Bitcoin Forum
December 10, 2016, 01:11:00 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: problem resolved  (Read 981 times)
a nice guy
Newbie
*
Offline Offline

Activity: 27


View Profile
March 28, 2012, 08:10:16 PM
 #1

Hello guys,

usally I don't disclose any information about the security vulnerabilities that I find.
But in this case, I have to.

First, I won't give any information about the security vulnerability!

Facts:
The vulnerability itself could only be programmed by a total noob.
There isn't any information about the owner of the site.
There site doesn't provides no contact information.
The whois returned only a postbox.


Speculation:
Total scammer, tries to lure as many users as he can trough the so called "beta invitation".
Once the "beta" has started, most of the "lucky" ones will download an random_file_name.exe,
which installs a trojan and/or uploads the wallet.dat on the victims pc.


I strongly suggest to not register to that beta and don't download software from it,
until, it still could be, proved otherwise.


kind regards,
a nice guy


Sorry forgot to add the original post https://bitcointalk.org/index.php?topic=73714.0

1PqBH6NWFBhbVF7Srw5ZYGtmLcya1aaw9g
security audits (http://bitcointalk.org/index.php?topic=75684)
pgp: 0x77DA3A9A @ pgp.mit.edu (http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x83F5BD9E77DA3A9A)
1481375460
Hero Member
*
Offline Offline

Posts: 1481375460

View Profile Personal Message (Offline)

Ignore
1481375460
Reply with quote  #2

1481375460
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481375460
Hero Member
*
Offline Offline

Posts: 1481375460

View Profile Personal Message (Offline)

Ignore
1481375460
Reply with quote  #2

1481375460
Report to moderator
1481375460
Hero Member
*
Offline Offline

Posts: 1481375460

View Profile Personal Message (Offline)

Ignore
1481375460
Reply with quote  #2

1481375460
Report to moderator
Tuxavant
Hero Member
*****
Offline Offline

Activity: 756


Bitcoin Mayor of Las Vegas


View Profile WWW
March 29, 2012, 01:03:03 PM
 #2

The guy that runs this is the same guy that runs the property management site in las vegas that accepts Bitcoin as payment for rent.

If you have a security vulnerability to report, I would appreciate it if you would forward the information to him directly. Email being sent privately.

Generation Bitcoin | G+ | FB | Bitcoins In Vegas | CoinBus.com | TOR Exit Operator 1MVTPATVCKBMfALRHJsXpHfKJu7GyL7nAc
a nice guy
Newbie
*
Offline Offline

Activity: 27


View Profile
March 29, 2012, 06:33:34 PM
 #3

Hello Tuxavant,

I already did send him a detailed report, no resonse yet.
The email-address was that one in the whois entry.

kind regards,
a nice guy

1PqBH6NWFBhbVF7Srw5ZYGtmLcya1aaw9g
security audits (http://bitcointalk.org/index.php?topic=75684)
pgp: 0x77DA3A9A @ pgp.mit.edu (http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x83F5BD9E77DA3A9A)
Tuxavant
Hero Member
*****
Offline Offline

Activity: 756


Bitcoin Mayor of Las Vegas


View Profile WWW
March 29, 2012, 10:52:29 PM
 #4

I just got off the phone with him.. Thank you very much for bringing this to his attention. The issue has been resolved. If you were to post a bitcoin address, I'm pretty sure I could get him to cough up a more meaningful thank you.

Generation Bitcoin | G+ | FB | Bitcoins In Vegas | CoinBus.com | TOR Exit Operator 1MVTPATVCKBMfALRHJsXpHfKJu7GyL7nAc
a nice guy
Newbie
*
Offline Offline

Activity: 27


View Profile
March 30, 2012, 06:49:55 AM
 #5

Hello,

 I can confirm that vulnerability has been closed.
My donation-address is 1NKjePpC8oyHNW3ZJ8Efm7QNWcGS5pU337

Thanks, any donation is very appreciated Smiley

kind regards,
a nice guy

1PqBH6NWFBhbVF7Srw5ZYGtmLcya1aaw9g
security audits (http://bitcointalk.org/index.php?topic=75684)
pgp: 0x77DA3A9A @ pgp.mit.edu (http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x83F5BD9E77DA3A9A)
Tuxavant
Hero Member
*****
Offline Offline

Activity: 756


Bitcoin Mayor of Las Vegas


View Profile WWW
March 30, 2012, 10:19:53 AM
 #6

I informed him of this post and recommended he give you a tip.

Please reply back if you get anything.

Generation Bitcoin | G+ | FB | Bitcoins In Vegas | CoinBus.com | TOR Exit Operator 1MVTPATVCKBMfALRHJsXpHfKJu7GyL7nAc
a nice guy
Newbie
*
Offline Offline

Activity: 27


View Profile
March 31, 2012, 03:52:38 PM
 #7

Hello,

I got a mail from the CEO, clarifying things.
As it seems the developer of the site made a really quick and dirty job.

As it seems this all was a false warning.

kind regards,
a nice guy

1PqBH6NWFBhbVF7Srw5ZYGtmLcya1aaw9g
security audits (http://bitcointalk.org/index.php?topic=75684)
pgp: 0x77DA3A9A @ pgp.mit.edu (http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x83F5BD9E77DA3A9A)
Tuxavant
Hero Member
*****
Offline Offline

Activity: 756


Bitcoin Mayor of Las Vegas


View Profile WWW
March 31, 2012, 03:56:51 PM
 #8

Thanks for giving us an update and restating your opinion of the site. perhaps you could adjust the title?

Generation Bitcoin | G+ | FB | Bitcoins In Vegas | CoinBus.com | TOR Exit Operator 1MVTPATVCKBMfALRHJsXpHfKJu7GyL7nAc
a nice guy
Newbie
*
Offline Offline

Activity: 27


View Profile
March 31, 2012, 04:01:15 PM
 #9

Thanks for giving us an update and restating your opinion of the site. perhaps you could adjust the title?

Sorry, forgot about that.
It's now changed.


kind regards,
a nice guy

1PqBH6NWFBhbVF7Srw5ZYGtmLcya1aaw9g
security audits (http://bitcointalk.org/index.php?topic=75684)
pgp: 0x77DA3A9A @ pgp.mit.edu (http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x83F5BD9E77DA3A9A)
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!