LTCgear.com, the best scrypt/scrypt n/X11 cloud mining service, Not paying!!!

[kapetan]

i propose

login only with Https protocol !
https://ltcgear.com/

change login password and put something difficult
use a password generator or something

and of course change your btc and ltc wallet adreess lockdown will start
STATUS: Payment lockdown in action for another 22 hour(s)

monitor your shares if missing
and your btc and ltc address time to time for any changes

also consider mail password change (login only with Https protocol !)
dont open strange mails

and scan your pc with an antivirus for keyloggers or something suspicious
also consider second antivirus for extra security like HitmanPro , Panda Cloud Cleaner and Malwarebytes Anti-Malware

also we will wait for Chris announcement about this

[1714825333]

1714825333

[ThinkI]

The mass changing of the addresses, combined with no lockdown on the accounts point towards a direct database injection (also known as SQL Injection). Chris mentioned that he will be doing some migrating on the website, that of course includes databases migrating. I highly doubt this was malicious database injection and most likely the actuall reason is an error during the migration or some wrong command executed.

Yes the scale of the 'attack' suggests 3 options
1) Hacker using data injection as opper says.

2) Hacker with direct access to the database (data injection does not require direct access). This occurs when one or more of the software stack has been successfully attacked and the hacker can gain full control. Probably inserted control panel code into the admin section of the web site so he/she can do what ever he/she likes when he/she likes until it is removed. Given the software stack has probably not been upgraded for 2 years this is quite a likely scenario.

3) defaulting of the addresses by admin (deliberate or not)

For 1 and 2 Payment has to stop until the hack is removed. If Chris is working from a snap shot of the accounts then he can still payout this week but next week he has to fix the hack.

The hack is quite likely since the hacker has not been paid for his work yet. Lets hope its option 3, though, and its accidental.

[djm34]

The mass changing of the addresses, combined with no lockdown on the accounts point towards a direct database injection (also known as SQL Injection). Chris mentioned that he will be doing some migrating on the website, that of course includes databases migrating. I highly doubt this was malicious database injection and most likely the actuall reason is an error during the migration or some wrong command executed.

Yes the scale of the 'attack' suggests 3 options
1) Hacker using data injection as opper says.

2) Hacker with direct access to the database (data injection does not require direct access). This occurs when one or more of the software stack has been successfully attacked and the hacker can gain full control. Probably inserted control panel code into the admin section of the web site so he/she can do what ever he/she likes when he/she likes until it is removed. Given the software stack has probably not been upgraded for 2 years this is quite a likely scenario.

3) defaulting of the addresses by admin (deliberate or not)

For 1 and 2 Payment has to stop until the hack is removed. If Chris is working from a snap shot of the accounts then he can still payout this week but next week he has to fix the hack.

The hack is quite likely since the hacker has not been paid for his work yet. Lets hope its option 3, though, and its accidental.

not sure if the hacker scenario is plausible.
I have an account I created and never used, it has no share, never received any payment (so totally unknown from the outside), but still the btc address was changed (I had put a btc address) the ltc address which I left blank was left blank after the changed.
(As I didn't access this account last week, the account went into lock down when I logged in. )

So, unless the hacker have accessed to the full database, they wouldn't have any way of knowing and altering this account.
(unless I am mistaken on how they would proceed)
That's why I think it is Chris who reset somehow the accounts.

[dyask]

The mass changing of the addresses, combined with no lockdown on the accounts point towards a direct database injection (also known as SQL Injection). Chris mentioned that he will be doing some migrating on the website, that of course includes databases migrating. I highly doubt this was malicious database injection and most likely the actuall reason is an error during the migration or some wrong command executed.

Yes the scale of the 'attack' suggests 3 options
1) Hacker using data injection as opper says.

2) Hacker with direct access to the database (data injection does not require direct access). This occurs when one or more of the software stack has been successfully attacked and the hacker can gain full control. Probably inserted control panel code into the admin section of the web site so he/she can do what ever he/she likes when he/she likes until it is removed. Given the software stack has probably not been upgraded for 2 years this is quite a likely scenario.

3) defaulting of the addresses by admin (deliberate or not)

For 1 and 2 Payment has to stop until the hack is removed. If Chris is working from a snap shot of the accounts then he can still payout this week but next week he has to fix the hack.

The hack is quite likely since the hacker has not been paid for his work yet. Lets hope its option 3, though, and its accidental.

not sure if the hacker scenario is plausible.
I have an account I created and never used, it has no share, never received any payment (so totally unknown from the outside), but still the btc address was changed (I had put a btc address) the ltc address which I left blank was left blank after the changed.
(As I didn't access this account last week, the account went into lock down when I logged in. )

So, unless the hacker have accessed to the full database, they wouldn't have any way of knowing and altering this account.
(unless I am mistaken on how they would proceed)
That's why I think it is Chris who reset somehow the accounts.

Thanks for sharing, that is good to know.

[zerocoder]

Somebody changed my BTC and LTC addresses and we don't even know who this Chris guy is, we have no evidence to track that guy, we don't even have an address. So what will happen now, just re changed my btc and ltc addresses but that's bullshit. Seems like that ponzi collapse

[davidwpenny]

Somebody changed my BTC and LTC addresses and we don't even know who this Chris guy is, we have no evidence to track that guy, we don't even have an address. So what will happen now, just re changed my btc and ltc addresses but that's bullshit. Seems like that ponzi collapse

then get out while you can.

