Bitcoin Forum
June 24, 2019, 08:24:03 PM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
 
   Home   Help Search Login Register More  
Poll
Question: Continue Anniversary Giveaway in spite of delays?
yes - 33 (76.7%)
no - 10 (23.3%)
Total Voters: 43

Pages: « 1 ... 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 [107] 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 ... 203 »
  Print  
Author Topic: ANN: [OPAL] | POS | Secure Messaging |NO ICO  (Read 372145 times)
This is a self-moderated topic. If you do not want to be moderated by the person who started this topic, create a new topic. (1 post by 1 user deleted.)
Voidlord
Sr. Member
****
Offline Offline

Activity: 308
Merit: 250



View Profile
December 16, 2014, 06:12:47 PM
 #2121


Malwares bytes already delete startup key / method, and malware files (otherwise h

"This Backdoor or another affiliated agent may reload itself after a remove"

If you remove the malware it can't reload. If a malware reload is because you do not kill the persistence (here the persistence was "csrss.exe", in the same folder as "windhcp.exe", and detected by malwares byte also)

This malware is not really smart Wink don't worry.

(combofix is helpful when some of your system files are corrupted, by malwares)

Ok, thanks StonerStanley, So during the corruption, the backdoor/the attacker can't install other malware/exploit ?


if yes my only advice (for corrupted wallets) will be "CHANGE ALL YOUR PASSWORDS".

E=(ɔ)mc²
1561407843
Hero Member
*
Offline Offline

Posts: 1561407843

View Profile Personal Message (Offline)

Ignore
1561407843
Reply with quote  #2

1561407843
Report to moderator
1561407843
Hero Member
*
Offline Offline

Posts: 1561407843

View Profile Personal Message (Offline)

Ignore
1561407843
Reply with quote  #2

1561407843
Report to moderator
COINSWITCH
Trade 300+ coins
No Login
No KYC
Get $5 on 1st order
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1561407843
Hero Member
*
Offline Offline

Posts: 1561407843

View Profile Personal Message (Offline)

Ignore
1561407843
Reply with quote  #2

1561407843
Report to moderator
1561407843
Hero Member
*
Offline Offline

Posts: 1561407843

View Profile Personal Message (Offline)

Ignore
1561407843
Reply with quote  #2

1561407843
Report to moderator
scam_exposer
Sr. Member
****
Offline Offline

Activity: 252
Merit: 250


Keeping People Honest - Don't Get Scammed


View Profile
December 16, 2014, 06:15:21 PM
 #2122

OPAL trading was halted several days ago on Poloniex; was that related to this attack?

This wasn't an attack.  It was users installing a backdoor on their computer allowing their wallet files to be taken.  

This has nothing to do with Opal the coin but restoring coins to users that did not protect their computers.  Rolling back the blockchain for user incompetence is idiotic.  



  

I fully support the rollback. If anyone can make this work, is the Opal dev's and community.

People, please scan your computers fully before the rollback takes place.

We have to design a procedure where someone's wallet.dat was stolen and it was not protected with a passphrase.  If we roll back, doesn't the hacker still have the privkeys to the addresses stored in the wallet.dat?

Let's do this patiently and methodically.

Yes

99.999999999999999999999999999999999999999999999999% of all ICO's are SCAMS
arniebaby
Sr. Member
****
Offline Offline

Activity: 279
Merit: 250


View Profile
December 16, 2014, 06:17:03 PM
 #2123

OPAL PRESS RELEASE BLOCK CHAIN ROLLBACK


   Since its inception, OPAL has made significant strides to becoming a valuable asset to the cryptocoin community. An ambitious development team backed by a strong community has proven to be and will continue to be a cornerstone in the continued success of OPAL. With that being said, the OPAL team has found that a user made a malicious post within the OPAL ANN thread which included links to a manipulated version of the wallet. This wallet installs a backdoor which steals wallet.dat files from not only the OPAL wallet, but other cryptocoin wallets as well. Additionally, the user posted links to wallet downloads in other Bitcointalk threads. These downloads are also assumed to be malevolent. The hacker has stolen approximately 17% of the total OPAL coin supply, which is enough to attack the block chain. In light of this, a critical decision has been made by the community to roll back the blockchain, thereby eliminating the possibility of such an attack and to prevent further damage. The OPAL team thanks the community for acting promptly and supporting the continuing growth of OPAL.

   Please remember to only download wallets from the website www.opal-coin.com or download and complie the source yourself, which is available at https://github.com/OpalCoin/OpalCoin.

If there are any questions or concerns, please contact the OPAL team at support@opal-coin.com or on the IRC channel freenode #opalcoin.

The OPAL Team


OK. Decision made. Timescales??

NARNIE-YYITR3-V6BVJ7-GGR5EO-GRIZZ2-WEMD4A-AAUD
NEM NEM NEM NEM NEM NEM NEM NEM NEM NEM
m30188
Newbie
*
Offline Offline

Activity: 40
Merit: 0


View Profile
December 16, 2014, 06:17:50 PM
 #2124

This wasn't an attack.  It was users installing a backdoor on their computer allowing their wallet files to be taken.  
I use the term "attacker" rather than "hacker". In my mind, the actions of an attacker is an attack.

And if the motive behind the attack was to harm OPAL, it was magnificently successful.
PhilipMorris
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250



View Profile
December 16, 2014, 06:19:27 PM
 #2125

This wasn't an attack.  It was users installing a backdoor on their computer allowing their wallet files to be taken.  
I use the term "attacker" rather than "hacker". In my mind, the actions of an attacker is an attack.

There was no attack on Opal. Scam_exposer is right, just user funds that have been taken. Sad enough though.
m30188
Newbie
*
Offline Offline

Activity: 40
Merit: 0


View Profile
December 16, 2014, 06:22:49 PM
 #2126

Alright, so what's the next move? Are we waiting on an OPAL client update for the rollback?
raimch89
Legendary
*
Offline Offline

Activity: 1171
Merit: 1000


View Profile
December 16, 2014, 06:24:37 PM
 #2127

why cryptsy not freezed?
scam_exposer
Sr. Member
****
Offline Offline

Activity: 252
Merit: 250


Keeping People Honest - Don't Get Scammed


View Profile
December 16, 2014, 06:28:48 PM
 #2128

This wasn't an attack.  It was users installing a backdoor on their computer allowing their wallet files to be taken.  
I use the term "attacker" rather than "hacker". In my mind, the actions of an attacker is an attack.

And if the motive behind the attack was to harm OPAL, it was magnificently successful.

The motive was to steal your coins and convert them to btc and then fiat.  There have been numerous attempts recently to hijack users computers with infected wallets.  Those were typically done with a new coin launch but it appears that they have switched tactics since people have become wise to the Windows wallet only ninja launches that idiots would jump on and run the infected wallet.

Opal was likely just chosen at random.  This should be a warning to all that you never run a wallet posted by anyone but the official representatives for that coin.

This is likely to be repeated with other coins because there is never a shortage of idiots out there and these scumbags know that.  Make sure that you don't just update wallets because it's posted in a thread.  Make sure that the person posting it is legitimate.  

99.999999999999999999999999999999999999999999999999% of all ICO's are SCAMS
PhilipMorris
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250



View Profile
December 16, 2014, 06:38:41 PM
 #2129

This wasn't an attack.  It was users installing a backdoor on their computer allowing their wallet files to be taken.  
I use the term "attacker" rather than "hacker". In my mind, the actions of an attacker is an attack.

And if the motive behind the attack was to harm OPAL, it was magnificently successful.

The motive was to steal your coins and convert them to btc and then fiat.  There have been numerous attempts recently to hijack users computers with infected wallets.  Those were typically done with a new coin launch but it appears that they have switched tactics since people have become wise to the Windows wallet only ninja launches that idiots would jump on and run the infected wallet.

Opal was likely just chosen at random.  This should be a warning to all that you never run a wallet posted by anyone but the official representatives for that coin.

This is likely to be repeated with other coins because there is never a shortage of idiots out there and these scumbags know that.  Make sure that you don't just update wallets because it's posted in a thread.  Make sure that the person posting it is legitimate.  

True, however the most important thing is: Don't keep your wallet encryption passwords anywhere near your PC. Even if a hacker was able to steal your wallet.dat file, he cannot grab the coins if he doesnt have the password. Ive heard about a program called keyscrambler, what it does is basically hide everything that you type. Keyloggers won't work for the hacker. Which is pretty important, incase you want to unlock your wallet for staking for example.
NoobKidOnTheBlock
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


FLY DONATION ADDRESS IN SIGNATURE


View Profile
December 16, 2014, 06:43:06 PM
 #2130

OPAL PRESS RELEASE BLOCK CHAIN ROLLBACK


   Since its inception, OPAL has made significant strides to becoming a valuable asset to the cryptocoin community. An ambitious development team backed by a strong community has proven to be and will continue to be a cornerstone in the continued success of OPAL. With that being said, the OPAL team has found that a user made a malicious post within the OPAL ANN thread which included links to a manipulated version of the wallet. This wallet installs a backdoor which steals wallet.dat files from not only the OPAL wallet, but other cryptocoin wallets as well. Additionally, the user posted links to wallet downloads in other Bitcointalk threads. These downloads are also assumed to be malevolent. The hacker has stolen approximately 17% of the total OPAL coin supply, which is enough to attack the block chain. In light of this, a critical decision has been made by the community to roll back the blockchain, thereby eliminating the possibility of such an attack and to prevent further damage. The OPAL team thanks the community for acting promptly and supporting the continuing growth of OPAL.

   Please remember to only download wallets from the website www.opal-coin.com or download and complie the source yourself, which is available at https://github.com/OpalCoin/OpalCoin.

If there are any questions or concerns, please contact the OPAL team at support@opal-coin.com or on the IRC channel freenode #opalcoin.

The OPAL Team


OK. Decision made. Timescales??
Okay I've downloaded the wallet from the website and it still says zero connections plus all my OPAL right now are on Bittrex but bittrex has OPAL disabled? Does this mean I'm gonna lose my coins? Or will I  still have them?

 

▇▇▇

▇▇


▇▇▇▇▇
▇▇▇▇▇
▇▇▇▇▇
▇▇▇▇▇
▇▇▇▇▇
▇▇▇▇▇
▇▇▇▇▇▇
...
............NoobKidOnThe.BLOCK.....
 
PhilipMorris
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250



View Profile
December 16, 2014, 06:45:23 PM
 #2131

OPAL PRESS RELEASE BLOCK CHAIN ROLLBACK


   Since its inception, OPAL has made significant strides to becoming a valuable asset to the cryptocoin community. An ambitious development team backed by a strong community has proven to be and will continue to be a cornerstone in the continued success of OPAL. With that being said, the OPAL team has found that a user made a malicious post within the OPAL ANN thread which included links to a manipulated version of the wallet. This wallet installs a backdoor which steals wallet.dat files from not only the OPAL wallet, but other cryptocoin wallets as well. Additionally, the user posted links to wallet downloads in other Bitcointalk threads. These downloads are also assumed to be malevolent. The hacker has stolen approximately 17% of the total OPAL coin supply, which is enough to attack the block chain. In light of this, a critical decision has been made by the community to roll back the blockchain, thereby eliminating the possibility of such an attack and to prevent further damage. The OPAL team thanks the community for acting promptly and supporting the continuing growth of OPAL.

   Please remember to only download wallets from the website www.opal-coin.com or download and complie the source yourself, which is available at https://github.com/OpalCoin/OpalCoin.

If there are any questions or concerns, please contact the OPAL team at support@opal-coin.com or on the IRC channel freenode #opalcoin.

The OPAL Team


OK. Decision made. Timescales??
Okay I've downloaded the wallet from the website and it still says zero connections plus all my OPAL right now are on Bittrex but bittrex has OPAL disabled? Does this mean I'm gonna lose my coins? Or will I  still have them?

Read up, all your questions have been answered.
DeckardKain
Newbie
*
Offline Offline

Activity: 34
Merit: 0


View Profile
December 16, 2014, 06:56:25 PM
 #2132

OPAL PRESS RELEASE BLOCK CHAIN ROLLBACK


   Since its inception, OPAL has made significant strides to becoming a valuable asset to the cryptocoin community. An ambitious development team backed by a strong community has proven to be and will continue to be a cornerstone in the continued success of OPAL. With that being said, the OPAL team has found that a user made a malicious post within the OPAL ANN thread which included links to a manipulated version of the wallet. This wallet installs a backdoor which steals wallet.dat files from not only the OPAL wallet, but other cryptocoin wallets as well. Additionally, the user posted links to wallet downloads in other Bitcointalk threads. These downloads are also assumed to be malevolent. The hacker has stolen approximately 17% of the total OPAL coin supply, which is enough to attack the block chain. In light of this, a critical decision has been made by the community to roll back the blockchain, thereby eliminating the possibility of such an attack and to prevent further damage. The OPAL team thanks the community for acting promptly and supporting the continuing growth of OPAL.

   Please remember to only download wallets from the website www.opal-coin.com or download and complie the source yourself, which is available at https://github.com/OpalCoin/OpalCoin.

If there are any questions or concerns, please contact the OPAL team at support@opal-coin.com or on the IRC channel freenode #opalcoin.

The OPAL Team


OK. Decision made. Timescales??
Okay I've downloaded the wallet from the website and it still says zero connections plus all my OPAL right now are on Bittrex but bittrex has OPAL disabled? Does this mean I'm gonna lose my coins? Or will I  still have them?

You wont lose any opal. And if you still lose contact opal team. They never  let their people fall.
NoobKidOnTheBlock
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


FLY DONATION ADDRESS IN SIGNATURE


View Profile
December 16, 2014, 07:11:02 PM
 #2133

OPAL PRESS RELEASE BLOCK CHAIN ROLLBACK


   Since its inception, OPAL has made significant strides to becoming a valuable asset to the cryptocoin community. An ambitious development team backed by a strong community has proven to be and will continue to be a cornerstone in the continued success of OPAL. With that being said, the OPAL team has found that a user made a malicious post within the OPAL ANN thread which included links to a manipulated version of the wallet. This wallet installs a backdoor which steals wallet.dat files from not only the OPAL wallet, but other cryptocoin wallets as well. Additionally, the user posted links to wallet downloads in other Bitcointalk threads. These downloads are also assumed to be malevolent. The hacker has stolen approximately 17% of the total OPAL coin supply, which is enough to attack the block chain. In light of this, a critical decision has been made by the community to roll back the blockchain, thereby eliminating the possibility of such an attack and to prevent further damage. The OPAL team thanks the community for acting promptly and supporting the continuing growth of OPAL.

   Please remember to only download wallets from the website www.opal-coin.com or download and complie the source yourself, which is available at https://github.com/OpalCoin/OpalCoin.

If there are any questions or concerns, please contact the OPAL team at support@opal-coin.com or on the IRC channel freenode #opalcoin.

The OPAL Team


OK. Decision made. Timescales??
Okay I've downloaded the wallet from the website and it still says zero connections plus all my OPAL right now are on Bittrex but bittrex has OPAL disabled? Does this mean I'm gonna lose my coins? Or will I  still have them?

You wont lose any opal. And if you still lose contact opal team. They never  let their people fall.
Okay thanks because I downloaded the wallet with exchange that the OPALTEAM posted here and it's not syncing and says that there is 0 connections and then on Bittrex it says OPAL is disabled? So if I wait a bit everything will be fixed and up and running again?

 

▇▇▇

▇▇


▇▇▇▇▇
▇▇▇▇▇
▇▇▇▇▇
▇▇▇▇▇
▇▇▇▇▇
▇▇▇▇▇
▇▇▇▇▇▇
...
............NoobKidOnThe.BLOCK.....
 
m30188
Newbie
*
Offline Offline

Activity: 40
Merit: 0


View Profile
December 16, 2014, 07:15:18 PM
 #2134

If I'm correct, everyone needs to run a new client that's confirming blocks on a new fork. Is that right?
bitdraw
Hero Member
*****
Offline Offline

Activity: 505
Merit: 500


View Profile
December 16, 2014, 07:21:49 PM
 #2135

If I'm correct, everyone needs to run a new client that's confirming blocks on a new fork. Is that right?

they update the client, make checkpoints everyone uses the new client and its done pretty much...

i think the harder part is managing all the refunds..
etoque
Legendary
*
Offline Offline

Activity: 1736
Merit: 1000


View Profile
December 16, 2014, 07:36:58 PM
 #2136

GOOD

so the faster you do the rollback,the faster we can continu the opal spread mission Smiley

Lets growth this coin !


Btw: Other saying it will be kill opal because centralisation. I want to say. Nop. Need to relax a bit and step back. There's nothing happen,look how many people have vote,no more than 150 lol. NXT was something other,VRC too,because it happen when everybody look at it,when they have a kind of massive addoption(still,far more than opal have now)

We have still only one way to go when you have a Super good dev team like this and we are close to #100 on CMC Smiley

there's no bug,no fork,no scam , only malicious link has been posted and some basic error happen. Not so dramatic(except for the 17% user) This coin still doing well guys Smiley
toldy
Full Member
***
Offline Offline

Activity: 214
Merit: 100


View Profile
December 16, 2014, 07:40:02 PM
 #2137

Here's a scenario that I'm wondering how we're going to address:

1. Bob has an OPAL wallet with 100,000 opal, that is not protected with a passphrase

2. He downloads a malware wallet, which copies his wallet.dat and forwards it to the hacker

3. The hacker empties this wallet and transfers his opal away and dumps the private key for "future use".

4. A roll back occurs

5. Bob now has 100,000 opal back in his wallet again

6. A few seconds later, the hacker empties this wallet again, because he has the private key from step #2

How are we going to circumvent this from occurring.

New venture: Your data in an real underground bunker. Interesting. http://tinyurl.com/msm8t3u
etoque
Legendary
*
Offline Offline

Activity: 1736
Merit: 1000


View Profile
December 16, 2014, 07:41:26 PM
 #2138

Everyone was infected need to do a nice clean up before oppening new wallet
StonerStanley
Sr. Member
****
Offline Offline

Activity: 369
Merit: 250



View Profile
December 16, 2014, 07:49:41 PM
 #2139


Malwares bytes already delete startup key / method, and malware files (otherwise h

"This Backdoor or another affiliated agent may reload itself after a remove"

If you remove the malware it can't reload. If a malware reload is because you do not kill the persistence (here the persistence was "csrss.exe", in the same folder as "windhcp.exe", and detected by malwares byte also)

This malware is not really smart Wink don't worry.

(combofix is helpful when some of your system files are corrupted, by malwares)

Ok, thanks StonerStanley, So during the corruption, the backdoor/the attacker can't install other malware/exploit ?


if yes my only advice (for corrupted wallets) will be "CHANGE ALL YOUR PASSWORDS".


As i know i didn't see anything able to make a update for load a new version of this malware.
No one file except the malware (wallet executable, not .dat) itself is corrupted/infected. So if you use malwares bytes is ok (i advise you combofix when no one other antivirus is able to repair your problem)

Give me your body if you are a cookie
toldy
Full Member
***
Offline Offline

Activity: 214
Merit: 100


View Profile
December 16, 2014, 07:51:46 PM
 #2140

Here's a scenario that I'm wondering how we're going to address:

1. Bob has an OPAL wallet with 100,000 opal, that is not protected with a passphrase

2. He downloads a malware wallet, which copies his wallet.dat and forwards it to the hacker

3. The hacker empties this wallet and transfers his opal away and dumps the private key for "future use".

4. A roll back occurs

5. Bob now has 100,000 opal back in his wallet again

6. A few seconds later, the hacker empties this wallet again, because he has the private key from step #2

How are we going to circumvent this from occurring.

I'll give you a possible solution to the scenario:

1. Opal team releases a new wallet, on a new chain, opal v2 with a 2.5 million premine.

2. The Opal v2 wallet has to be encrypted with a passphrase otherwise the wallet doesn't generate any addresses

3. Bob downloads this Opal v2 wallet, creates a passphrase, and generates a new address

4. Bob now gets in touch with the OpalTeam to verify he has keys to the original v1 wallet, and OpalTeam transfers the stolen coins from v1 (from the v2 premine) to his Opal v2 passphrase protected wallet.

Something like that..  Using bitcointalk forum names to prove identity could help this.. I don't know.

New venture: Your data in an real underground bunker. Interesting. http://tinyurl.com/msm8t3u
Pages: « 1 ... 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 [107] 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 ... 203 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!