Author

Topic: [2015-01-23][ Coinfire was hacked - probably by Gawminer/Paycoin Scam (Read 1095 times)

legendary
Activity: 1512
Merit: 1012
Bad vibes when people hack others just because they're "inconvenient"... hope CoinFire gets back on their feet fast!
legendary
Activity: 1148
Merit: 1014
In Satoshi I Trust
i heard it was a scam company called paybase and paycoin Cheesy

how much do you lost with that shit?
sr. member
Activity: 434
Merit: 250
Poor coinfire  Embarrassed first it was DDOSed - blamed GAW now hacked - also GAW. They seem to be spending all their time writing negative articles about GAW or blaming GAW for everything that happens to them. Bunch of losers and wannabe journalists.

poor coinfire yes. DDOSed by the GAW Cult. hacked by GAW Cult. threatened by Gaw. and all just because they revealed the truth about the Gaw Scam Cry

I heard it was yourself that hacked them so you can blame GaW.
sr. member
Activity: 274
Merit: 250
Are they claiming they were hacked after they put up the article claiming gaw was being investigated or are they claiming they were hacked and the article was put up then? They need to check their facts and sources if they just put up an article without fact checking. They could get in to legal trouble otherwise.
legendary
Activity: 1148
Merit: 1014
In Satoshi I Trust
Poor coinfire  Embarrassed first it was DDOSed - blamed GAW now hacked - also GAW. They seem to be spending all their time writing negative articles about GAW or blaming GAW for everything that happens to them. Bunch of losers and wannabe journalists.

poor coinfire yes. DDOSed by the GAW Cult. hacked by GAW Cult. threatened by Gaw. and all just because they revealed the truth about the Gaw Scam Cry
sr. member
Activity: 462
Merit: 251
Poor coinfire  Embarrassed first it was DDOSed - blamed GAW now hacked - also GAW. They seem to be spending all their time writing negative articles about GAW or blaming GAW for everything that happens to them. Bunch of losers and wannabe journalists.
legendary
Activity: 1148
Merit: 1014
In Satoshi I Trust
Coinfire was hacked - probably by Gawminer/Paycoin Scam

(official response from the coinfire team)

http://coinfire.io/


Hey Everyone,

Mike here from Coin Fire. Yes, for real.

I have active control over the Twitter account, Bitcoin Talk account, and this reddit account at the moment.

I've asked a few members of the bitcoin community to come here and verify that this is actually me, and I expect they will do so in the near future. Many members of this community do have my cell phone number and as such, I have asked them to contact me and verify this information.

I wanted to address what happened today and let you know what we know, what we don't know, and what we are working on doing to get things restored.

First, our domain was not expired nor was it originally even slated to expire today or anytime near today. We had a valid registration until later this year.

Second, our password was not compromised as best we can tell at this time. We use secure passwords for every single platform. Each password is different and we work diligently to make sure our security is very tight after the last incident involving our site.

Third, we are turning over all relevant information to law enforcement. While we don't know if anything will ever come of this (as our last report went cold quickly), we have at least taken the steps to that.

Our best speculation at this time is that a third-party was able to convince the domain registrar to have our domain delisted and then they reregistered it. We aren't sure how this is possible and we aren't even sure this is what happened, but I can tell you that the domain basically doesn't even exist in our registrar account. When we log in to our domain registrar, the logs do not show we transferred the domain out or that it expired.

Just to be sure, we registered a new domain and transferred it out. When we did this, a log was generated for that activity. We see no such logs for this with CoinFire.cf.

We used Freenom for our domain registration. Yes, they are a free registrar, but we didn't go with them because it was free. We went with it because it was clever in my mind when we first started the site to have .cf when our name was Coin Fire.

We did pay the standard registration fee for the domain.

At this time, it is unclear how the domain was taken down.

Consider all @coinfire.cf email accounts compromised at this time or until we say otherwise via this official reddit account or Twitter.

Once the attackers had the domain, they were able to update the MX information for the email. They didn't need to know passwords for Twitter because they were able to easily change the password via an email link. This is what we believe happened.

We use 2FA on everything but our domain registration and Twitter account. We didn't use it with our registrar because they don't offer 2FA, but it was our fault for not using 2FA on Twitter. We should have enabled it and I take full responsibility for that.

Regarding the leaking of our contact's information on Twitter for the SEC documents: the person who hacked our Twitter was completely wrong regarding the name. We won't confirm or deny the person's regional office or any other information, because that would compromise our source.

The sad thing about this for Coin Fire is that finding sources who will trust us to bring you the inside information we have brought in the past will now prove that much more difficult. While no sources have been compromised and the hackers are unable to read our previous emails (we encrypt and they don't have access to our old mail server), they have planted a seed that will no doubt be damaging to the reputation of our site and our ability to keep sources and information secure.

I want to reiterate. None of the information on the Coin Fire server or email prior to the MX records being modified has been compromised.

Our WordPress installation is still secure and our CloudFlare account is still secure. We live in a security-centric world at Coin Fire since the previous hacks. Each account used a different off-domain email address (outside of Twitter) and each account used a different password.

We will be able to come back online using a new domain in the near future. Right now though, our focus is simply making sure that all of the relevant information for law enforcement officials is secure.

We understand that many people went and registered CoinFire.[XYZ] domains, some to help get us back online and many to prevent us from coming back online. We will be evaluating our options in the near future.

We appreciate the members of our community who have been reaching out to help us and I assure you that we will be replying to everything we can as we are able to do so.

In the meantime, feel free to ask questions and I'll do my best to answer them. We've got our attorneys on standby to help make sure we aren't doing anything that could compromise our sources and we will do our best.

I remain steadfast and committed to being transparent.

Thank you so much for your support.

EDIT: Also for further verification: http://imgur.com/1uG5lpm


http://de.reddit.com/r/Bitcoin/comments/2tgefn/official_coin_fire_response_and_discussion_for/

http://de.reddit.com/r/Bitcoin/comments/2tft6n/just_registered_coinfireinfo_prove_you_are/



probably because of this last report:

"paybase-operating-illegally-without-msb-licenses/"
Jump to: