Ichthyo (OP)
|
|
August 02, 2012, 04:38:26 PM Last edit: August 04, 2012, 11:50:37 AM by Ichthyo |
|
With this message, I want to put up a warning to everyone participating in the beta test of Bitdaytrade.com
Please excuse me in case I am overreacting -- it is not clear yet, if bitdaytrade.com had a breach, is just malfunctioning, or if just my account got hacked.
Anyway, when logging into the site right now, I've found that earlier this day 3 withdrawals had been initiated (now in processing state), which would result in removing all of the BTC in my underlying currency account. I've allerted the Bitdaytrade support, requesting to halt these transfers, if possible (they manually approve withdrawals).
The withdrawals where initiated at 2012-08-02 11:44:10 2012-08-02 09:15:56 2012-08-02 03:16:57
I am absolutely sure these weren't initiated by me. My PC was off during that time. I'm using secure passwords, access from a linux box, and changed my password just yesterday.
I'll follow up if I find out any new information
Update Further investigation uncovered a bug in the display of withdrawals at Bitdaytrade.com So these withdrawals turned out to belong to another customer, and just summed up to the size of my currency account by coincidence.
|
|
|
|
mobile4ever
|
|
August 02, 2012, 04:40:31 PM |
|
Keylogger? Just an idea. Dont blast me... I am just trying to help
|
|
|
|
Ichthyo (OP)
|
|
August 02, 2012, 04:52:29 PM |
|
Keylogger? Just an idea. Dont blast me... I am just trying to help of course anything is possible. Investigating my system right now. Must have been an rather skillful and dedicated attempt. I won't claim that I'm running a high security system, but its for sure not the "average windows box"
|
|
|
|
Ichthyo (OP)
|
|
August 02, 2012, 06:18:10 PM |
|
- Bitdaytrade support was very responsive and helpful
- They didn't approve those suspicious withdrawals at first place, which indeed protected my BTC for now. Thanks!
- I didn't find any obvious signs of suspicios activity on my system (processes, logins, sudo). But need to have a more close look
Btw, if someone captured my password, this trojan must have hooked into my X server and capture the X clipboard, since I never type in those passwords. Does anyone know if this is a likely / typical / probable attack vector? How would an attacker correlate the contents of the clipboard with the specific website I'm accessing? Any thoughts?
|
|
|
|
ElectricMucus
Legendary
Offline
Activity: 1666
Merit: 1057
Marketing manager - GO MP
|
|
August 02, 2012, 06:20:39 PM |
|
You have been warned that would happen.
|
|
|
|
Ichthyo (OP)
|
|
August 02, 2012, 06:28:39 PM |
|
You have been warned that would happen.
Whom do you mean with "you"? As far as I am concerned, I am rather relaxed, but want to find out if indeed, and in case where the weak spot would be on my side.
|
|
|
|
ElectricMucus
Legendary
Offline
Activity: 1666
Merit: 1057
Marketing manager - GO MP
|
|
August 02, 2012, 06:53:38 PM |
|
You alas Ichthyo alas possible bitdaytrade shill.
|
|
|
|
Ichthyo (OP)
|
|
August 02, 2012, 06:59:10 PM |
|
...possible bitdaytrade shill. hey, come on. Would a shill point out possible technical problems as I did in the past? Doesn't make any sense for me.
|
|
|
|
rjk
Sr. Member
Offline
Activity: 448
Merit: 250
1ngldh
|
|
August 02, 2012, 07:00:30 PM |
|
...possible bitdaytrade shill. hey, come on. Would a shill point out possible technical problems as I did in the past? Doesn't make any sense for me. Looks like he is seeing ghosties all around.
|
|
|
|
ElectricMucus
Legendary
Offline
Activity: 1666
Merit: 1057
Marketing manager - GO MP
|
|
August 02, 2012, 07:00:46 PM |
|
Wouldn't surprise me, makes sense from a controlled opposition perspective.
|
|
|
|
Meni Rosenfeld
Donator
Legendary
Offline
Activity: 2058
Merit: 1054
|
|
August 03, 2012, 12:19:28 PM |
|
Alberto has found and is fixing an issue that could be related to what Ichthyo is seeing. You alas Ichthyo alas possible bitdaytrade shill. You keep using that word. I do not think it means what you think it means.
|
|
|
|
ElectricMucus
Legendary
Offline
Activity: 1666
Merit: 1057
Marketing manager - GO MP
|
|
August 03, 2012, 01:14:10 PM |
|
ah hai grammar nazi, tell me.
kthxbye
|
|
|
|
bitdaytrade
|
|
August 03, 2012, 05:46:31 PM |
|
The issue was caused by a bug in the Withdrawal history panel, it was simply showing withdrawals not pertaining to the logged in account and gave the impression of an account compromission. We fixed all the issues at the moment of writing. Apologizes for all the troubles caused.
BDT
|
|
|
|
Ichthyo (OP)
|
|
August 03, 2012, 09:37:42 PM |
|
...it was simply showing withdrawals not pertaining to the logged in account and gave the impression of an account compromission. We fixed all the issues at the moment of writing. Apologizes for all the troubles caused.
Agreed, the spurious withdrawal entries in the history are gone. There are some additional details only exchanged in PM with Bitdaytrade. Especially I didn't mention on this public forum thread is that I didn't receive any confirmation mail for those withdrawals. This would line up with the explanation that these where just withdrawals belonging to another account. Bottom line: seems to be a false alarm, Problem solved
|
|
|
|
OneEyed
aka aurele
Full Member
Offline
Activity: 154
Merit: 100
|
|
August 03, 2012, 09:48:12 PM |
|
Bottom line: seems to be a false alarm, Problem solved
Maybe you should update the title of the thread, to use something like "[SOLVED] Discrepancies in withdrawals listing" so that people don't freak out when they see it in the list of topics.
|
|
|
|
Ichthyo (OP)
|
|
August 04, 2012, 11:51:28 AM |
|
Maybe you should update the title of the thread, ....so that people don't freak out when they see it in the list of topics.
Thanks for the hands-up!
|
|
|
|
|