BitLex (OP)
|
|
June 07, 2011, 10:23:58 AM |
|
yay!
seems like someone really screwed up the database and has been able to get quite some coins.
if you havent already, do not send any coins, most, if not all bcaINs have been changed too!
|
|
|
|
IIOII
Legendary
Offline
Activity: 1153
Merit: 1012
|
|
June 07, 2011, 10:25:59 AM |
|
The action is still ongoing - I've changed Bitcoin address and password - within minutes it was rechanged again
|
|
|
|
mollari
Newbie
Offline
Activity: 22
Merit: 0
|
|
June 07, 2011, 10:26:54 AM |
|
Well spotted, guys! Apparently the same thing happened to me - it was only 0.25 BTC, but still...
|
|
|
|
BitLex (OP)
|
|
June 07, 2011, 10:29:06 AM |
|
i've currently disabled withdraw, so we at least keep what's left, at first glance it seems the attacker has been able to get ~100coins.
i'm trying to figure out what happened.
|
|
|
|
theymos
Administrator
Legendary
Offline
Activity: 5334
Merit: 13305
|
|
June 07, 2011, 10:43:35 AM |
|
My account was compromised... It can't have been a brute-force attack. My password couldn't have been brute-forced.
|
1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
|
|
|
lemonginger
Full Member
Offline
Activity: 210
Merit: 100
firstbits: 121vnq
|
|
June 07, 2011, 02:38:25 PM |
|
I would assume that the mention of a database means that accounts were drained from the database itself, not through individual account passwords. (ie; the bitcoins you had sitting there and the bitcoins I had sitting there weren't actually in separate places)
|
|
|
|
theymos
Administrator
Legendary
Offline
Activity: 5334
Merit: 13305
|
|
June 07, 2011, 05:23:12 PM |
|
I would assume that the mention of a database means that accounts were drained from the database itself, not through individual account passwords. (ie; the bitcoins you had sitting there and the bitcoins I had sitting there weren't actually in separate places)
My password was changed, so it was more than just getting to the wallet.
|
1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
|
|
|
lemonginger
Full Member
Offline
Activity: 210
Merit: 100
firstbits: 121vnq
|
|
June 07, 2011, 08:52:46 PM |
|
surprised there isn't more attention about this yet since it seems like half the forum had a randomizer account
|
|
|
|
IIOII
Legendary
Offline
Activity: 1153
Merit: 1012
|
|
June 07, 2011, 11:39:12 PM |
|
surprised there isn't more attention about this yet since it seems like half the forum had a randomizer account
Me too, but don't worry it keeps getting my attention at least. I hope this getting fixed soon...
|
|
|
|
lemonginger
Full Member
Offline
Activity: 210
Merit: 100
firstbits: 121vnq
|
|
June 08, 2011, 04:05:51 AM |
|
any word yet on what was compromised here?
|
|
|
|
IIOII
Legendary
Offline
Activity: 1153
Merit: 1012
|
|
June 08, 2011, 12:18:36 PM |
|
^up
Has BitLex already abandoned the project?
He has been active in the German subforum today but not a word on the Bitcoin Randomizer yet.
At least I won't let him get away that easy...
|
|
|
|
BitLex (OP)
|
|
June 08, 2011, 12:37:08 PM |
|
any word yet on what was compromised here?
here's a few words: the attacker didn't get to the wallet, he just screwed up the mysql-db. he changed ALL bcaINs and bcaOUTs to 2 of his addresses, 1F18nxdq8eFEGqfzWcB42BWC8pCnfy3hvT and 17NfYvChAVuU1ewq724uXWSxk9mxQfUyim and he has been able to change passwords on some, but not all accounts, that's how he was able to withdraw those accounts balances, although it seems he again used multiple different addresses than those 2 above. i'm still trying to find and fill all the holes.
|
|
|
|
speeder
|
|
June 08, 2011, 04:10:16 PM |
|
Sad...
I was having fun with that!
|
|
|
|
Ricochet
|
|
June 09, 2011, 12:26:59 AM |
|
Guess I'm lucky then that I never got any random referrers. Joined in at 322 I think just for the heck of it but never advertised the link anywhere.
Sorry to hear about the attack though.
|
|
|
|
arsenische
Legendary
Offline
Activity: 1199
Merit: 1012
|
|
June 09, 2011, 02:02:37 PM |
|
I am sorry to hear about the attack too. I hope Bitcoin Randomizer will survive!
|
|
|
|
Insti
Sr. Member
Offline
Activity: 294
Merit: 252
Firstbits: 1duzy
|
|
June 13, 2011, 06:31:38 AM |
|
Any updates BitLex?
|
|
|
|
IIOII
Legendary
Offline
Activity: 1153
Merit: 1012
|
|
June 13, 2011, 06:55:13 PM |
|
Any updates BitLex?
+1 Will he get rid of the project this way Certainly not
|
|
|
|
IIOII
Legendary
Offline
Activity: 1153
Merit: 1012
|
|
June 16, 2011, 12:10:28 AM |
|
Just to keep this up...
BitLex has been last active yesterday. I wonder why there is no statement regarding the Randomizer....
|
|
|
|
lemonginger
Full Member
Offline
Activity: 210
Merit: 100
firstbits: 121vnq
|
|
June 16, 2011, 12:19:08 AM |
|
yes would be nice. I only lost .25 coin I guess (plus the money I paid for that referral, plus the original dollar I put in) but that is danger of a known pyramid scheme. Would have been nice to get an apology at least though.
|
|
|
|
rlh
|
|
June 17, 2011, 04:23:06 PM |
|
I emailed BitLex and asked him about the status of this problem. His response was, yes, he is trying to fix the problem but he's not a professional and was having trouble. Being that he responded rather quickly, and politely, I believe him.
I still don't know when the service will be up and running again, though.
|
A Personal Quote on BTT from 2011: "I'd be willing to make a moderate "investment" if the value of the BTC went below $2.00. Otherwise I'll just have to live with my 5 BTC and be happy. :/" ...sigh. If only I knew.
|
|
|
|