dadice (OP)
Sr. Member
Offline
Activity: 252
Merit: 250
DaDice Administration
|
|
August 21, 2015, 04:32:56 PM |
|
Can you yet share information about how deep the attacker got access? Can you confirm all funds are safe/will be returned to investors? Thanks for the update though, looking foreward to the 750 Million once there are alle issues dealt with. Greetings, Lutpin
We cannot share further information yet. No funds are missing. If there is any significant evidence that your hosting provider is attempting to hack your site then the only prudent course of action would be to move to a different hosting provider. Period. To even consider anything other then this is just gross incompetence.
I wouldn't call it strong or significant evidence. But as a matter of fact only they and ourselves had access to the root password. Our password is pretty strong, so we can exclude a brute force attack. We have considered to move away, as I've mentioned earlier, but since we are pretty happy with them so far, we have decided to await the outcome of their investigation.
|
<- My trust rating is a joke, due to the poor and worthless implementation of trust ratings at bitcointalk.org
|
|
|
cazkooo
Legendary
Offline
Activity: 1540
Merit: 1013
|
|
August 21, 2015, 04:37:31 PM |
|
Just wondering will this downtime be reduced for the prediction game? this downtime isnt really itentional as something happens . Also is the first downtime happened because someone try to hack as well?
|
|
|
|
marioantonini
Legendary
Offline
Activity: 2156
Merit: 1082
|
|
August 21, 2015, 08:52:52 PM |
|
The most importante notice is all funds are safe Tomorrow is saturday, i hope site back online first to monday
|
|
|
|
eightbits
Newbie
Offline
Activity: 14
Merit: 0
|
|
August 21, 2015, 11:38:01 PM |
|
Was there logins in the auth.log from an outsider using root or a bash_history showing someone was using the root account? It's a bad idea to have ssh access open to root accounts. You should use another account and SU. Also you should have hidden bastion server access and not allow any ssh from IP's other than two bastions (the other as a backup).
I ask because rarely does a hack happen with a root password. Typically it's poor code allow cross-site scripting, SQL injection etc. etc. If there is no proof of shell access search access logs for PUTS and POSTS to narrow it down. Or, check your database integrity to see if it was compromised.
|
|
|
|
Hexcoin
|
|
August 22, 2015, 01:52:08 AM |
|
Just wondering will this downtime be reduced for the prediction game? this downtime isnt really itentional as something happens . Also is the first downtime happened because someone try to hack as well?
No worries here. We will deduct the hours of downtime, to make it fair for our predictors. Same for the 750 millionth roll bounty reward.
|
|
|
|
birdcat90
|
|
August 22, 2015, 02:00:44 AM |
|
i think for 750 m bounty will be postponed right?
because the date is skipped 2 or more days for recovering the site..hope all fund safe and dadice dev can secure the site..
shame on hacker..
|
|
|
|
james.lent
|
|
August 22, 2015, 02:38:14 AM |
|
i think for 750 m bounty will be postponed right?
because the date is skipped 2 or more days for recovering the site..hope all fund safe and dadice dev can secure the site..
shame on hacker..
Better hope then that it's really a hacker. Not the first time we've heard 'such issues' .
|
|
|
|
ndnh
Legendary
Offline
Activity: 1302
Merit: 1005
New Decentralized Nuclear Hobbit
|
|
August 22, 2015, 03:18:24 AM |
|
May be DD should split 50:50 the 750 million roll bounty for 750 and 800 million? so that most can estimate when they should be online to make the 800 millionth roll even if they say miss the 750m ? The prediction contest should go on as already decided by deducting the downtime. i think for 750 m bounty will be postponed right?
because the date is skipped 2 or more days for recovering the site..hope all fund safe and dadice dev can secure the site..
shame on hacker..
Better hope then that it's really a hacker. Not the first time we've heard 'such issues' . I don't remember any major downtime before.
|
|
|
|
Monopoly
|
|
August 22, 2015, 03:30:30 AM Last edit: August 22, 2015, 03:41:18 AM by Monopoly |
|
I play dice regularly ! but for 3 days i hadn't this fun ....... Very boring site ...... i will withdrawal and playing on other sites ......
|
|
|
|
dadice (OP)
Sr. Member
Offline
Activity: 252
Merit: 250
DaDice Administration
|
|
August 22, 2015, 06:42:38 AM |
|
Was there logins in the auth.log from an outsider using root or a bash_history showing someone was using the root account? It's a bad idea to have ssh access open to root accounts. You should use another account and SU. Also you should have hidden bastion server access and not allow any ssh from IP's other than two bastions (the other as a backup).
I ask because rarely does a hack happen with a root password. Typically it's poor code allow cross-site scripting, SQL injection etc. etc. If there is no proof of shell access search access logs for PUTS and POSTS to narrow it down. Or, check your database integrity to see if it was compromised.
Thanks for the info, I will forward it to the tech guys.
|
<- My trust rating is a joke, due to the poor and worthless implementation of trust ratings at bitcointalk.org
|
|
|
lottoitaliano
Legendary
Offline
Activity: 1176
Merit: 1000
|
|
August 22, 2015, 07:02:28 AM |
|
I play dice regularly ! but for 3 days i hadn't this fun ....... Very boring site ...... i will withdrawal and playing on other sites ......
Yes, 3 day offline is a problem for btc deposited and can't withdraw. For lucky , i withdraw every time win more of 0,1 and leave only a few mbtc for play another time
|
|
|
|
sana9821
|
|
August 22, 2015, 11:38:32 AM |
|
i hope the problems will be fixed as soon as possible, a lot of people are holding their bitcoins on this website and now they cant withdraw it even if they need it
|
|
|
|
Havelivi
|
|
August 22, 2015, 11:44:00 AM |
|
i hope the problems will be fixed as soon as possible, a lot of people are holding their bitcoins on this website and now they cant withdraw it even if they need it
Be patient dadice team is working hard to get fixed that issue, i also hopeful about this dadice will be back soon as it was almost to hit the 750th million roll with nice bounty.
|
|
|
|
nickaizoku
Sr. Member
Offline
Activity: 308
Merit: 250
❃ CyberNick ❃
|
|
August 22, 2015, 12:42:22 PM |
|
i hope the problems will be fixed as soon as possible, a lot of people are holding their bitcoins on this website and now they cant withdraw it even if they need it
Yea hopefully up soon.. kinda bored without it coz want to hunt jackpot and morever want to lvl up
|
|
|
|
kyxap
|
|
August 22, 2015, 04:35:13 PM |
|
It will open within 2 hours i think?
|
|
|
|
srgkrgkj
Legendary
Offline
Activity: 1218
Merit: 1000
|
|
August 22, 2015, 04:38:02 PM |
|
It will open within 2 hours i think?
I hope so mate there is a lot of money at stake and a lot of customers getting impatient here lol
|
|
|
|
marioantonini
Legendary
Offline
Activity: 2156
Merit: 1082
|
|
August 22, 2015, 06:16:58 PM |
|
It will open within 2 hours i think?
I don't think. Is saturday night of August, who work? For me, first to monday site is offline
|
|
|
|
BossMacko
|
|
August 23, 2015, 02:03:35 AM |
|
any updates admin?
|
|
|
|
kyxap
|
|
August 23, 2015, 08:04:40 AM |
|
dadice or someone from team can answer when site is up? 48 hours is past
|
|
|
|
amiryaqot
Legendary
Offline
Activity: 1050
Merit: 1000
|
|
August 23, 2015, 08:17:46 AM |
|
It will open within 2 hours i think?
I don't think. Is saturday night of August, who work? For me, first to monday site is offline Yes agreed with at weekend hard to work but OP must come and make update what is going on off the screen there and what is the current progress made to this issue, this would helpful for players to know the whole situation.
|
|
|
|
|