Pages:
Author

Topic: [ANN][DFQ] DafuqCoin | NO Premine | NO IPO | ★Now Exchanged★ - page 2. (Read 26700 times)

newbie
Activity: 25
Merit: 0
Just to clarify https://pot.suremine.com has not been hacked, we spotted other pools that have been hacked.

Its a real shame pools have been affected by this hack, hopefully positives can be taken from these hackes and other pools will become more secure.
full member
Activity: 140
Merit: 100
pot.suremine.com
suremine 1 point 3 days ago Damn , just checked and it looks like they have been hacked! "Our servers and DNS registrar were compromised on Tuesday, April 22, 2014 01:57:49 UTC/GMT. Redirect your miners to another pool until further notice. If you are still mining on any of our stratums, STOP immediately and switch to another pool. The IP that has accessed our server, proceeded to withdraw coins from our pool wallets over a period of 12 hours: 193.138.222.26 IP Trace: http://www.ip-adress.com/ip_tracer/193.138.222.26 We have regained access to our DNS registrar and have pointed all pools to this page. The extent of the damage is significant. We are doing everything in our power to recover coins from each of the multiple pools we run. Additional details on this to follow. Know that we will cover as much of the loss of coins from all of our pools that we can, and we will be back online as soon as possible." http://www.reddit.com/r/potcoin/comments/23otk7/scryptominers_has_gone_dark_for_many_hours_any/
https://bitcointalksearch.org/topic/m.6334028 Re: [ANN][DFQ] DafuqCoin | NO Premine | NO IPO | ★Now Exchanged★ April 22, 2014, 06:58:38 AM
Be careful with this coin. This coin is a trojan coin.
193.138.222.9 is one of the exploiters address.
Now it's interesting as one of the devs sent me an msg asking to setup a pool which is clearly deceptive.
NO COIND REQUIRES ROOT TO RUN, NONE.
pcmerc~
sr. member
Activity: 261
Merit: 250
Still, nobody has been able to point to where the malicious code actually was. There is no "wget" in the source code. I'm not denying the existence of it, but how can we spot malware when it doesn't exist?
full member
Activity: 140
Merit: 100
DAFUQ COIN SPECIFICATIONS:
Here are the specifications for this quite unusual coin…

Algorithm : Scrypt PoW/PoD (Proof of Dafuq)<-----------
Block Time : 30 seconds
Difficulty Retarget : KGW
Max Coins : 100 Billion
Premine : No premine

I have no idea yet what proof of dafuq means but I am sure we will find out soon enough. Smiley

Dafuqcoin Hackers Strike Again

The operators of Dafuqcoin continue to wreak havoc across the crypto world.

Their first victim was scryptominers, an altcoin mining pool. Dafuqcoin's wallet contained malicious code, and once it was installed on Scryptominers' servers it opened the door to their other wallets, which Dafuqcoin proceeded to clean out.

Cryptokk, a peer-to-peer exchange, has been taken down now too, and coins were stolen. Right after the site's owner Dubiel installed Dafuqcoin, the attack started.

Cryptokk claims to have lost a small amount of funds, but it was enough to put Cryptokk on ice, perhaps permanently.

Whitecoin and Marinecoin mining pools have also been taken down.

The malicious code in Dafuqcoin's wallet has been discovered. You can view it in a post on the BitcoinTalk forum. The code essentially allows Dafuqcoin's team to take control of the server on which it's installed.

Follow Dubiel's advice and "just don’t install this".
http://thecoinfront.com/dafuqcoin-hackers-strike-again/
sr. member
Activity: 476
Merit: 250
I´ve got a picture! Haha!
I'm curious how the malware actually worked. I'm trying to find the meat of it in the source code, where is the stuff being passed in? There's none of that wget stuff in the actual source code itself, at least on github. I'm not saying its not there, but I want to just see how they did this so I know what to look at for new altcoins. Was it in the binary distributions only? I see the system call that lets you pass things into it, but where is the meat of it?

Explanation + code here:

http://altcoinherald.com/dafuqcoin-pushes-altcoin-bar-even-lower-first-trojan-coin-launch/

so this wallet passed virustotal scanning?  the windows compiled qt?

Nobody is doing this "unecessary" and "time consumpting" task novadays - miners are so greedy half-hearted whether they should still mine with tiny profit/loses or sell mining equipment, so nobody makes this easy tasks (don´t mention reading source code). Its their fault of course, but I can deeply understand that, since I turned off my rigs few days ago :/
hero member
Activity: 490
Merit: 500
You scamming faggot. Stole all of my WC. Burn in hell scammer!!!!!!!!!!  Angry Angry Angry Angry Angry Angry Angry Angry Angry Angry
sr. member
Activity: 294
Merit: 250
Can we get a slow clap started for OPs trust rating and the de facto validity of the btctalks "Trust" ratings in general?  Or the fact that the thread title or anything in the OP have not been changed to reflect the current nature of this coin?  How about for the people who are worried about losing their dafuq coins?  It is true that this forum operates on a different wavelength.

Bitcontalk Forum: Dafuq Did I Just Read?
sr. member
Activity: 261
Merit: 250
full member
Activity: 154
Merit: 100
Can we get a slow clap started for OPs trust rating and the de facto validity of the btctalks "Trust" ratings in general?  Or the fact that the thread title or anything in the OP have not been changed to reflect the current nature of this coin?  How about for the people who are worried about losing their dafuq coins?  It is true that this forum operates on a different wavelength.

This forum is truly special.
Where else could you find a group that is seemingly technical minded enough to get their miners running and pools hosted, but still blindly trust executables posted by newly created accounts?

With the amount of shitcoins launched every day, I'm surprised it took this long.
member
Activity: 67
Merit: 10
Can we get a slow clap started for OPs trust rating and the de facto validity of the btctalks "Trust" ratings in general?  Or the fact that the thread title or anything in the OP have not been changed to reflect the current nature of this coin?  How about for the people who are worried about losing their dafuq coins?  It is true that this forum operates on a different wavelength.
sr. member
Activity: 261
Merit: 250

Thank you, but that only links back to this thread, which doesn't tell which file the meat of the exploit is in. It is supposed to do a wget and install that trojan. The listed snippits for init.cpp, util.h and util.cpp are all there, but where that post says "the result" quotes code that is simply not in the source code.
legendary
Activity: 2100
Merit: 1167
MY RED TRUST LEFT BY SCUMBAGS - READ MY SIG
I'm curious how the malware actually worked. I'm trying to find the meat of it in the source code, where is the stuff being passed in? There's none of that wget stuff in the actual source code itself, at least on github. I'm not saying its not there, but I want to just see how they did this so I know what to look at for new altcoins. Was it in the binary distributions only? I see the system call that lets you pass things into it, but where is the meat of it?

Explanation + code here:

http://altcoinherald.com/dafuqcoin-pushes-altcoin-bar-even-lower-first-trojan-coin-launch/

so this wallet passed virustotal scanning?  the windows compiled qt?
sr. member
Activity: 476
Merit: 250
I´ve got a picture! Haha!
I'm curious how the malware actually worked. I'm trying to find the meat of it in the source code, where is the stuff being passed in? There's none of that wget stuff in the actual source code itself, at least on github. I'm not saying its not there, but I want to just see how they did this so I know what to look at for new altcoins. Was it in the binary distributions only? I see the system call that lets you pass things into it, but where is the meat of it?

Explanation + code here:

http://altcoinherald.com/dafuqcoin-pushes-altcoin-bar-even-lower-first-trojan-coin-launch/
sr. member
Activity: 261
Merit: 250
I'm curious how the malware actually worked. I'm trying to find the meat of it in the source code, where is the stuff being passed in? There's none of that wget stuff in the actual source code itself, at least on github. I'm not saying its not there, but I want to just see how they did this so I know what to look at for new altcoins. Was it in the binary distributions only? I see the system call that lets you pass things into it, but where is the meat of it?
full member
Activity: 154
Merit: 100
sr. member
Activity: 476
Merit: 250
I´ve got a picture! Haha!
This was indeed a disaster, but its good in long term - ppl will finally start to think before headlessly jumping into another shit coin.
member
Activity: 70
Merit: 10
dev, how fix that?

It's broke on windows. I am still trying to find out if the win-qt address are still valid with the network.
Theoretically you are fine, you don't even need a wallet and can do everything one by one and piece by piece using the blockchain only.
Unless dev did something foolish.
That error probably just means it can't find the network so if any coins have been sent, it's not reporting it, because it's unplugged/broke.
I didn't write the code so no clue.

Install linux on a box and move your wallet.dat across and put in ~/.dafuqcoin and launch "dafuqcoin-qt -rescan" This will import your windows wallet and all will be good.

You can even use live USB key of ubuntu.
I guess it was a good idea after all to not follow this sort of advice... (I could have lost all my dafuqcoin, and may-be some yacoin  Grin)


Yep. Tooo DAFUQn right there I lost 90000 useless coins.
full member
Activity: 238
Merit: 100
I feel sorry for all pool ops and linux miners that installed this coin. It was bound to happen one day. Pool ops compiling when it launches, other people running the wallets to get a head start and such.

So let this be a lesson, don't take every crap coin and make a pool for it during launch without seeing the code.

I think we ALL must agree on one main rule:
When a new coin launches, put the source up 5 hours or so before launch.
When it is launch time put up the seed nodes with the genesis block, cryptomethcoin did it (1 hour before or so) and put the seeds up at exactly the right time, worked excellent!

This gives us the time to expect the code and set up everything correctly, i think every self respecting coin should do it. If they don't then boycot.

This is why people need to be smart, use chroot or VMs.
sr. member
Activity: 266
Merit: 250
I want free lunch, i'm gonna go with this guy.
dev, how fix that?

It's broke on windows. I am still trying to find out if the win-qt address are still valid with the network.
Theoretically you are fine, you don't even need a wallet and can do everything one by one and piece by piece using the blockchain only.
Unless dev did something foolish.
That error probably just means it can't find the network so if any coins have been sent, it's not reporting it, because it's unplugged/broke.
I didn't write the code so no clue.

Install linux on a box and move your wallet.dat across and put in ~/.dafuqcoin and launch "dafuqcoin-qt -rescan" This will import your windows wallet and all will be good.

You can even use live USB key of ubuntu.
I guess it was a good idea after all to not follow this sort of advice... (I could have lost all my dafuqcoin, and may-be some yacoin  Grin)


wait...whut?
yeah, that would've been a shame...
hiding a trojan to steal his own scamshit back which was never meant to succeed.
I like your logic. Carry on & please don't hurt yourself.
 
legendary
Activity: 1400
Merit: 1050
dev, how fix that?

It's broke on windows. I am still trying to find out if the win-qt address are still valid with the network.
Theoretically you are fine, you don't even need a wallet and can do everything one by one and piece by piece using the blockchain only.
Unless dev did something foolish.
That error probably just means it can't find the network so if any coins have been sent, it's not reporting it, because it's unplugged/broke.
I didn't write the code so no clue.

Install linux on a box and move your wallet.dat across and put in ~/.dafuqcoin and launch "dafuqcoin-qt -rescan" This will import your windows wallet and all will be good.

You can even use live USB key of ubuntu.
I guess it was a good idea after all to not follow this sort of advice... (I could have lost all my dafuqcoin, and may-be some yacoin  Grin)
Pages:
Jump to: