0

CloudFlare has been hacked. FALSE ALARM

April 02, 2014, 04:49:31 AM
Last edit: April 02, 2014, 05:09:56 AM by ScottWilson

Ok, false alarm. I just got a bunch of delayed payout notifications, and they match amounts that I had sent to my address on the blockchain. Someone must have restarted a dead smtp server and a bunch of old mail got sent out. It's looking like some sites using CloudFlare are rewriting all IP addresses for incoming traffic also. So you'll never see your own IP address if you have login notifications enabled.

Sorry if this freaked anyone out.

Here is the IP address that just logged in as me to an EMC2 pool:

http://dazzlepod.com/ip/173.245.55.67/ Clearly owned by cloudflare. Cloudflare is a service used by lots of altcoin mining and exchanges to protect against DDoS.

Here is a screenshot of the notification they logged in as me.

http://imgur.com/4R1w7pv

CloudFlare owns that IP address. So either CloudFlare has been hacked, or CloudFlare is logging into services they protect to steal coins.

There's no other explanation.

1715462565

Hero Member

Offline

Posts: 1715462565

Ignore

1715462565

1715462565


	Report to moderator

1715462565

Hero Member

Offline

Posts: 1715462565

Ignore

1715462565


	Report to moderator

1715462565

Hero Member

Offline

Posts: 1715462565

Ignore

1715462565


	Report to moderator

"Governments are good at cutting off the heads of a centrally controlled networks like Napster, but pure P2P networks like Gnutella and Tor seem to be holding their own." -- Satoshi

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.

1715462565

Hero Member

Offline

Posts: 1715462565

Ignore

1715462565


	Report to moderator

1715462565

Hero Member

Offline

Posts: 1715462565

Ignore

1715462565


	Report to moderator

1715462565

Hero Member

Offline

Posts: 1715462565

Ignore

1715462565


	Report to moderator

jjdub7

Hero Member

Offline

Activity: 938
Merit: 502

Re: CloudFlare has been hacked.

April 02, 2014, 05:00:58 AM

Just saw this. Pulled my account to cold storage on my private-keyed accounts.

ScottWilson (OP)

Newbie

Offline

Activity: 25
Merit: 0

Re: CloudFlare has been hacked.

April 02, 2014, 05:04:27 AM

Everybody hold up. I might be wrong. I'm noticing things that aren't adding up. I logged in to see if the password had been changed, and if they changed the payment address, and neither had. Then I checked the IP address the login was assigned. Give me a few. It sent me a login notification with another CloudFlare IP when I logged in. I'm getting a feeling this might have been seriously delayed smtp mail. Like someone just restarted sendmail and a bunch of old mail got sent out.

gweedo

Legendary

Offline

Activity: 1498
Merit: 1000

Re: CloudFlare has been hacked.

April 02, 2014, 05:05:51 AM

This is exactly why I would never use cloudfare, there are better ways to handle DDOSes.

jjdub7

Hero Member

Offline

Activity: 938
Merit: 502

Re: CloudFlare has been hacked. FALSE ALARM

April 02, 2014, 06:21:45 PM

Quote from: ScottWilson on April 02, 2014, 04:49:31 AM

Here is a screenshot of the notification they logged in as me.

http://imgur.com/4R1w7pv

CloudFlare owns that IP address. So either CloudFlare has been hacked, or CloudFlare is logging into services they protect to steal coins.

There's no other explanation.

Might be a false alarm, but that doesn't explain this, unless CloudFlare is issuing these shitty certificates, which means that somebody within CloudFlare could potentially exploit related vulnerabilities.

Velkro

Legendary

Offline

Activity: 2296
Merit: 1014

Re: CloudFlare has been hacked. FALSE ALARM

April 02, 2014, 06:49:35 PM

false alarm is another kind of alarm to consider
i mean, u never know

Pages: [1]

Bitcoin Forum > Economy > Trading Discussion > CloudFlare has been hacked. FALSE ALARM

« previous topic next topic »