|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
|
BTCPilot
Newbie
Offline
Activity: 1
Merit: 0
|
 |
June 07, 2011, 09:24:02 AM |
|
http://fxnet.bitlex.org/?ref=1237Sign up with this referral link and I'll send 0.22 BTC. Send me a PM with a valid Bitcoin address after your account has been confirmed and I'll send you the Bitcoins.
|
|
|
|
IIOII
Legendary
Offline
Activity: 1154
Merit: 1012
|
 |
June 07, 2011, 10:00:23 AM |
|
Account hacked
My account has been hacked and money has been send to a different Bitcoin address.
As I assume this affects not only me, since the "btc withdrawn" statistic has suddenly risen to over 800 from a mere 6XX - is this even possible (there are less than 700 participants)?
Any suggestions?
|
|
|
|
BitLex
|
 |
June 07, 2011, 10:23:58 AM |
|
yay!
seems like someone really screwed up the database and has been able to get quite some coins.
if you havent already, do not send any coins, most, if not all bcaINs have been changed too!
|
|
|
|
IIOII
Legendary
Offline
Activity: 1154
Merit: 1012
|
 |
June 07, 2011, 10:25:59 AM |
|
The action is still ongoing - I've changed Bitcoin address and password - within minutes it was rechanged again
|
|
|
|
mollari
Newbie
Offline
Activity: 22
Merit: 0
|
 |
June 07, 2011, 10:26:54 AM |
|
Well spotted, guys! Apparently the same thing happened to me - it was only 0.25 BTC, but still... 
|
|
|
|
BitLex
|
 |
June 07, 2011, 10:29:06 AM |
|
i've currently disabled withdraw, so we at least keep what's left, at first glance it seems the attacker has been able to get ~100coins.
i'm trying to figure out what happened.
|
|
|
|
theymos
Administrator
Legendary
Offline
Activity: 4004
Merit: 8068
|
 |
June 07, 2011, 10:43:35 AM |
|
My account was compromised...  It can't have been a brute-force attack. My password couldn't have been brute-forced.
|
1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
|
|
|
lemonginger
Full Member
 
Offline
Activity: 210
Merit: 100
firstbits: 121vnq
|
 |
June 07, 2011, 02:38:25 PM |
|
I would assume that the mention of a database means that accounts were drained from the database itself, not through individual account passwords. (ie; the bitcoins you had sitting there and the bitcoins I had sitting there weren't actually in separate places)
|
|
|
|
theymos
Administrator
Legendary
Offline
Activity: 4004
Merit: 8068
|
 |
June 07, 2011, 05:23:12 PM |
|
I would assume that the mention of a database means that accounts were drained from the database itself, not through individual account passwords. (ie; the bitcoins you had sitting there and the bitcoins I had sitting there weren't actually in separate places)
My password was changed, so it was more than just getting to the wallet.
|
1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
|
|
|
lemonginger
Full Member
 
Offline
Activity: 210
Merit: 100
firstbits: 121vnq
|
 |
June 07, 2011, 08:52:46 PM |
|
surprised there isn't more attention about this yet since it seems like half the forum had a randomizer account
|
|
|
|
IIOII
Legendary
Offline
Activity: 1154
Merit: 1012
|
 |
June 07, 2011, 11:39:12 PM |
|
surprised there isn't more attention about this yet since it seems like half the forum had a randomizer account
Me too, but don't worry it keeps getting my attention at least.  I hope this getting fixed soon...
|
|
|
|
lemonginger
Full Member
 
Offline
Activity: 210
Merit: 100
firstbits: 121vnq
|
 |
June 08, 2011, 04:05:51 AM |
|
any word yet on what was compromised here?
|
|
|
|
IIOII
Legendary
Offline
Activity: 1154
Merit: 1012
|
 |
June 08, 2011, 12:18:36 PM |
|
^up
Has BitLex already abandoned the project?
He has been active in the German subforum today but not a word on the Bitcoin Randomizer yet.
At least I won't let him get away that easy...
|
|
|
|
BitLex
|
 |
June 08, 2011, 12:37:08 PM |
|
any word yet on what was compromised here?
here's a few words: the attacker didn't get to the wallet, he just screwed up the mysql-db. he changed ALL bcaINs and bcaOUTs to 2 of his addresses, 1F18nxdq8eFEGqfzWcB42BWC8pCnfy3hvT and 17NfYvChAVuU1ewq724uXWSxk9mxQfUyim and he has been able to change passwords on some, but not all accounts, that's how he was able to withdraw those accounts balances, although it seems he again used multiple different addresses than those 2 above. i'm still trying to find and fill all the holes.
|
|
|
|
speeder
|
 |
June 08, 2011, 04:10:16 PM |
|
Sad...
I was having fun with that!
|
|
|
|
Ricochet
|
 |
June 09, 2011, 12:26:59 AM |
|
Guess I'm lucky then that I never got any random referrers. Joined in at 322 I think just for the heck of it but never advertised the link anywhere.
Sorry to hear about the attack though.
|
|
|
|
arsenische
Legendary
Offline
Activity: 1195
Merit: 1011
|
 |
June 09, 2011, 02:02:37 PM |
|
I am sorry to hear about the attack too. I hope Bitcoin Randomizer will survive!
|
|
|
|
Insti
Sr. Member
  
Offline
Activity: 294
Merit: 251
Firstbits: 1duzy
|
 |
June 13, 2011, 06:31:38 AM |
|
Any updates BitLex?
|
|
|
|
IIOII
Legendary
Offline
Activity: 1154
Merit: 1012
|
 |
June 13, 2011, 06:55:13 PM |
|
Any updates BitLex?
+1 Will he get rid of the project this way  Certainly not 
|
|
|
|
|