Hacked Linode & coins stolen to 1NRy8GbX56MymBhDYM...

[Clipse]

Not to throw petrol on this absolute fkup(and it does seem linode is to blame), isnt there a way to manage autopayouts with encrypted wallets so that if your wallet gets accessed its still highly encrypted and unspendable(atleast within the next couple of billion years before its cracked)

[tritium]

isn't this something the new bips can help with

[Revalin]

isnt there a way to manage autopayouts with encrypted wallets so that if your wallet gets accessed its still highly encrypted and unspendable

Your software has to know the encryption key in order to make the payouts.

In this particular case it may have helped - if the key was stored only RAM (Slush would have had to type it in every reboot) it would have been wiped when the server was rebooted.  On the other hand, if the attackers get access without rebooting they can grab the key out of RAM and decrypt the wallet.

[bitcoinsarefun]

I am against anything that could potentially put coins into limbo and add even a hint of centralization to the mix.

plus, there is no way I would trust any organization to decide how "tainted" my coins were ... it sounds like it could be ripe for abuse

Agreed on both count, but ... read my previous post: there nothing
you can do to prevent this from being built by someone at some point.

Oh yeah, no doubt about that

I'm curious, How is this handled in the "real world" now with currency?

[malevolent]

I'm under impression, you are the first (or one of the very few) people who were hacked and decide to cover the loss from their own pocket. Now I'm happy we have at least the 2%.

So we can see that all linode bitcoin users were affected - if I were you I would contact everyone else affected and send a letter to the company demanding to cover the losses or have a class action lawsuit. At least that's what I would do but I am not a lawyer/what's their ToS/on what terms you were using their service,etc, but I wish you good luck.

[bitcoinsarefun]

isnt there a way to manage autopayouts with encrypted wallets so that if your wallet gets accessed its still highly encrypted and unspendable

Your software has to know the encryption key in order to make the payouts.

In this particular case it may have helped - if the key was stored only RAM (Slush would have had to type it in every reboot) it would have been wiped when the server was rebooted.  On the other hand, if the attackers get access without rebooting they can grab the key out of RAM and decrypt the wallet.

The reboot is what's throwing me on this whole thing ... I've got to go read the timeline again, it wouldn't make sense to me to reboot the machine (potentially alerting the server admin ) if you were able to comprise a linode node at the level that has been suggested.

edit: nvm, its clearly explained in the OP. though why a node would need a reboot after a password change is beyond me

[Revalin]

Getting access to the Linode admin UI doesn't give access to the server itself.  You can view the console, but you just get the login prompt.  You still need the server's password to log in.

To reset the password the server has to be shut down so that /etc/shadow can be modified.  At that point they could just go in and grab the data, but they most likely used Linode's password changer to minimize the downtime to a few seconds to help prevent getting caught.

A reboot wouldn't be required if they got access to the Linode hosts, but it doesn't sound like that was the case here.  I'm guessing the exploit is in their web-based server management.

[FreeMoney]

The downside is this would destroy fungibility.  I'm not eager to see that happen.

Agreed.
This is why I said many people would dislike this idea.

However, there is nothing anyone can do to prevent it from happening
at some point: all the data to do this is right there, in the block chain.

No one needs to prevent it, and the data is not all right there in the chain, the most relevant piece in this case is in this thread.

Thefts are not usually known in the first minutes after they happen. It will be trivial to switch the coins before they get the taint. Someone else will hold the bag (and they'll be kindly informed after it is too late by your spiffy taint client).

[eleuthria]

Getting access to the Linode admin UI doesn't give access to the server itself.  You can view the console, but you just get the login prompt.  You still need the server's password to log in.

To reset the password the server has to be shut down so that /etc/shadow can be modified.  At that point they could just go in and grab the data, but they most likely used Linode's password changer to minimize the downtime to a few seconds to help prevent getting caught.

A reboot wouldn't be required if they got access to the Linode hosts, but it doesn't sound like that was the case here.  I'm guessing the exploit is in their web-based server management.

This is by far one of the scariest things about the process.  Considering Slush and the Faucet were compromised at roughly the same time, it points to the flaw being in Linode's administrative control panel.  A -very- scary situation, considering Linode is one of the largest VPS providers around.

[paraipan]

Sorry to hear that guys. I only hope Gavin manages to achieve consensus and use his available resources to have that multisig feature implemented.

[FreeMoney]

Yes, but if the bagholder isn't happy about the "quality" of the coins,
the person who committed the theft is now known.

This is not the right thread for this, we should move.

The person is not known unless 100% of bitcoin services ID customers.

[slush]

Linode confirmed that it was their fault, see bottom of pastebin.

So far it looks like superadmin account of Linode Manager leaked, which also explains why there was no login attempt to my account, although there was job for restart & password change.

[DeathAndTaxes]

Sorry to hear that guys. I only hope Gavin manages to achieve consensus and use his available resources to have that multisig feature implemented.

A classic example of why we need ps2h

With p2sh Slush could have had one key on the server and a second key on an independent device (with third key kept always offline on paper as failsafe).  If he makes payments in batches he could even keep the second device offline outside payment windows and route signing through vpn or tor to provide further hardening.

ps2h is needed to provide not just "stupid user protection" but enterprise grade security solutions.

[SgtSpike]

Wow, quite the attack.  I'd go straight after Linode with a lawsuit.  

[bitlane]

Linode confirmed that it was their fault, see bottom of pastebin.

So far it looks like superadmin account of Linode Manager leaked, which also explains why there was no login attempt to my account, although there was job for restart & password change.

Are they going to cover your losses ? This is a substantial amount of money involved.

[glitch003]

Wow, quite the attack.  I'd go straight after Linode with a lawsuit. 

There may be something in their EULA to protect them against this type of lawsuit

[blueadept]

We appreciate your business and certainly want to keep you as a happy and satisfied customer. If there is anything we can do to make this up to you, certainly let us know.

Ask them to cover your losses.

[SgtSpike]

Wow, quite the attack.  I'd go straight after Linode with a lawsuit. 

There may be something in their EULA to protect them against this type of lawsuit

EULA's aren't the end-all that companies make them out to be though.  Even if they say "we will not be held liable for blah blah blah", doesn't mean that a court won't hold them liable.

[Revalin]

Subscriber further acknowledges that Linode.com's liability for its own negligence may not in any event exceed an amount equivalent to charges payable by subscriber for services during the period damages occurred. In no event shall Linode.com be liable for any special or consequential damages, loss or injury. Linode.com is not responsible for any damages your business may suffer.

https://www.linode.com/tos.cfm

I wouldn't expect any different from inexpensive hosting.  No one would take on that kind of liability without a large markup.

It might be in their interests to take responsibility for damages for PR reasons, but I don't think they have a mandate (ethically or legally) to cover $15k of consequential damages for a customer using a $50-100/month service.

I also would not jump on them for admitting fault.  There are way too many companies out there that try to cover everything up when they screw up.  Linode should be commended for providing a prompt and honest answer right from the top brass.

I suggest asking nicely, not with a lawyer's letterhead.

[Wandering Albatross]

Shows a major weakness in linode I'd say. Other linodes were hit as well.  I would be saying goodbye to linode. Since they seem to be short on details we can't conclude anything, except that they're system is flawed. They need to have failsafes in place.

What could you have done to prevent this?  Would an encrypted wallet prevented this?  Multiple wallets?  It may help a lot of people to discuss how to make it harder at least.

Stealing BTC might become more profitable than mining or maybe it already is, the crook had to give up an 0day possibly?

Would be nice to see linode present an in-depth analysis if they can't cover any of your losses.