[ThinkI]

The mass changing of the addresses, combined with no lockdown on the accounts point towards a direct database injection (also known as SQL Injection). Chris mentioned that he will be doing some migrating on the website, that of course includes databases migrating. I highly doubt this was malicious database injection and most likely the actuall reason is an error during the migration or some wrong command executed.

Yes the scale of the 'attack' suggests 3 options
1) Hacker using data injection as opper says.

2) Hacker with direct access to the database (data injection does not require direct access). This occurs when one or more of the software stack has been successfully attacked and the hacker can gain full control. Probably inserted control panel code into the admin section of the web site so he/she can do what ever he/she likes when he/she likes until it is removed. Given the software stack has probably not been upgraded for 2 years this is quite a likely scenario.

3) defaulting of the addresses by admin (deliberate or not)

For 1 and 2 Payment has to stop until the hack is removed. If Chris is working from a snap shot of the accounts then he can still payout this week but next week he has to fix the hack.

The hack is quite likely since the hacker has not been paid for his work yet. Lets hope its option 3, though, and its accidental.

not sure if the hacker scenario is plausible.
I have an account I created and never used, it has no share, never received any payment (so totally unknown from the outside), but still the btc address was changed (I had put a btc address) the ltc address which I left blank was left blank after the changed.
(As I didn't access this account last week, the account went into lock down when I logged in. )

So, unless the hacker have accessed to the full database, they wouldn't have any way of knowing and altering this account.
(unless I am mistaken on how they would proceed)
That's why I think it is Chris who reset somehow the accounts.

Thanks for sharing, that is good to know.

On the other hand, changing all the addresses to false ones, is a good way to see which accounts are active and which are not. Active ones get their addresses updated and then get their payouts. Inactive accounts get ignored/ email sent to user to activate (change the address) again. Hacked accounts will not payout to hackers. The hackers, like us, have no idea what is going on.
 
Now that would be put a positive spin on the whole thing...

[david123]

Somebody changed my BTC and LTC addresses and we don't even know who this Chris guy is, we have no evidence to track that guy, we don't even have an address. So what will happen now, just re changed my btc and ltc addresses but that's bullshit. Seems like that ponzi collapse

then get out while you can.

I'm still buying at .000375

[blg42598]

Anyone want to buy 2 BTC worth of Asic shares? I really need 2 BTC.

[zerocoder]

Somebody changed my BTC and LTC addresses and we don't even know who this Chris guy is, we have no evidence to track that guy, we don't even have an address. So what will happen now, just re changed my btc and ltc addresses but that's bullshit. Seems like that ponzi collapse

then get out while you can.

I'm still buying at .000375

That's a nice offer. OK. So for 6000 shares you are going to pay 2.25 BTC am I right?

[david123]

I'll pm you

[jfabritz]

On the other hand, changing all the addresses to false ones, is a good way to see which accounts are active and which are not. Active ones get their addresses updated and then get their payouts. Inactive accounts get ignored/ email sent to user to activate (change the address) again. Hacked accounts will not payout to hackers. The hackers, like us, have no idea what is going on.
 
Now that would be put a positive spin on the whole thing...

Yes, that would be a slick way to determine which accounts are still being actively maintained. If he went back to auto-payout, any account with the 'default' addresses will get skipped for future review.

However, it would be good for Chris to send emails to everyone letting them know to go back and double-check their account.

[bones]

Ive still not been paid so logged into my account.

My payment address was changed, so I set it back to my address.
The one it was changed to was not a unused one, so not sure if Chris had anything to do with it or not.
It was   1Nigp9grmwYGyU3Qt8vsaKeaksEsf8bzcQ

At least my payment was not sent to that address so Im sure Ill get it in time.
How do you tell when your acc is in lockdown? I know mine should be, but I see no ticker / timer.

Happy holidays to you all.

[hashpower]

Maintenance
Posted on December 24, 2014 by Chris in Uncategorized

Web server will be place in maintenance mode for about one hour at 12:00 UTC.

I really wonder if this site will ever be back online again..........

i have fallen in a couple of ponzi schemes and i must admit this one looks as well although i really really hope i am wrong.
i have way to many shares to loose here.

[cagrund]

Hmm, Server is in "Short Maintenance" since 9:00 UTC.

[mm5aes]

Hmm, Server is in "Short Maintenance" since 9:00 UTC.

It's fine here? Must have missed it 

[copychicken]

if the database is messed...then its too difficult, to find a fast way of solving...it will probably take weeks to clear things out...

[ThinkI]

Going back to the instructions not to use TOR.

The only hackers interested in hacking TOR that I know of, are governments.

Anyone know any different?

[mm5aes]

Going back to the instructions not to use TOR.

The only hackers interested in hacking TOR that I know of, are governments.

Anyone know any different?

Use mr google to search for 'tor exit node vulnerability'
Here's a start.
http://hackertarget.com/tor-exit-node-visualization/

[pbleak]

Well it's past the downtime listed on the site. Anybody know what's up?