[ANN] CLOUDMINR

[broc93]

Has anybody seen this?

They published all the emails and passwords of their users on the website

And also here: http://pastebin.com/cZ7sy3Gr

[1715498340]

1715498340

[1715498340]

1715498340

[1715498340]

1715498340

[1715498340]

1715498340

[1715498340]

1715498340

[1715498340]

1715498340

[n2004al]

Has anybody seen this?

They published all the emails and passwords of their users on the website

And also here: http://pastebin.com/cZ7sy3Gr

Must be a proof that the site was hacked and the hackers want to damage as much as they can cloudminr.

[xeryan]

Luckly I'm not the public list.

Plain text passwords.. really devs? It's so sad

[broc93]

Has anybody seen this?

They published all the emails and passwords of their users on the website

And also here: http://pastebin.com/cZ7sy3Gr

Must be a proof that the site was hacked and the hackers want to damage as much as they can cloudminr.

Maybe, or maybe they just want to earn more money from the scam by selling the data of their customers (should I say, victims?). They published 1k addresses and they sell all the database for 1BTC.

[nodes]

Has anybody seen this?

They published all the emails and passwords of their users on the website

And also here: http://pastebin.com/cZ7sy3Gr

my email or ID is not there. I think its posted to cloudminr itself to make the story look real.

[broc93]

my email or ID is not there.

That's only part of the list, they're selling the complete list for 1BTC.

[Aefan]

I use Microsoft Security Essentials.. If this will not find anything, I'll download malwarebytes as you recommend, thanks.

never trust a single scanner. use a paid scanner with a good detection rate and malwarebytes as an additional "run when needed" scanner. malwarebytes is well known as a scanner with a high detection rate.
you can upload suspicious files to virustotal and let them check the file with the most known scanner to be sure that nothing will undetected.

Has anybody seen this?

They published all the emails and passwords of their users on the website

And also here: http://pastebin.com/cZ7sy3Gr

my account is not in the list, too and i never use passwords for more than one website so not really a problem. they just need to reset all passwords and everyone is fine.
but how legit is the list? could be old, fake, or just a way to legit the so called hack dont belive in it.

[n2004al]

Has anybody seen this?

They published all the emails and passwords of their users on the website

And also here: http://pastebin.com/cZ7sy3Gr

my email or ID is not there. I think its posted to cloudminr itself to make the story look real.

So you think that clodminr that sent every week 200-300 btc to its users it is selling their usernames and emails for only 1 btc. All this to have this big amount of 1 btc and to make the story seems real?

[broc93]

So you think that clodminr that sent every week 200-300 btc to its users it is selling their usernames and emails for only 1 btc. All this to have this big amount of 1 btc and to make the story seems real?

Nobody would keep passwords in plain text in their database if they have good intentions.

[n2004al]

So you think that clodminr that sent every week 200-300 btc to its users it is selling their usernames and emails for only 1 btc. All this to have this big amount of 1 btc and to make the story seems real?

Nobody would keep passwords in plain text in their database if they have good intentions.

I don't see problems here. They can enter in every account even without the passwords. The passwords maybe serve for various verifications with the users. You are telling that they have planed the story of the hacking and the selling of passwords since the beginning?

[broc93]

So you think that clodminr that sent every week 200-300 btc to its users it is selling their usernames and emails for only 1 btc. All this to have this big amount of 1 btc and to make the story seems real?

Nobody would keep passwords in plain text in their database if they have good intentions.

I don't see problems here. They can enter in every account even without the passwords. The passwords maybe serve for various verifications with the users. You are telling that they have planed the story of the hacking and the selling of passwords since the beginning?

Of course they can access all the accounts without using a password. So why should you keep passwords visible? Everybody would encrypt them because why on Earth would you need them in plain text?

[n2004al]

So you think that clodminr that sent every week 200-300 btc to its users it is selling their usernames and emails for only 1 btc. All this to have this big amount of 1 btc and to make the story seems real?

Nobody would keep passwords in plain text in their database if they have good intentions.

I don't see problems here. They can enter in every account even without the passwords. The passwords maybe serve for various verifications with the users. You are telling that they have planed the story of the hacking and the selling of passwords since the beginning?

Of course they can access all the accounts without using a password. So why should you keep passwords visible? Everybody would encrypt them because why on Earth would you need them in plain text?

I don't know this but what do you intend with this? Why are visible? The reason of this according to you.... Are visible to have those ready in order to sell them after the invented story of hacking?

[wwwcuongit]

-= cloudminr.io users database for sale =-

http://pastebin.com/cZ7sy3Gr
http://codetidy.com/6797/
http://pasted.co/775c1f19
http://codepad.org/h1WjgbhT

1 BTC for 79,267 unencrypted user:email:password list.
contact us on jabber at cmiodb@exploit.im

This database where significant

Hic, 79,267 user in cloudminr.io

if cloudminr.io is scam, they seized large amounts

[xeryan]

if cloudminr.io is scam, they seized large amounts

No this is a way to make us to think that they was hacked while instead they are scammers

[wwwcuongit]

if cloudminr.io is scam, they seized large amounts

No this is a way to make us to think that they was hacked while instead they are scammers

yes, maybe they are trying to blame hackers! 

[DanielMitrovsky]

if cloudminr.io is scam, they seized large amounts

No this is a way to make us to think that they was hacked while instead they are scammers

yes, maybe they are trying to blame hackers! 

https://cloudminr.io/
check now-they sale users emails!!
SCAMMERS

[n2004al]

if cloudminr.io is scam, they seized large amounts

No this is a way to make us to think that they was hacked while instead they are scammers

yes, maybe they are trying to blame hackers!  

https://cloudminr.io/
check now-they sale users emails!!
SCAMMERS

To many strange things for being scammers. Normally (if scammers) they would hide themselves and not doing this things. All these actions make me think that they were really hacked and that the hackers want to stop their activity in any way.

[Aefan]

the funny thing is that they wrote if there is something on the website than we should not belive it and a few days after that, a list of accounts is on their address. that aren't hackers, just scammers.
that was the plan from the beginning. steal money and make money with the accounts to get more and more money.

if really someone is beliving that this was an hack... sorry but than you are to stupid for this world.

normal developers will encrypt or hash passwords. a lot of websites don't do that. not because they want to make bad things with it but only they are not prepared for vulnerabilities on their site.
but in this case there was a plan behind that. i'm sure.

that none of the admins replied to that list and discussion shows the intention behind that all.

[Punggawa]

what happened cloudminr?

-= cloudminr.io users database for sale =-

1 BTC for 79,267 unencrypted user:email:password list.
contact us on jabber at cmiodb@exploit.im

proof - first 1k users:

check: http://cloudminr.io/

[broc93]

normal developers will encrypt or hash passwords. a lot of websites don't do that. not because they want to make bad things with it but only they are not prepared for vulnerabilities on their site.
but in this case there was a plan behind that. i'm sure.

I have a website. It has 800 users but still, their passwords are hashed. You're dealing with cryptocurrencies and you don't encrypt the passwords of your users? You're a scammer and you want to use those passwords for other purposes, obviously.