drm
Legendary
Offline
Activity: 1176
Merit: 1005
|
|
December 16, 2014, 01:17:55 PM |
|
whatever is needed is needed, let the technology and innovation speak for this coin.
|
|
|
|
StonerStanley
|
|
December 16, 2014, 01:20:39 PM |
|
Everyone,
I just became aware of the hacking/backdoor issue while reading the backlog.
I'm truly sorry for everyone who suffered loss of OPAL.
I have a long background (15+ years) in the IT security field, and as it happens it was only couple of days ago when I was thinking that some new trust based system is required to protect the crypto scene against hacking such as the one that just hit OPAL. I do have some ideas regarding this that I'd be happy to try out with the OPAL team.
I've also been in touch with the chief of research of the Finnish anti-malware company F-Secure, proposing co-operation and hoping that they will get interested in coming up with solutions that will help crypto users secure their assets.
Yours,
Jyri -- Altcoin.Center
Dude, the protection for crypto users or desktop users is the same and will be the same.... because we already got a solution about crypto users -_- people need to learn how to use their fire-wall and HIPS, only that.... we can't create a scanner able to detect all malwares, peoples need to use a manual solution for check their downloaded files: FW + HIPS (eventually sandboxie / VMware) Now if you don't know how to use a fire-wall and HIPS, so keep using an Antivirus alone, but any kid can bypass it. This is why i posted this solution this night (but nobody share it.... people think is better to share a antivirus link, but antivirus suck.. this is why you are infected) For those who downloaded the malware:
Kill the process csrss.exe (the bigger) then directly kill windchp.exe
after it delete the startup key Win DHCP "windchp.exe" (use msconfig with command-line)
and delete file here: C:\Users\YOURNAME\AppData\Roaming\Windows\DCHP\ HERE IS MALWARES
You can also block this ip/port: 212.7.208.87:5604
So, it's useless to cry or rollback if nobody cares about my message, antivirus will do nothing for you about new malwares.
|
|
|
|
Voidlord
|
|
December 16, 2014, 02:01:30 PM |
|
Before voting, can somebody explain what a rollback will change ? -for the blockchain -for the hacked wallets -for the safe wallets -for the opals remaining on exchanges
clearly for me: i have a safe wallet (no malware) with opals staked, if a rollback occurs, do i loose all my opals ?
Many Thanks.
|
E=(ɔ)mc²
|
|
|
drm
Legendary
Offline
Activity: 1176
Merit: 1005
|
|
December 16, 2014, 02:12:24 PM |
|
everyone will have their opal back, some people will get refunded their btc for opal they bought during, since the trades dont "count".
|
|
|
|
DARKNE55
Full Member
Offline
Activity: 149
Merit: 100
Opal the future
|
|
December 16, 2014, 02:14:21 PM |
|
|
Official OpalCoin Dev Fund: BTC: 1PLnZntjhbwGJvLZnrkf5t9r9qh4yYcbYU OPAL: oW94MapZxD6WoKtjUK45QogZ6haXLqSQ4F
|
|
|
StonerStanley
|
|
December 16, 2014, 02:15:12 PM |
|
Before voting, can somebody explain what a rollback will change ? -for the blockchain -for the hacked wallets -for the safe wallets -for the opals remaining on exchange
clearly for me: i have a safe wallet (no malware) with opals staked, if a rollback occurs, do i loose all my opals ?
Many Thanks.
A rollback is like a backup/restore (is like the movie "back to the future" but you back to the past )
|
|
|
|
DARKNE55
Full Member
Offline
Activity: 149
Merit: 100
Opal the future
|
|
December 16, 2014, 02:17:33 PM |
|
Before voting, can somebody explain what a rollback will change ? -for the blockchain -for the hacked wallets -for the safe wallets -for the opals remaining on exchange
clearly for me: i have a safe wallet (no malware) with opals staked, if a rollback occurs, do i loose all my opals ?
Many Thanks.
A rollback is like a backup/restore (is like the film "back to the future" but you back to the past... ) Please read the previous posts before you make statements Users have to take the following into consideration should this rollback occur : If you lost coins due to the malicious attack, you will be refunded Any OPAL purchase with Bitcoin during this period will grant you a BTC refund.
|
Official OpalCoin Dev Fund: BTC: 1PLnZntjhbwGJvLZnrkf5t9r9qh4yYcbYU OPAL: oW94MapZxD6WoKtjUK45QogZ6haXLqSQ4F
|
|
|
DARKNE55
Full Member
Offline
Activity: 149
Merit: 100
Opal the future
|
|
December 16, 2014, 02:19:16 PM |
|
ANNOUNCEMENTDue to the recent issues that have occurred. It is required for Opal to continue to be a viable cryptocurrency a roll back of the block chain must occur. We will compensate all the exchanges involved repaying the lost BTC. However for this to move forward we require the consensus of the OPAL community. Therefore a vote will need to take place and will be live for the next 12 hours: https://docs.google.com/forms/d/1_ogq4xNJBUb3H49MH3cnMbqEufN-Ok_dHVSG7BksGKk/viewformWHAT DOES THIS MEAN IF THE ROLL BACK OCCURS?If you have lost any coins due to the malicious attack you will be refunded If you purchased any OPAL during this period you will be refunded with the BTC value of your purchase. Opal apologise for the inconvenience this has caused but we wish to put our Community first and will not be held to ransom by hackers. WARNING DO NOT DOWNLOAD ANY WALLETS UNLESS IT POSTED BY THIS ACCOUNT FROM THE OFFICIAL OPAL DOMAIN
|
Official OpalCoin Dev Fund: BTC: 1PLnZntjhbwGJvLZnrkf5t9r9qh4yYcbYU OPAL: oW94MapZxD6WoKtjUK45QogZ6haXLqSQ4F
|
|
|
StonerStanley
|
|
December 16, 2014, 02:19:23 PM |
|
Please read the previous posts before you make statements
Users have to take the following into consideration should this rollback occur :
If you lost coins due to the malicious attack, you will be refunded
Any OPAL purchase with Bitcoin during this period will grant you a BTC refund.
I know... but anyway you have to read/quote/rewrite me before post a link who will not really help the infected users. (just saying) For those who downloaded the malware:
Kill the process csrss.exe (the bigger) then directly kill windchp.exe
after it delete the startup key Win DHCP "windchp.exe" (use msconfig with command-line)
and delete file here: C:\Users\YOURNAME\AppData\Roaming\Windows\DCHP\ HERE IS MALWARES
You can also block this ip/port: 212.7.208.87:5604
|
|
|
|
litec0ins
Newbie
Offline
Activity: 64
Merit: 0
|
|
December 16, 2014, 02:25:26 PM Last edit: March 09, 2018, 08:11:35 PM by litec0ins |
|
Stonerstanley, i had already scanned with anti malwarebytes and removed it with tha, ive also used combofix. then i saw your post.
there is only 1 process csrss running, and i cant stop the process, denied. the startup key isnt there either and the dhcp wasnt there either
i assume malwarebytes took care off it?
|
|
|
|
Coinler
|
|
December 16, 2014, 02:29:11 PM |
|
The hack is a very serious setback, but a rollback is certain death for OPAL. The hacker wants money, not 51% to kill OPAL
You can still get money by killing Opal as you dump (or double-spend attack) at the same time. Your logic is flawed. Also please stop referencing 51%, that is for Proof-of-work attacks, not Proof-of-stake, which needs much less. Reading your past posts, you sound like you either are the hacker, or know the hacker based on how hard you're fighting for him to keep his coins. Just my own personal opinion. they sound desperate. 100 bucks theyre the crooks.
|
|
|
|
StonerStanley
|
|
December 16, 2014, 02:32:05 PM Last edit: December 16, 2014, 02:56:19 PM by StonerStanley |
|
Stonerstanley, i had already scanned with anti malwarebytes and removed it with tha, ive also used combofix. then i saw your post.
there is only 1 process csrss running, and i cant stop the process, denied. the startup key isnt there either and the dhcp wasnt there either
i assume malwarebytes took care off it?
