Pages:
Author

Topic: [ANN] CoinByCall.com - Get paid in BTC for listening radio over the phone - page 6. (Read 65515 times)

hero member
Activity: 910
Merit: 1000
Any site can get hacked, but some sites become targets and it seems yours is one since this is not the first time something like this happens. I suggest truly resolving the issue or it will just creep back in a month or two.
newbie
Activity: 7
Merit: 0
Hacked again? Maybe you should invest some effort into better security?
How about new finnish numbers? They are blacklisted by the most providers...
sr. member
Activity: 457
Merit: 250
CBC got hacked again. Passwords were reset. Please recover your PW and verify that your BTC or LTC payout address is actually yours.
newbie
Activity: 7
Merit: 0
also the page is down... what is going on there?
newbie
Activity: 7
Merit: 0
Is this project still "active"? No reply since 5th may?
newbie
Activity: 7
Merit: 0
Is it possible to get some new numbers?

All german and finnish numbers are blacklisted as far as I can see.  Undecided
Numbers of Poland and Netherlands are also blacklisted - at least for me.
newbie
Activity: 13
Merit: 0
The passwords were not hashed but stored in plain text (or crypted reversibely).

if you do use that password somewhere else, you should change it asap.

EDIT: And they are still being saved in plain text ...

I already posted that like two months ago: Storing plain passwords is BAD.
And now, after such a hacker attack, you really should delete all the passwords from the server and implement a secure hashing algorithm for the passwords!!
TCM
sr. member
Activity: 251
Merit: 250
What risk do you need to assess? Consider the password compromised and act appropriately.

Pro tip: If you reuse passwords at multiple sites you were doing it wrong in the first place.
legendary
Activity: 1946
Merit: 1035
Sorry about your attack, you seem to be dealing with it good.

In any case, if you are using your CBC password someplace else, indeed you should change it now.

How were the passwords hashed? This will allow us to make a self-assessment of the risks, thanks.
sr. member
Activity: 457
Merit: 250
UPDATE 02/May/2015: Sorry guys, made a mistake and the "hacker" still had access to some passwords. Therefore the passwords have been changed again, please recover them once more. Sorry!

In the meantime, that guy - who calls himself Kevin Mitnick (LOL!) - tried to blackmail CBC. See http://abload.de/img/moron1sua9.png

In any case, if you are using your CBC password someplace else, indeed you should change it now.
sr. member
Activity: 457
Merit: 250
Anyway, I hope you can repair the system and get the stolen btc back (preferably without using the last resort but if you need, I have my sledgehammer right here by my side. I just need a plane ticket both for me and my sledgehammer and a rental car Cheesy ).

Once I got his exact address I'll come back to your offer Smiley
legendary
Activity: 1493
Merit: 1003
Something is broken:

Quote
Internal Server Error

Failed to authenticate on SMTP server with username "[email protected]" using 2 possible authenticators
Same here.
Anyway, I hope you can repair the system and get the stolen btc back (preferably without using the last resort but if you need, I have my sledgehammer right here by my side. I just need a plane ticket both for me and my sledgehammer and a rental car Cheesy ).
Thank you for the update!
legendary
Activity: 2786
Merit: 1031
Something is broken:

Quote
Internal Server Error

Failed to authenticate on SMTP server with username "[email protected]" using 2 possible authenticators
newbie
Activity: 3
Merit: 0
TCM
sr. member
Activity: 251
Merit: 250
sr. member
Activity: 457
Merit: 250
CoinByCall was compromised on 29/Apr/2015. The attacker managed to steal all Bitcoins from our wallet by transferring them to his own.

He got access to the user database and changed the BTC addresses of about 110 accounts (out of 5200) to his own BTC address. He lowered the payout threshold of these accounts and after the payout mechanism got triggered, the system sent the BTC balance of about 50 user accounts to the attacker.

The system then stopped to create more transactions because the wallet didn't have any coins left.

Those ~50 users lost their Bitcoin balance. In total about 1.2 BTC were stolen.

We've restored the user database with the original users' BTC addresses and changed all passwords of all user accounts. Please perform the following steps to receive your new password via E-Mail:

1. Go to http://coinbycall.com/login
2. Enter your username at "login"
3. Enter at least 6 digits (can be anything) at "password"
4. Click on "Forgot Password?"

Your new password will then get E-mailed to you. If the E-Mail address you registered with is fake you are out of luck and your account is non-recoverable. In this case you may create a new account.

Calls were not lost.

It may take until Monday before payouts are resumed.

Although the attacker tried to hide his identity by using proxies, he made several mistakes. Therefore we were able to track the attacker down to an individual living in New England in the US. He's using Comcast to access the internet and we got several IP addresses with timestamps, for example IPv4 50.163.62.xxx on 29/Apr/2015:16:57:09 GMT+0200. His IPv6 is 2601:6:3d00:a60:f8e0:ccca:xxxx. He's got a Nexus 5 phone.

Some words to the attacker: Although the stolen amount is low, we *will* involve law enforcement and pass all documentation to them if the stolen funds are not transferred back to 1DNxMwkUt8wWoM4wfKbgySzVFsExhfWSYD by 04/May/2015. Is 1.2 BTC really worth it? Think twice about it.

We apologize for the inconvenience.
newbie
Activity: 7
Merit: 0
is it just me or are the latest calls (for 2 days) not listed?
newbie
Activity: 13
Merit: 0
Great, thanks. But the Payout is only  0.00000094 BTC?
I remember it being something around 0.00000250 ...

Will the payout be increased in the near future?
sr. member
Activity: 457
Merit: 250
Germany is back online.
Pages:
Jump to: