Bitcoin Forum
March 24, 2017, 10:22:54 PM *
News: Latest stable version of Bitcoin Core: 0.14.0  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 [4]  All
  Print  
Author Topic: Bitcoin Bouny Hunter: Bitalo DDOS attacker discussion  (Read 10630 times)
nicehashdev
Sr. Member
****
Offline Offline

Activity: 280


View Profile
March 22, 2015, 01:38:43 PM
 #61

@DD4BC,

how about earning our bounty of 2 BTC with something CONSTRUCTIVE? Twice as much as the (initial) ransom you tried to extort ;-))

https://bitcointalk.org/index.php?topic=999414.new#new

Script kiddies do not know how to code, they only know how to use existing tools to create attacks. If they knew how to code, they would earn money with coding, not extortions.
1490394174
Hero Member
*
Offline Offline

Posts: 1490394174

View Profile Personal Message (Offline)

Ignore
1490394174
Reply with quote  #2

1490394174
Report to moderator
1490394174
Hero Member
*
Offline Offline

Posts: 1490394174

View Profile Personal Message (Offline)

Ignore
1490394174
Reply with quote  #2

1490394174
Report to moderator
1490394174
Hero Member
*
Offline Offline

Posts: 1490394174

View Profile Personal Message (Offline)

Ignore
1490394174
Reply with quote  #2

1490394174
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1490394174
Hero Member
*
Offline Offline

Posts: 1490394174

View Profile Personal Message (Offline)

Ignore
1490394174
Reply with quote  #2

1490394174
Report to moderator
1490394174
Hero Member
*
Offline Offline

Posts: 1490394174

View Profile Personal Message (Offline)

Ignore
1490394174
Reply with quote  #2

1490394174
Report to moderator
RocketSingh
Legendary
*
Offline Offline

Activity: 1064


View Profile
March 22, 2015, 11:23:26 PM
 #62

@DD4BC,

how about earning our bounty of 2 BTC with something CONSTRUCTIVE? Twice as much as the (initial) ransom you tried to extort ;-))

https://bitcointalk.org/index.php?topic=999414.new#new

Script kiddies do not know how to code, they only know how to use existing tools to create attacks. If they knew how to code, they would earn money with coding, not extortions.

How come those, who are using CloudFlare are vulnerable to this attack ? I think CloudFlare works well against DDOS ...is not it ?

Bitalo_Martin
Member
**
Offline Offline

Activity: 82



View Profile WWW
March 23, 2015, 12:34:29 AM
 #63

well the cloudflare can be passed when the real IP behind is identified via some tricks like mails etc.
nicehashdev
Sr. Member
****
Offline Offline

Activity: 280


View Profile
March 23, 2015, 01:27:41 PM
 #64

In our case, attacker simply targeted stratum IPs. There is no such service as CloudFlare for stratum and no ISP/provider can do null route of UDP therefore you cannot really fight 300gbps UDP flood.

It is not so hard to protect web server. You can move mail server to another server/IP.
RocketSingh
Legendary
*
Offline Offline

Activity: 1064


View Profile
March 24, 2015, 05:32:24 PM
 #65

well the cloudflare can be passed when the real IP behind is identified via some tricks like mails etc.

Generally mail server IPs remain different from web server IPs. But, I'm not sure whether attacking mail server also affects the web server in some way.

RocketSingh
Legendary
*
Offline Offline

Activity: 1064


View Profile
March 24, 2015, 05:33:33 PM
 #66

In our case, attacker simply targeted stratum IPs. There is no such service as CloudFlare for stratum and no ISP/provider can do null route of UDP therefore you cannot really fight 300gbps UDP flood.

It is not so hard to protect web server. You can move mail server to another server/IP.

So, how come someone protect his mail server ? I never heard Gmail to be down due to DDOS. There must be some way to hide the Mail Server IP as well...

defcon23
Legendary
*
Offline Offline

Activity: 1106


☯ DefCoins ☯


View Profile WWW
March 24, 2015, 06:14:04 PM
 #67

@DD4BC,

how about earning our bounty of 2 BTC with something CONSTRUCTIVE? Twice as much as the (initial) ransom you tried to extort ;-))

https://bitcointalk.org/index.php?topic=999414.new#new

Script kiddies do not know how to code, they only know how to use existing tools to create attacks. If they knew how to code, they would earn money with coding, not extortions.
+1  Cheesy




         ▄▄████████████████████████▀
      ▄████▀     ▀▀██████████████▀
   ▄█████▌          ████████████▄
  ███████            █████████████▄
 ████████           ▄███████████████
▐█████████▄▄      ▄███████████████▀
████████████████████████████████▀
████████████▀▀▀▀▀▀███████████████▄
 █████████          ███████████████▄
 ▐███████            ██████████████▀
   ██████           ▐████████████▀
    ▀█████         ▄████████████▄
       ▀█████▄▄▄▄█████████████████▄
           ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
ETHBITS

.
EXISTING EXCHANGE
UP TO 80% PROFIT SHARE
.
COPY PROFESSIONAL TRADERS
COPY TRADING EXCHANGE


nicehashdev
Sr. Member
****
Offline Offline

Activity: 280


View Profile
March 24, 2015, 07:47:45 PM
 #68

In our case, attacker simply targeted stratum IPs. There is no such service as CloudFlare for stratum and no ISP/provider can do null route of UDP therefore you cannot really fight 300gbps UDP flood.

It is not so hard to protect web server. You can move mail server to another server/IP.

So, how come someone protect his mail server ? I never heard Gmail to be down due to DDOS. There must be some way to hide the Mail Server IP as well...

Mail server is not so critical to protect. In worst case scenario, sending/receiving of mails will not work, which is not equal as crippling entire service. For attacker is usually not worth to attack only your mail server, because with such attack he doesn't gain much leverage.
RocketSingh
Legendary
*
Offline Offline

Activity: 1064


View Profile
March 25, 2015, 11:13:09 PM
 #69

In our case, attacker simply targeted stratum IPs. There is no such service as CloudFlare for stratum and no ISP/provider can do null route of UDP therefore you cannot really fight 300gbps UDP flood.

It is not so hard to protect web server. You can move mail server to another server/IP.

So, how come someone protect his mail server ? I never heard Gmail to be down due to DDOS. There must be some way to hide the Mail Server IP as well...

Mail server is not so critical to protect. In worst case scenario, sending/receiving of mails will not work, which is not equal as crippling entire service. For attacker is usually not worth to attack only your mail server, because with such attack he doesn't gain much leverage.

Is CloudFlare Free plan strong enough for DDOS protection ? If yes, is there any tuning in settings are required ?

snewman8771
Newbie
*
Offline Offline

Activity: 2


View Profile
June 05, 2015, 06:32:40 PM
 #70

Here is the full initial email communication. I will add more attack logfiles asap.                         
                                                                                                                                                                                                                                     
Delivered-To: martin@bitalo.com
Received: by 10.140.16.43 with SMTP id 40csp270558qga;
        Mon, 3 Nov 2014 06:33:55 -0800 (PST)
X-Received: by 10.60.68.108 with SMTP id v12mr602259oet.69.1415025235205;
        Mon, 03 Nov 2014 06:33:55 -0800 (PST)
Return-Path: <dd4bc@outlook.com>
Received: from SNT004-OMC1S8.hotmail.com (snt004-omc1s8.hotmail.com. [65.55.90.19])
        by mx.google.com with ESMTPS id 21si18495325oin.129.2014.11.03.06.33.53
        for <multiple recipients>
        (version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
        Mon, 03 Nov 2014 06:33:55 -0800 (PST)
Received-SPF: pass (google.com: domain of dd4bc@outlook.com designates 65.55.90.19 as permitted sender) client-ip=65.55.90.19;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of dd4bc@outlook.com designates 65.55.90.19 as permitted sender) smtp.mail=dd4bc@outlook.com;
       dmarc=pass (p=NONE dis=NONE) header.from=outlook.com
Received: from SNT146-W55 ([65.55.90.9]) by SNT004-OMC1S8.hotmail.com over TLS secured channel with Microsoft SMTPSVC(7.5.7601.22751);
    Mon, 3 Nov 2014 06:33:53 -0800
X-TMN: [IyzY3qwIBGGm2XlnVY5tp8RicYKI1Pj8]
X-Originating-Email: [dd4bc@outlook.com]
Message-ID: <SNT146-W55B111E126F9274BA539C3E9990@phx.gbl>
Return-Path: dd4bc@outlook.com
Content-Type: multipart/alternative;
   boundary="_991179ca-6b3d-4765-8753-5bcd7337b00c_"
From: DD4BC TEAM <dd4bc@outlook.com>
To: Martin Albert <martin@bitalo.com>
CC: "fabio@bitalo.com" <fabio@bitalo.com>, "antti@bitalo.com"
   <antti@bitalo.com>, "pawel@bitalo.com" <pawel@bitalo.com>, "mauro@bitalo.com"
   <mauro@bitalo.com>, "michael@bitalo.com" <michael@bitalo.com>,
   "isaac@bitalo.com" <isaac@bitalo.com>, "maciej@bitalo.com"
   <maciej@bitalo.com>, "lilia@bitalo.com" <lilia@bitalo.com>,
   "felix@bitalo.com" <felix@bitalo.com>, "peter@bitalo.com" <peter@bitalo.com>,
   "sebastian@bitalo.com" <sebastian@bitalo.com>, "trevin@bitalo.com"
   <trevin@bitalo.com>, "christian@bitalo.com" <christian@bitalo.com>,
   "michaelg@bitalo.com" <michaelg@bitalo.com>, "fabiob@bitalo.com"
   <fabiob@bitalo.com>, "support@bitalo.com" <support@bitalo.com>,
   "martin.albert@gmx.net" <martin.albert@gmx.net>
Subject: RE: DDOS ATTACK!
Date: Mon, 3 Nov 2014 15:33:53 +0100
Importance: Normal
In-Reply-To: <SNT146-W27EAE07C4902DE6896E211E99B0@phx.gbl>
References:
 <SNT146-W199CA9C530BBEE76D4BB1E99F0@phx.gbl>,<SNT146-W698F7ECDB0BFB431B9CFF0E99F0@phx.gbl>,<SNT146-W86C2E73DC98A683683AFC7E99F0@phx.gbl>,<SNT146-W83C2ACB65C5F2E0722AFDEE99F0@phx.gbl>,<SNT146-W947131BCC73C0BD6528E1E99C0@phx.gbl>,<SNT146-W37B7611425909EBDAE1E87E99D0@phx.gbl>,<SNT146-W722383831A32387AF3DEE9E99B0@phx.gbl>,<CAJobRfdW+46S2E5A9SJhXiy_wbJ+TSgK_H7HLPurdXyc4=o-FA@mail.gmail.com>,<SNT146-W95268ECC0E0271350B6C3AE99B0@phx.gbl>,<SNT146-W14B29293D971DA042CFA42E99B0@phx.gbl>,<SNT146-W27EAE07C4902DE6896E211E99B0@phx.gbl>
MIME-Version: 1.0
X-OriginalArrivalTime: 03 Nov 2014 14:33:53.0817 (UTC) FILETIME=[3157C890:01CFF773]

--_991179ca-6b3d-4765-8753-5bcd7337b00c_
Content-Type: text/plain; charset="iso-8859-2"
Content-Transfer-Encoding: quoted-printable

Let me know if you are interested.=20

From: dd4bc@outlook.com
To: martin@bitalo.com
CC: fabio@bitalo.com=3B antti@bitalo.com=3B pawel@bitalo.com=3B mauro@bital=
o.com=3B michael@bitalo.com=3B isaac@bitalo.com=3B maciej@bitalo.com=3B lil=
ia@bitalo.com=3B felix@bitalo.com=3B peter@bitalo.com=3B sebastian@bitalo.c=
om=3B trevin@bitalo.com=3B christian@bitalo.com=3B michaelg@bitalo.com=3B f=
abiob@bitalo.com=3B support@bitalo.com=3B martin.albert@gmx.net
Subject: RE: DDOS ATTACK!
Date: Sat=2C 1 Nov 2014 13:47:16 +0100

=0A=
=0A=
=0A=
To end this and because I'm in a good mood today=2C I will offer you a disc=
ounted price of 0.5 BTC=2C so we end this and I move further.

If yes: 17aLGgw8AwJdqiBtMMG1QtQJgNQQkiyEsp

If not=2C this is my last email to you and we will both be doing what we mu=
st...


From: dd4bc@outlook.com
To: martin@bitalo.com
Subject: RE: DDOS ATTACK!
Date: Sat=2C 1 Nov 2014 12:59:43 +0100

=0A=
=0A=
=0A=
Let me go back to important part:

In a first mail I have told you that I'm offering info how to properly prot=
ect your site. And that's true.

I'm not script kiddie and I know how this works=2C I can bypass =0A=
almost any protection (except Prolexic)=2C because I know every protection=
=0A=
 and their weaknesses - I'm regulary DDoS-ing sites behind CloudFlare and I=
ncapsula=2C Blacklotus=2C Staminus and OVH.

I know what I can't bypass and if I can't - nobody can.=20

When I say info how to properly setup=2C I mean how to do it for a good pri=
ce. Yes=2C you can always go for Prolexic and pay 10K per month.

From: dd4bc@outlook.com
To: martin@bitalo.com
Subject: RE: DDOS ATTACK!
Date: Sat=2C 1 Nov 2014 12:39:33 +0100

=0A=
=0A=
=0A=
OMG=2C no! That hurts!

What am I going to do if I lose my Outlook account... LOL.=20


You know what's funny?

This morning I dreamed that somebody=2C somehow=2C found  my real name and =
published it in a press release... And there was my name all over the Inter=
net... When I woke up=2C I laughed.

Because it's possible only in a dream. Smiley

DDoS attacks are impossible to trace back to origin. You can try over email=
 logins like you are doing=2C but there are two things:

- Microsoft will not give you my IPs just like that. You need to report me =
to your local police in Finland=2C then THEY must ask for my login directly=
 from Microsoft or through FBI.

- Once they (and IF=2C because they probably won't care) get my login IPs=
=2C they will point to TOR...


And third=2C probably most important=2C you are not helping yourself doing =
this. Smiley


Date: Sat=2C 1 Nov 2014 12:58:11 +0200
Subject: Fwd: DDOS ATTACK!
From: martin@bitalo.com
To: dd4bc@outlook.com=3B abuse@Outlook.com

Dear outlook team=2C
we want to report a criminal abuse of your mail system (see mail below) and=
 would like to request all login data from the user so that we can forward =
these to the local police authorities
---------- Forwarded message ----------
From: DD4BC TEAM <dd4bc@outlook.com>
Date: Sat=2C Nov 1=2C 2014 at 4:57 AM
Subject: DDOS ATTACK!
To: "martin@bitalo.com" <martin@bitalo.com>=2C "fabio@bitalo.com" <fabio@bi=
talo.com>=2C "antti@bitalo.com" <antti@bitalo.com>=2C "pawel@bitalo.com" <p=
awel@bitalo.com>=2C "mauro@bitalo.com" <mauro@bitalo.com>=2C "michael@bital=
o.com" <michael@bitalo.com>=2C "isaac@bitalo.com" <isaac@bitalo.com>=2C "ma=
ciej@bitalo.com" <maciej@bitalo.com>=2C "lilia@bitalo.com" <lilia@bitalo.co=
m>=2C "felix@bitalo.com" <felix@bitalo.com>=2C "peter@bitalo.com" <peter@bi=
talo.com>=2C "sebastian@bitalo.com" <sebastian@bitalo.com>=2C "trevin@bital=
o.com" <trevin@bitalo.com>=2C "christian@bitalo.com" <christian@bitalo.com>=
=2C "michaelg@bitalo.com" <michaelg@bitalo.com>=2C "fabiob@bitalo.com" <fab=
iob@bitalo.com>=2C "support@bitalo.com" <support@bitalo.com>=2C "martin.alb=
ert@gmx.net" <martin.albert@gmx.net>


=0A=
=0A=
=0A=

=0A=
=0A=
=0A=
=0A=
=0A=

HelloYour site is extremely vulnerable to ddos attacks.I want to offer you =
info how to properly setup your protection=2C so that you can't be ddosed!M=
y price is 1 Bitcoin only.Right now I will star small (very small) attack w=
hich will not crash your server=2C but you should notice it in logs. Just c=
heck it.I want to offer you  info on how I did it and what you have to do t=
o prevent it. If interested pay me 1 BTC to 17aLGgw8AwJdqiBtMMG1QtQJgNQQkiy=
EspThank you.    =20
=0A=
                                            =0A=

                                                                                        =

--_991179ca-6b3d-4765-8753-5bcd7337b00c_
Content-Type: text/html; charset="iso-8859-2"
Content-Transfer-Encoding: quoted-printable

<html>
<head>
<style><!--
.hmmessage P
{
margin:0px=3B
padding:0px
}
body.hmmessage
{
font-size: 12pt=3B
font-family:Calibri
}
--></style></head>
<body class=3D'hmmessage'><div dir=3D'ltr'>Let me know if you are intereste=
d. <br><br><div><hr id=3D"stopSpelling">From: dd4bc@outlook.com<br>To: mart=
in@bitalo.com<br>CC: fabio@bitalo.com=3B antti@bitalo.com=3B pawel@bitalo.c=
om=3B mauro@bitalo.com=3B michael@bitalo.com=3B isaac@bitalo.com=3B maciej@=
bitalo.com=3B lilia@bitalo.com=3B felix@bitalo.com=3B peter@bitalo.com=3B s=
ebastian@bitalo.com=3B trevin@bitalo.com=3B christian@bitalo.com=3B michael=
g@bitalo.com=3B fabiob@bitalo.com=3B support@bitalo.com=3B martin.albert@gm=
x.net<br>Subject: RE: DDOS ATTACK!<br>Date: Sat=2C 1 Nov 2014 13:47:16 +010=
0<br><br>=0A=
=0A=
<style><!--=0A=
.ExternalClass .ecxhmmessage P {=0A=
padding:0px=3B=0A=
}=0A=
=0A=
.ExternalClass body.ecxhmmessage {=0A=
font-size:12pt=3B=0A=
font-family:Calibri=3B=0A=
}=0A=
=0A=
--></style>=0A=
<div dir=3D"ltr">To end this and because I'm in a good mood today=2C I will=
 offer you a discounted price of 0.5 BTC=2C so we end this and I move furth=
er.<br><br>If yes: 17aLGgw8AwJdqiBtMMG1QtQJgNQQkiyEsp<br><br>If not=2C this=
 is my last email to you and we will both be doing what we must...<br><span=
 style=3D"color:rgb(51=2C51=2C51)=3Bfont-family:'Helvetica Neue'=2CHelvetic=
a=2CArial=2Csans-serif=3Bfont-size:14px=3Bfont-style:normal=3Bfont-variant:=
normal=3Bfont-weight:normal=3Bletter-spacing:normal=3Bline-height:21.875px=
=3Btext-align:start=3Btext-indent:0px=3Btext-transform:none=3Bwhite-space:n=
ormal=3Bword-spacing:0px=3Bdisplay:inline !important=3Bbackground-color:rgb=
(250=2C250=2C250)=3B"><br></span><br><div><hr id=3D"ecxstopSpelling">From: =
dd4bc@outlook.com<br>To: martin@bitalo.com<br>Subject: RE: DDOS ATTACK!<br>=
Date: Sat=2C 1 Nov 2014 12:59:43 +0100<br><br>=0A=
=0A=
<style><!--=0A=
.ExternalClass .ecxhmmessage P {=0A=
padding:0px=3B=0A=
}=0A=
=0A=
.ExternalClass body.ecxhmmessage {=0A=
font-size:12pt=3B=0A=
font-family:Calibri=3B=0A=
}=0A=
=0A=
=0A=
--></style>=0A=
<div dir=3D"ltr">Let me go back to important part:<br><br>In a first mail I=
 have told you that I'm offering info how to properly protect your site. An=
d that's true.<br><br>I'm not script kiddie and I know how this works=2C I =
can bypass =0A=
almost any protection (except Prolexic)=2C because I know every protection=
=0A=
 and their weaknesses - I'm regulary DDoS-ing sites behind CloudFlare and I=
ncapsula=2C Blacklotus=2C Staminus and OVH.<br><br>I know what I can't bypa=
ss and if I can't - nobody can. <br><br>When I say info how to properly set=
up=2C I mean how to do it for a good price. Yes=2C you can always go for Pr=
olexic and pay 10K per month.<br><br><div><hr id=3D"ecxstopSpelling">From: =
dd4bc@outlook.com<br>To: martin@bitalo.com<br>Subject: RE: DDOS ATTACK!<br>=
Date: Sat=2C 1 Nov 2014 12:39:33 +0100<br><br>=0A=
=0A=
<style><!--=0A=
.ExternalClass .ecxhmmessage P {=0A=
padding:0px=3B=0A=
}=0A=
=0A=
.ExternalClass body.ecxhmmessage {=0A=
font-size:12pt=3B=0A=
font-family:Calibri=3B=0A=
}=0A=
=0A=
=0A=
--></style>=0A=
<div dir=3D"ltr">OMG=2C no! That hurts!<br><br>What am I going to do if I l=
ose my Outlook account... LOL. <br><br><br>You know what's funny?<br><br>Th=
is morning I dreamed that somebody=2C somehow=2C found&nbsp=3B my real name=
 and published it in a press release... And there was my name all over the =
Internet... When I woke up=2C I laughed.<br><br>Because it's possible only =
in a dream. Smiley<br><br>DDoS attacks are impossible to trace back to origin. =
You can try over email logins like you are doing=2C but there are two thing=
s:<br><br>- Microsoft will not give you my IPs just like that. You need to =
report me to your local police in Finland=2C then THEY must ask for my logi=
n directly from Microsoft or through FBI.<br><br>- Once they (and IF=2C bec=
ause they probably won't care) get my login IPs=2C they will point to TOR..=
.<br><br><br>And third=2C probably most important=2C you are not helping yo=
urself doing this. Smiley<br><br><br><div><hr id=3D"ecxstopSpelling">Date: Sat=
=2C 1 Nov 2014 12:58:11 +0200<br>Subject: Fwd: DDOS ATTACK!<br>From: martin=
@bitalo.com<br>To: dd4bc@outlook.com=3B abuse@Outlook.com<br><br><div dir=
=3D"ltr"><div>Dear outlook team=2C</div><div><br></div><div>we want to repo=
rt a criminal abuse of your mail system (see mail below) and would like to =
request all login data from the user so that we can forward these to the lo=
cal police authorities</div><br><div class=3D"ecxgmail_quote">---------- Fo=
rwarded message ----------<br>From: <b class=3D"ecxgmail_sendername">DD4BC =
TEAM</b> <span dir=3D"ltr">&lt=3B<a href=3D"mailto:dd4bc@outlook.com">dd4bc=
@outlook.com</a>&gt=3B</span><br>Date: Sat=2C Nov 1=2C 2014 at 4:57 AM<br>S=
ubject: DDOS ATTACK!<br>To: "<a href=3D"mailto:martin@bitalo.com">martin@bi=
talo.com</a>" &lt=3B<a href=3D"mailto:martin@bitalo.com">martin@bitalo.com<=
/a>&gt=3B=2C "<a href=3D"mailto:fabio@bitalo.com">fabio@bitalo.com</a>" &lt=
=3B<a href=3D"mailto:fabio@bitalo.com">fabio@bitalo.com</a>&gt=3B=2C "<a hr=
ef=3D"mailto:antti@bitalo.com">antti@bitalo.com</a>" &lt=3B<a href=3D"mailt=
o:antti@bitalo.com">antti@bitalo.com</a>&gt=3B=2C "<a href=3D"mailto:pawel@=
bitalo.com">pawel@bitalo.com</a>" &lt=3B<a href=3D"mailto:pawel@bitalo.com"=
>pawel@bitalo.com</a>&gt=3B=2C "<a href=3D"mailto:mauro@bitalo.com">mauro@b=
italo.com</a>" &lt=3B<a href=3D"mailto:mauro@bitalo.com">mauro@bitalo.com</=
a>&gt=3B=2C "<a href=3D"mailto:michael@bitalo.com">michael@bitalo.com</a>" =
&lt=3B<a href=3D"mailto:michael@bitalo.com">michael@bitalo.com</a>&gt=3B=2C=
 "<a href=3D"mailto:isaac@bitalo.com">isaac@bitalo.com</a>" &lt=3B<a href=
=3D"mailto:isaac@bitalo.com">isaac@bitalo.com</a>&gt=3B=2C "<a href=3D"mail=
to:maciej@bitalo.com">maciej@bitalo.com</a>" &lt=3B<a href=3D"mailto:maciej=
@bitalo.com">maciej@bitalo.com</a>&gt=3B=2C "<a href=3D"mailto:lilia@bitalo=
.com">lilia@bitalo.com</a>" &lt=3B<a href=3D"mailto:lilia@bitalo.com">lilia=
@bitalo.com</a>&gt=3B=2C "<a href=3D"mailto:felix@bitalo.com">felix@bitalo.=
com</a>" &lt=3B<a href=3D"mailto:felix@bitalo.com">felix@bitalo.com</a>&gt=
=3B=2C "<a href=3D"mailto:peter@bitalo.com">peter@bitalo.com</a>" &lt=3B<a =
href=3D"mailto:peter@bitalo.com">peter@bitalo.com</a>&gt=3B=2C "<a href=3D"=
mailto:sebastian@bitalo.com">sebastian@bitalo.com</a>" &lt=3B<a href=3D"mai=
lto:sebastian@bitalo.com">sebastian@bitalo.com</a>&gt=3B=2C "<a href=3D"mai=
lto:trevin@bitalo.com">trevin@bitalo.com</a>" &lt=3B<a href=3D"mailto:trevi=
n@bitalo.com">trevin@bitalo.com</a>&gt=3B=2C "<a href=3D"mailto:christian@b=
italo.com">christian@bitalo.com</a>" &lt=3B<a href=3D"mailto:christian@bita=
lo.com">christian@bitalo.com</a>&gt=3B=2C "<a href=3D"mailto:michaelg@bital=
o.com">michaelg@bitalo.com</a>" &lt=3B<a href=3D"mailto:michaelg@bitalo.com=
">michaelg@bitalo.com</a>&gt=3B=2C "<a href=3D"mailto:fabiob@bitalo.com">fa=
biob@bitalo.com</a>" &lt=3B<a href=3D"mailto:fabiob@bitalo.com">fabiob@bita=
lo.com</a>&gt=3B=2C "<a href=3D"mailto:support@bitalo.com">support@bitalo.c=
om</a>" &lt=3B<a href=3D"mailto:support@bitalo.com">support@bitalo.com</a>&=
gt=3B=2C "<a href=3D"mailto:martin.albert@gmx.net">martin.albert@gmx.net</a=
>" &lt=3B<a href=3D"mailto:martin.albert@gmx.net">martin.albert@gmx.net</a>=
&gt=3B<br><br><br>=0A=
=0A=
=0A=
<div><div dir=3D"ltr"><br>=0A=
=0A=
=0A=
<div><div dir=3D"ltr">=0A=
=0A=
<div dir=3D"ltr"><br><span style=3D"color:rgb(51=2C51=2C51)=3Bfont-family:'=
Helvetica Neue'=2CHelvetica=2CArial=2Csans-serif=3Bfont-size:14px=3Bfont-st=
yle:normal=3Bfont-variant:normal=3Bfont-weight:normal=3Bletter-spacing:norm=
al=3Bline-height:21.875px=3Btext-align:start=3Btext-indent:0px=3Btext-trans=
form:none=3Bwhite-space:normal=3Bword-spacing:0px=3Bdisplay:inline !importa=
nt=3Bbackground-color:rgb(250=2C250=2C250)=3B">Hello</span><br style=3D"col=
or:rgb(51=2C51=2C51)=3Bfont-family:'Helvetica Neue'=2CHelvetica=2CArial=2Cs=
ans-serif=3Bfont-size:14px=3Bfont-style:normal=3Bfont-variant:normal=3Bfont=
-weight:normal=3Bletter-spacing:normal=3Bline-height:21.875px=3Btext-align:=
start=3Btext-indent:0px=3Btext-transform:none=3Bwhite-space:normal=3Bword-s=
pacing:0px=3Bbackground-color:rgb(250=2C250=2C250)=3B"><br style=3D"color:r=
gb(51=2C51=2C51)=3Bfont-family:'Helvetica Neue'=2CHelvetica=2CArial=2Csans-=
serif=3Bfont-size:14px=3Bfont-style:normal=3Bfont-variant:normal=3Bfont-wei=
ght:normal=3Bletter-spacing:normal=3Bline-height:21.875px=3Btext-align:star=
t=3Btext-indent:0px=3Btext-transform:none=3Bwhite-space:normal=3Bword-spaci=
ng:0px=3Bbackground-color:rgb(250=2C250=2C250)=3B"><span style=3D"color:rgb=
(51=2C51=2C51)=3Bfont-family:'Helvetica Neue'=2CHelvetica=2CArial=2Csans-se=
rif=3Bfont-size:14px=3Bfont-style:normal=3Bfont-variant:normal=3Bfont-weigh=
t:normal=3Bletter-spacing:normal=3Bline-height:21.875px=3Btext-align:start=
=3Btext-indent:0px=3Btext-transform:none=3Bwhite-space:normal=3Bword-spacin=
g:0px=3Bdisplay:inline !important=3Bbackground-color:rgb(250=2C250=2C250)=
=3B">Your site is extremely vulnerable to ddos attacks.</span><br style=3D"=
color:rgb(51=2C51=2C51)=3Bfont-family:'Helvetica Neue'=2CHelvetica=2CArial=
=2Csans-serif=3Bfont-size:14px=3Bfont-style:normal=3Bfont-variant:normal=3B=
font-weight:normal=3Bletter-spacing:normal=3Bline-height:21.875px=3Btext-al=
ign:start=3Btext-indent:0px=3Btext-transform:none=3Bwhite-space:normal=3Bwo=
rd-spacing:0px=3Bbackground-color:rgb(250=2C250=2C250)=3B"><br style=3D"col=
or:rgb(51=2C51=2C51)=3Bfont-family:'Helvetica Neue'=2CHelvetica=2CArial=2Cs=
ans-serif=3Bfont-size:14px=3Bfont-style:normal=3Bfont-variant:normal=3Bfont=
-weight:normal=3Bletter-spacing:normal=3Bline-height:21.875px=3Btext-align:=
start=3Btext-indent:0px=3Btext-transform:none=3Bwhite-space:normal=3Bword-s=
pacing:0px=3Bbackground-color:rgb(250=2C250=2C250)=3B"><span style=3D"color=
:rgb(51=2C51=2C51)=3Bfont-family:'Helvetica Neue'=2CHelvetica=2CArial=2Csan=
s-serif=3Bfont-size:14px=3Bfont-style:normal=3Bfont-variant:normal=3Bfont-w=
eight:normal=3Bletter-spacing:normal=3Bline-height:21.875px=3Btext-align:st=
art=3Btext-indent:0px=3Btext-transform:none=3Bwhite-space:normal=3Bword-spa=
cing:0px=3Bdisplay:inline !important=3Bbackground-color:rgb(250=2C250=2C250=
)=3B">I want to offer you info how to properly setup your protection=2C so =
that you can't be ddosed!</span><br style=3D"color:rgb(51=2C51=2C51)=3Bfont=
-family:'Helvetica Neue'=2CHelvetica=2CArial=2Csans-serif=3Bfont-size:14px=
=3Bfont-style:normal=3Bfont-variant:normal=3Bfont-weight:normal=3Bletter-sp=
acing:normal=3Bline-height:21.875px=3Btext-align:start=3Btext-indent:0px=3B=
text-transform:none=3Bwhite-space:normal=3Bword-spacing:0px=3Bbackground-co=
lor:rgb(250=2C250=2C250)=3B"><span style=3D"color:rgb(51=2C51=2C51)=3Bfont-=
family:'Helvetica Neue'=2CHelvetica=2CArial=2Csans-serif=3Bfont-size:14px=
=3Bfont-style:normal=3Bfont-variant:normal=3Bfont-weight:normal=3Bletter-sp=
acing:normal=3Bline-height:21.875px=3Btext-align:start=3Btext-indent:0px=3B=
text-transform:none=3Bwhite-space:normal=3Bword-spacing:0px=3Bdisplay:inlin=
e !important=3Bbackground-color:rgb(250=2C250=2C250)=3B">My price is 1 Bitc=
oin only.</span><br style=3D"color:rgb(51=2C51=2C51)=3Bfont-family:'Helveti=
ca Neue'=2CHelvetica=2CArial=2Csans-serif=3Bfont-size:14px=3Bfont-style:nor=
mal=3Bfont-variant:normal=3Bfont-weight:normal=3Bletter-spacing:normal=3Bli=
ne-height:21.875px=3Btext-align:start=3Btext-indent:0px=3Btext-transform:no=
ne=3Bwhite-space:normal=3Bword-spacing:0px=3Bbackground-color:rgb(250=2C250=
=2C250)=3B"><br style=3D"color:rgb(51=2C51=2C51)=3Bfont-family:'Helvetica N=
eue'=2CHelvetica=2CArial=2Csans-serif=3Bfont-size:14px=3Bfont-style:normal=
=3Bfont-variant:normal=3Bfont-weight:normal=3Bletter-spacing:normal=3Bline-=
height:21.875px=3Btext-align:start=3Btext-indent:0px=3Btext-transform:none=
=3Bwhite-space:normal=3Bword-spacing:0px=3Bbackground-color:rgb(250=2C250=
=2C250)=3B"><span style=3D"color:rgb(51=2C51=2C51)=3Bfont-family:'Helvetica=
 Neue'=2CHelvetica=2CArial=2Csans-serif=3Bfont-size:14px=3Bfont-style:norma=
l=3Bfont-variant:normal=3Bfont-weight:normal=3Bletter-spacing:normal=3Bline=
-height:21.875px=3Btext-align:start=3Btext-indent:0px=3Btext-transform:none=
=3Bwhite-space:normal=3Bword-spacing:0px=3Bdisplay:inline !important=3Bback=
ground-color:rgb(250=2C250=2C250)=3B">Right now I will star small (very sma=
ll) attack which will not crash your server=2C but you should notice it in =
logs. Just check it.</span><br style=3D"color:rgb(51=2C51=2C51)=3Bfont-fami=
ly:'Helvetica Neue'=2CHelvetica=2CArial=2Csans-serif=3Bfont-size:14px=3Bfon=
t-style:normal=3Bfont-variant:normal=3Bfont-weight:normal=3Bletter-spacing:=
normal=3Bline-height:21.875px=3Btext-align:start=3Btext-indent:0px=3Btext-t=
ransform:none=3Bwhite-space:normal=3Bword-spacing:0px=3Bbackground-color:rg=
b(250=2C250=2C250)=3B"><br style=3D"color:rgb(51=2C51=2C51)=3Bfont-family:'=
Helvetica Neue'=2CHelvetica=2CArial=2Csans-serif=3Bfont-size:14px=3Bfont-st=
yle:normal=3Bfont-variant:normal=3Bfont-weight:normal=3Bletter-spacing:norm=
al=3Bline-height:21.875px=3Btext-align:start=3Btext-indent:0px=3Btext-trans=
form:none=3Bwhite-space:normal=3Bword-spacing:0px=3Bbackground-color:rgb(25=
0=2C250=2C250)=3B"><span style=3D"color:rgb(51=2C51=2C51)=3Bfont-family:'He=
lvetica Neue'=2CHelvetica=2CArial=2Csans-serif=3Bfont-size:14px=3Bfont-styl=
e:normal=3Bfont-variant:normal=3Bfont-weight:normal=3Bletter-spacing:normal=
=3Bline-height:21.875px=3Btext-align:start=3Btext-indent:0px=3Btext-transfo=
rm:none=3Bwhite-space:normal=3Bword-spacing:0px=3Bdisplay:inline !important=
=3Bbackground-color:rgb(250=2C250=2C250)=3B">I want to offer you&nbsp=3B in=
fo on how I did it and what you have to do to prevent it. If interested pay=
 me 1 BTC to 17aLGgw8AwJdqiBtMMG1QtQJgNQQkiyEsp</span><br style=3D"color:rg=
b(51=2C51=2C51)=3Bfont-family:'Helvetica Neue'=2CHelvetica=2CArial=2Csans-s=
erif=3Bfont-size:14px=3Bfont-style:normal=3Bfont-variant:normal=3Bfont-weig=
ht:normal=3Bletter-spacing:normal=3Bline-height:21.875px=3Btext-align:start=
=3Btext-indent:0px=3Btext-transform:none=3Bwhite-space:normal=3Bword-spacin=
g:0px=3Bbackground-color:rgb(250=2C250=2C250)=3B"><br style=3D"color:rgb(51=
=2C51=2C51)=3Bfont-family:'Helvetica Neue'=2CHelvetica=2CArial=2Csans-serif=
=3Bfont-size:14px=3Bfont-style:normal=3Bfont-variant:normal=3Bfont-weight:n=
ormal=3Bletter-spacing:normal=3Bline-height:21.875px=3Btext-align:start=3Bt=
ext-indent:0px=3Btext-transform:none=3Bwhite-space:normal=3Bword-spacing:0p=
x=3Bbackground-color:rgb(250=2C250=2C250)=3B"><br style=3D"color:rgb(51=2C5=
1=2C51)=3Bfont-family:'Helvetica Neue'=2CHelvetica=2CArial=2Csans-serif=3Bf=
ont-size:14px=3Bfont-style:normal=3Bfont-variant:normal=3Bfont-weight:norma=
l=3Bletter-spacing:normal=3Bline-height:21.875px=3Btext-align:start=3Btext-=
indent:0px=3Btext-transform:none=3Bwhite-space:normal=3Bword-spacing:0px=3B=
background-color:rgb(250=2C250=2C250)=3B"><span style=3D"color:rgb(51=2C51=
=2C51)=3Bfont-family:'Helvetica Neue'=2CHelvetica=2CArial=2Csans-serif=3Bfo=
nt-size:14px=3Bfont-style:normal=3Bfont-variant:normal=3Bfont-weight:normal=
=3Bletter-spacing:normal=3Bline-height:21.875px=3Btext-align:start=3Btext-i=
ndent:0px=3Btext-transform:none=3Bwhite-space:normal=3Bword-spacing:0px=3Bd=
isplay:inline !important=3Bbackground-color:rgb(250=2C250=2C250)=3B">Thank =
you. &nbsp=3B &nbsp=3B<span> <br></span></span></div>=0A=
                      </div></div>                      </div></div>=0A=
</div><br></div></div>                      </div></div>                      </div></div>           =
           </div></div>                      </div></body>
</html>=

--_991179ca-6b3d-4765-8753-5bcd7337b00c_--


The fact of the matter is:  You got what you deserved.  You programmed a website with vulnerabilities and vulnerabilities still exist in it according to a recent scan.  You are stupid, bitcoin wallets should be kept on your PC not online.  Dumbass, if you are that dumb to program a insecure website then in my opinion you got what you deserved.  Take it as a life lesson
Pages: « 1 2 3 [4]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!