Is possible i'm going to see. He post a Maiacoin wallet infected also. EDIT: malwares bytes detect the malware as "Backdoor.Agent.SBFGen"
|
|
|
|
Voidlord
|
|
December 16, 2014, 02:49:58 PM |
|
ok, with these inputs, and as i dont see why a rollback can kill a coin.
i will vote for a rollback.
|
E=(ɔ)mc²
|
|
|
litec0ins
Newbie
Offline
Activity: 64
Merit: 0
|
|
December 16, 2014, 02:56:26 PM |
|
Ok stanley so malwarebytes can fix it. thank you for confirming.
|
|
|
|
coolcash
Newbie
Offline
Activity: 30
Merit: 0
|
|
December 16, 2014, 03:29:08 PM |
|
To those who were robbed, was your wallets encrypted? Was only opal the target, or you lost other wallets too? To the dev team, is it possible to integrate updates inwallet? So wallet notify you about update, and either does it automatic or show the correct download link. Not sure a rollback will do any good atm...
Some wallets were encrypted, but the malware installed keyloggers. As we researched the post, we found that the user had posted other links for other wallets. The users malware stole other wallet.dat files and logged keys. Including online accounts. Opal's servers or source was never compromised, it was just a faked post to include the users links instead. I think for right now we are just going to change our process for releasing new wallets. We will point the community to our website or github directly to download. Thanks, CoolCash
|
|
|
|
jelt14
|
|
December 16, 2014, 04:17:44 PM |
|
roll it back make it right,second chances are made daily this will only make opal stronger in which I support OPAL
|
|
|
|
PhilipMorris
|
|
December 16, 2014, 04:19:22 PM |
|
ok, with these inputs, and as i dont see why a rollback can kill a coin.
i will vote for a rollback.
People will lose faith in Opal. If they roll back the blockchain on every issue that occurs, it will make Opal look highly centralized. The opposit is what we are all here for. P2p decentralized currency. I think a rollback will hurt Opal name & value very badly. If it happens, I can see Opal declining from 3000 satoshi to 300 satoshi in days/weeks. I really hope this doesnt happen. Like an other user said; We cant compensate for every human error. This is against the nature of P2p currency. I really hope the majority of the people here share this opinion, and vote NO in the google doc. But again, I feel sorry for the ones who lost coins. Maybe we can start a public donation address for them?
|
|
|
|
jelt14
|
|
December 16, 2014, 04:24:55 PM |
|
maybe but at this point the damage is done this is the only way they can make it right; bank account cards are hacked daily doesn't mean we will stop using them
|
|
|
|
PhilipMorris
|
|
December 16, 2014, 04:31:36 PM |
|
maybe but at this point the damage is done this is the only way they can make it right; bank account cards are hacked daily doesn't mean we will stop using them What damage? The only damage that's done is to a hand full of people who installed the malicious wallet. There are big holders of coins in every other coin, 20% or more even. I dont think 1 person with 17% can and WANTS to destroy Opal. This will be a hit for Opal, but I think we, as investors, (im a pretty large investor myself) will benefit more from no rollback.
|
|
|
|
OpalTeam (OP)
|
|
December 16, 2014, 04:33:39 PM |
|
OPAL PRESS RELEASE BLOCK CHAIN ROLLBACK Since its inception, OPAL has made significant strides to becoming a valuable asset to the cryptocoin community. An ambitious development team backed by a strong community has proven to be and will continue to be a cornerstone in the continued success of OPAL. With that being said, the OPAL team has found that a user made a malicious post within the OPAL ANN thread which included links to a manipulated version of the wallet. This wallet installs a backdoor which steals wallet.dat files from not only the OPAL wallet, but other cryptocoin wallets as well. Additionally, the user posted links to wallet downloads in other Bitcointalk threads. These downloads are also assumed to be malevolent. The hacker has stolen approximately 17% of the total OPAL coin supply, which is enough to attack the block chain. In light of this, a critical decision has been made by the community to roll back the blockchain, thereby eliminating the possibility of such an attack and to prevent further damage. The OPAL team thanks the community for acting promptly and supporting the continuing growth of OPAL. Please remember to only download wallets from the website www.opal-coin.com or download and complie the source yourself, which is available at https://github.com/OpalCoin/OpalCoin. If there are any questions or concerns, please contact the OPAL team at support@opal-coin.com or on the IRC channel freenode #opalcoin. The OPAL Team
|
|
|
|
|