Topic: [ANN] [LTC] [PPS] [OTP 2FA] [Stratum only] LTCMine PPS mining pool (3.3%) - page 63. (Read 227562 times)
April 20, 2013, 11:18:33 AM
You are lucky man
April 20, 2013, 11:17:22 AM
If it helps I used the same user/password in these sites and none of my accounts were compromised:
coinotron
give-me-ltc
ltc.kattare.com
wemineltc
ltcmine.ru
coinotron
give-me-ltc
ltc.kattare.com
wemineltc
ltcmine.ru
April 20, 2013, 11:14:47 AM
One of possible solutions is force users to use autogenerated passwords. Then all passwords obviously will be unique. But when I tried it once, I received toooooo much emails about forgotten passwords recovery. 
So, I think that google authentication + password will be quite reliable solution.
So, I think that google authentication + password will be quite reliable solution.
April 20, 2013, 11:07:35 AM
Brute force with stolen passwords is what I am thinking as well. Balthazar it might be a good idea to stick a warning msg on the front page urging members to use unique password for the site
April 20, 2013, 11:01:46 AM
New settings applied.
Some details... If you tried to login more than three times, your IP will be banned for 600s.
Quote
WARNING [ltcmine-login] Ban 108.254.4.74
WARNING [ltcmine-login] Ban 24.188.138.99
WARNING [ltcmine-login] Ban 83.151.4.212
WARNING [ltcmine-login] Ban 128.73.39.106
WARNING [ltcmine-login] Unban 108.254.4.74
WARNING [ltcmine-login] Unban 24.188.138.99
WARNING [ltcmine-login] Unban 83.151.4.212
WARNING [ltcmine-login] Unban 128.73.39.106
WARNING [ltcmine-login] Ban 24.188.138.99
WARNING [ltcmine-login] Ban 83.151.4.212
WARNING [ltcmine-login] Ban 128.73.39.106
WARNING [ltcmine-login] Unban 108.254.4.74
WARNING [ltcmine-login] Unban 24.188.138.99
WARNING [ltcmine-login] Unban 83.151.4.212
WARNING [ltcmine-login] Unban 128.73.39.106
Some details... If you tried to login more than three times, your IP will be banned for 600s.
April 20, 2013, 10:51:07 AM
That's quite interesting:
It seems that we find our problem. I'll add new rule into fail2ban settings.
Code:
# cat access.log.2 | grep 'POST /login' | wc -l
56236
# cat access.log.1 | grep 'POST /login' | wc -l
71523
#
56236
# cat access.log.1 | grep 'POST /login' | wc -l
71523
#
It seems that we find our problem. I'll add new rule into fail2ban settings.
тoecть кaк я пoнял мoй пapoль чepeз кoйнoтpoн xaкнyли, или вcё-тaки y вac былa дыpa? нe coвceм пoнял ..
вpoдe-бы и нeпpocтoй вocьмизнaчный цифpoбyквeнный был..
April 20, 2013, 10:34:12 AM
That's quite interesting:
It seems that we find our problem. I'll add new rule into fail2ban settings.
Code:
# cat access.log.2 | grep 'POST /login' | wc -l
56236
# cat access.log.1 | grep 'POST /login' | wc -l
71523
#
56236
# cat access.log.1 | grep 'POST /login' | wc -l
71523
#
It seems that we find our problem. I'll add new rule into fail2ban settings.
тoecть кaк я пoнял мoй пapoль чepeз кoйнoтpoн xaкнyли, или вcё-тaки y вac былa дыpa? нe coвceм пoнял ..
вpoдe-бы и нeпpocтoй вocьмизнaчный цифpoбyквeнный был..
April 20, 2013, 10:31:28 AM
Thanks for your quick action.
April 20, 2013, 10:09:48 AM
That's quite interesting:
It seems that we find our problem. I'll add new rule into fail2ban settings.
Code:
# cat access.log.2 | grep 'POST /login' | wc -l
56236
# cat access.log.1 | grep 'POST /login' | wc -l
71523
#
56236
# cat access.log.1 | grep 'POST /login' | wc -l
71523
#
It seems that we find our problem. I'll add new rule into fail2ban settings.
April 20, 2013, 09:28:21 AM
Transactions-filtered list of compromised accounts added.
April 20, 2013, 09:23:29 AM
I am unable to find myself in the list of affected accounts, although i was the first one to report it here.
As of coinotron, you cannot possibly believe every word that exploiter said, regarding that funky term "unknown vulnerable site". At least my login/password combination unfortunately was the same there and on ltcmine. It was a single case; account made in a hurry during ltcmine DDOS.
edit: FF17 and tor-exit all the way, yeah
As of coinotron, you cannot possibly believe every word that exploiter said, regarding that funky term "unknown vulnerable site". At least my login/password combination unfortunately was the same there and on ltcmine. It was a single case; account made in a hurry during ltcmine DDOS.
edit: FF17 and tor-exit all the way, yeah
Write about it [email protected]
on this pool today it was impossible go into an account and the site was very slow.
coinotron did not know about it.
https://bitcointalksearch.org/topic/m.1891035
April 20, 2013, 09:23:13 AM
I am unable to find myself in the list of affected accounts, although i was the first one to report it here.
It's because I filtered affected accounts by withdrawal address. If it was changed, it's not listed. I will make a more detailed list later.As of coinotron, you cannot possibly believe every word that exploiter said, regarding that funky term "unknown vulnerable site".
Obviously not. That's why we need additional measures before going to enable withdrawals. 
April 20, 2013, 09:07:00 AM
I am unable to find myself in the list of affected accounts, although i was the first one to report it here.
As of coinotron, you cannot possibly believe every word that exploiter said, regarding that funky term "unknown vulnerable site". At least my login/password combination unfortunately was the same there and on ltcmine. It was a single case; account made in a hurry during ltcmine DDOS.
edit: FF17 and tor-exit all the way, yeah
As of coinotron, you cannot possibly believe every word that exploiter said, regarding that funky term "unknown vulnerable site". At least my login/password combination unfortunately was the same there and on ltcmine. It was a single case; account made in a hurry during ltcmine DDOS.
edit: FF17 and tor-exit all the way, yeah
April 20, 2013, 09:00:26 AM
Wallet change requests, executed during hacker activity period:
Most of them from this list uses firefox 17 as user-agent.
Code:
184.189.229.140 - - [20/Apr/2013:00:01:42 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31"
37.57.35.32 - - [20/Apr/2013:00:08:26 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 113 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.142 Safari/535.19"
173.218.142.80 - - [20/Apr/2013:00:31:28 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31"
66.177.62.33 - - [20/Apr/2013:00:38:04 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/534.34 (KHTML, like Gecko) rekonq/1.1 Safari/534.34"
50.70.36.104 - - [20/Apr/2013:01:02:15 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31"
24.9.116.72 - - [20/Apr/2013:02:31:39 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31"
86.128.209.43 - - [20/Apr/2013:02:37:21 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31"
74.65.68.95 - - [20/Apr/2013:02:46:12 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:20.0) Gecko/20100101 Firefox/20.0"
94.255.217.120 - - [20/Apr/2013:02:50:04 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31"
91.132.202.107 - - [20/Apr/2013:02:52:43 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31"
222.152.147.239 - - [20/Apr/2013:03:02:27 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_2) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.65 Safari/537.31"
84.108.26.229 - - [20/Apr/2013:03:10:00 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 55 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/6.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; Creative AutoUpdate v1.40.01)"
84.108.26.229 - - [20/Apr/2013:03:13:37 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 113 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/6.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; Creative AutoUpdate v1.40.01)"
194.132.32.42 - - [20/Apr/2013:03:49:26 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
194.132.32.42 - - [20/Apr/2013:03:53:43 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
194.132.32.42 - - [20/Apr/2013:03:55:21 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
95.90.164.17 - - [20/Apr/2013:03:56:31 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:20.0) Gecko/20100101 Firefox/20.0"
193.93.13.100 - - [20/Apr/2013:03:56:32 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31"
194.132.32.42 - - [20/Apr/2013:03:57:03 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
178.33.169.46 - - [20/Apr/2013:03:58:45 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 64 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
178.33.169.46 - - [20/Apr/2013:03:58:54 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
178.33.169.46 - - [20/Apr/2013:03:59:54 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
178.33.169.46 - - [20/Apr/2013:04:00:48 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
77.105.19.168 - - [20/Apr/2013:04:01:03 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31"
178.33.169.46 - - [20/Apr/2013:04:02:11 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
178.33.169.46 - - [20/Apr/2013:04:03:25 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
178.33.169.46 - - [20/Apr/2013:04:04:41 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
178.33.169.46 - - [20/Apr/2013:04:05:50 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
178.33.169.46 - - [20/Apr/2013:04:07:10 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
178.33.169.46 - - [20/Apr/2013:04:08:24 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
31.172.30.4 - - [20/Apr/2013:04:09:58 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
31.172.30.4 - - [20/Apr/2013:04:10:59 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
31.172.30.4 - - [20/Apr/2013:04:12:16 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
31.172.30.4 - - [20/Apr/2013:04:14:24 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
31.172.30.4 - - [20/Apr/2013:04:16:59 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.221.165.229 - - [20/Apr/2013:04:19:11 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.221.165.229 - - [20/Apr/2013:04:21:05 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.221.165.229 - - [20/Apr/2013:04:22:00 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.221.165.229 - - [20/Apr/2013:04:22:46 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.221.165.229 - - [20/Apr/2013:04:23:31 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.221.165.229 - - [20/Apr/2013:04:24:27 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.221.165.229 - - [20/Apr/2013:04:25:11 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.221.165.229 - - [20/Apr/2013:04:25:52 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.221.165.229 - - [20/Apr/2013:04:27:04 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.221.165.229 - - [20/Apr/2013:04:27:52 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.221.165.229 - - [20/Apr/2013:04:28:42 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
77.109.139.26 - - [20/Apr/2013:04:29:29 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
77.109.139.26 - - [20/Apr/2013:04:29:58 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
77.109.139.26 - - [20/Apr/2013:04:30:50 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
77.109.139.26 - - [20/Apr/2013:04:34:22 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
77.109.139.26 - - [20/Apr/2013:04:35:16 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
77.109.139.26 - - [20/Apr/2013:04:36:07 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
77.109.139.26 - - [20/Apr/2013:04:37:45 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
77.109.139.26 - - [20/Apr/2013:04:38:44 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
95.211.60.34 - - [20/Apr/2013:04:39:42 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
95.211.60.34 - - [20/Apr/2013:04:41:10 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
95.211.60.34 - - [20/Apr/2013:04:42:27 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
95.211.60.34 - - [20/Apr/2013:04:43:38 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
95.211.60.34 - - [20/Apr/2013:04:44:26 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
95.211.60.34 - - [20/Apr/2013:04:45:38 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
50.131.134.155 - - [20/Apr/2013:04:46:28 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31"
95.211.60.34 - - [20/Apr/2013:04:46:50 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
95.211.60.34 - - [20/Apr/2013:04:47:36 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
95.211.60.34 - - [20/Apr/2013:04:48:43 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
88.198.75.70 - - [20/Apr/2013:04:49:50 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
88.198.75.70 - - [20/Apr/2013:04:51:38 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
88.198.75.70 - - [20/Apr/2013:04:57:28 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
88.198.75.70 - - [20/Apr/2013:04:58:24 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
176.53.69.121 - - [20/Apr/2013:05:02:24 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
176.53.69.121 - - [20/Apr/2013:05:03:35 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
176.53.69.121 - - [20/Apr/2013:05:04:39 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
176.53.69.121 - - [20/Apr/2013:05:05:42 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.130.227.133 - - [20/Apr/2013:05:13:23 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.130.227.133 - - [20/Apr/2013:05:16:02 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
58.107.103.65 - - [20/Apr/2013:05:16:50 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31"
37.130.227.133 - - [20/Apr/2013:05:16:53 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.130.227.133 - - [20/Apr/2013:05:17:40 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.130.227.133 - - [20/Apr/2013:05:18:31 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.130.227.133 - - [20/Apr/2013:05:19:38 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.130.227.133 - - [20/Apr/2013:05:20:50 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.130.227.133 - - [20/Apr/2013:05:21:42 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
185.7.180.197 - - [20/Apr/2013:05:37:47 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 113 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31"
95.25.223.235 - - [20/Apr/2013:05:38:11 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 113 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:21.0) Gecko/20100101 Firefox/21.0"
78.134.82.224 - - [20/Apr/2013:05:52:11 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.0) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31"
176.50.240.81 - - [20/Apr/2013:06:07:14 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 113 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:20.0) Gecko/20100101 Firefox/20.0"
37.57.35.32 - - [20/Apr/2013:00:08:26 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 113 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.142 Safari/535.19"
173.218.142.80 - - [20/Apr/2013:00:31:28 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31"
66.177.62.33 - - [20/Apr/2013:00:38:04 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/534.34 (KHTML, like Gecko) rekonq/1.1 Safari/534.34"
50.70.36.104 - - [20/Apr/2013:01:02:15 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31"
24.9.116.72 - - [20/Apr/2013:02:31:39 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31"
86.128.209.43 - - [20/Apr/2013:02:37:21 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31"
74.65.68.95 - - [20/Apr/2013:02:46:12 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:20.0) Gecko/20100101 Firefox/20.0"
94.255.217.120 - - [20/Apr/2013:02:50:04 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31"
91.132.202.107 - - [20/Apr/2013:02:52:43 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31"
222.152.147.239 - - [20/Apr/2013:03:02:27 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_2) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.65 Safari/537.31"
84.108.26.229 - - [20/Apr/2013:03:10:00 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 55 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/6.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; Creative AutoUpdate v1.40.01)"
84.108.26.229 - - [20/Apr/2013:03:13:37 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 113 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/6.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; Creative AutoUpdate v1.40.01)"
194.132.32.42 - - [20/Apr/2013:03:49:26 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
194.132.32.42 - - [20/Apr/2013:03:53:43 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
194.132.32.42 - - [20/Apr/2013:03:55:21 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
95.90.164.17 - - [20/Apr/2013:03:56:31 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:20.0) Gecko/20100101 Firefox/20.0"
193.93.13.100 - - [20/Apr/2013:03:56:32 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31"
194.132.32.42 - - [20/Apr/2013:03:57:03 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
178.33.169.46 - - [20/Apr/2013:03:58:45 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 64 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
178.33.169.46 - - [20/Apr/2013:03:58:54 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
178.33.169.46 - - [20/Apr/2013:03:59:54 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
178.33.169.46 - - [20/Apr/2013:04:00:48 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
77.105.19.168 - - [20/Apr/2013:04:01:03 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31"
178.33.169.46 - - [20/Apr/2013:04:02:11 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
178.33.169.46 - - [20/Apr/2013:04:03:25 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
178.33.169.46 - - [20/Apr/2013:04:04:41 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
178.33.169.46 - - [20/Apr/2013:04:05:50 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
178.33.169.46 - - [20/Apr/2013:04:07:10 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
178.33.169.46 - - [20/Apr/2013:04:08:24 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
31.172.30.4 - - [20/Apr/2013:04:09:58 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
31.172.30.4 - - [20/Apr/2013:04:10:59 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
31.172.30.4 - - [20/Apr/2013:04:12:16 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
31.172.30.4 - - [20/Apr/2013:04:14:24 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
31.172.30.4 - - [20/Apr/2013:04:16:59 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.221.165.229 - - [20/Apr/2013:04:19:11 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.221.165.229 - - [20/Apr/2013:04:21:05 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.221.165.229 - - [20/Apr/2013:04:22:00 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.221.165.229 - - [20/Apr/2013:04:22:46 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.221.165.229 - - [20/Apr/2013:04:23:31 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.221.165.229 - - [20/Apr/2013:04:24:27 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.221.165.229 - - [20/Apr/2013:04:25:11 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.221.165.229 - - [20/Apr/2013:04:25:52 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.221.165.229 - - [20/Apr/2013:04:27:04 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.221.165.229 - - [20/Apr/2013:04:27:52 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.221.165.229 - - [20/Apr/2013:04:28:42 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
77.109.139.26 - - [20/Apr/2013:04:29:29 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
77.109.139.26 - - [20/Apr/2013:04:29:58 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
77.109.139.26 - - [20/Apr/2013:04:30:50 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
77.109.139.26 - - [20/Apr/2013:04:34:22 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
77.109.139.26 - - [20/Apr/2013:04:35:16 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
77.109.139.26 - - [20/Apr/2013:04:36:07 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
77.109.139.26 - - [20/Apr/2013:04:37:45 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
77.109.139.26 - - [20/Apr/2013:04:38:44 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
95.211.60.34 - - [20/Apr/2013:04:39:42 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
95.211.60.34 - - [20/Apr/2013:04:41:10 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
95.211.60.34 - - [20/Apr/2013:04:42:27 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
95.211.60.34 - - [20/Apr/2013:04:43:38 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
95.211.60.34 - - [20/Apr/2013:04:44:26 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
95.211.60.34 - - [20/Apr/2013:04:45:38 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
50.131.134.155 - - [20/Apr/2013:04:46:28 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31"
95.211.60.34 - - [20/Apr/2013:04:46:50 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
95.211.60.34 - - [20/Apr/2013:04:47:36 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
95.211.60.34 - - [20/Apr/2013:04:48:43 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
88.198.75.70 - - [20/Apr/2013:04:49:50 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
88.198.75.70 - - [20/Apr/2013:04:51:38 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
88.198.75.70 - - [20/Apr/2013:04:57:28 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
88.198.75.70 - - [20/Apr/2013:04:58:24 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
176.53.69.121 - - [20/Apr/2013:05:02:24 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
176.53.69.121 - - [20/Apr/2013:05:03:35 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
176.53.69.121 - - [20/Apr/2013:05:04:39 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
176.53.69.121 - - [20/Apr/2013:05:05:42 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.130.227.133 - - [20/Apr/2013:05:13:23 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.130.227.133 - - [20/Apr/2013:05:16:02 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
58.107.103.65 - - [20/Apr/2013:05:16:50 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31"
37.130.227.133 - - [20/Apr/2013:05:16:53 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.130.227.133 - - [20/Apr/2013:05:17:40 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.130.227.133 - - [20/Apr/2013:05:18:31 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.130.227.133 - - [20/Apr/2013:05:19:38 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.130.227.133 - - [20/Apr/2013:05:20:50 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
37.130.227.133 - - [20/Apr/2013:05:21:42 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0"
185.7.180.197 - - [20/Apr/2013:05:37:47 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 113 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31"
95.25.223.235 - - [20/Apr/2013:05:38:11 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 113 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:21.0) Gecko/20100101 Firefox/21.0"
78.134.82.224 - - [20/Apr/2013:05:52:11 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 93 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.0) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31"
176.50.240.81 - - [20/Apr/2013:06:07:14 +0300] "POST /tweak?act=newwallet HTTP/1.1" 200 113 "http://ltcmine.ru/tweak?act=newwallet" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:20.0) Gecko/20100101 Firefox/20.0"
Most of them from this list uses firefox 17 as user-agent.
April 20, 2013, 08:42:36 AM
To all concerned - please check if you have used coinotron and if password was the same. I have a strong suspicion it might be vulnerable site
One from affected members asked me to sign below this. His credentials at coinotron.com are the same. But personally I don't think that coinotron is this "unknown vulnerable site".P.S. logs and code audit is almost finished, no potential vulnerabilities found yet. It seems that withdrawals will be enabled soon.
April 20, 2013, 08:38:14 AM
I hate it when such things happen ;( But kudos Balthazar for doing your best in times of DDos, failing exchanges and unstable times in general 
April 20, 2013, 07:50:23 AM
Post #285 updated with some additional info.
April 20, 2013, 07:22:08 AM
PAsswords are probabaly incrypted in his DB. so probably other hacked site that has same user/pass combinations or some kind of spoofing...
April 20, 2013, 06:48:21 AM
To all concerned - please check if you have used coinotron and if password was the same. I have a strong suspicion it might be vulnerable site
April 20, 2013, 06:35:28 AM
Hacker has made public confession.
According to this, _bender_@btc-e chat made passwords dump from unknown vulnerable site. He provided some proofs, i.e. login/password for btc-e account, which was used for stolen funds withdrawal.
Quote
_bender_: john8888, этo нe coвceм пyл был
...
_bender_: Balthazar, пapoли юзepoв взяты чepeз пpocтyю sql-inj в oднoм мecтe, влaдeльцы pecypca нe пpичeм
...
_bender_: Balthazar, пapoли юзepoв взяты чepeз пpocтyю sql-inj в oднoм мecтe, влaдeльцы pecypca нe пpичeм
According to this, _bender_@btc-e chat made passwords dump from unknown vulnerable site. He provided some proofs, i.e. login/password for btc-e account, which was used for stolen funds withdrawal.
Jump to: