Topic: [ANN][EXCHANGE] Poloniex - Crypto Exchange with BTC/NXT - page 129. (Read 272454 times)
I need to buy more coins and the trollbox!
All funds are safe. Poloniex does use cold wallets.
What happened was an attacker used social engineering to gain root access to a wallet server. This was made possible by absolutely jaw-dropping negligence on the part of the hosting provider. Fortunately, I caught the attempt in time and was able to shut down the server before anything was taken. All BTC has been moved into cold storage, and then next step is to set up a new server with a different provider.
Please stop sending BTC to your old BTC deposit addresses. The funds will not be lost, but all new addresses must be generated, as I must assume the old wallet is compromised. It is very unlikely that it was, but "unlikely" is not good enough.
I appreciate everyone's patience while I take proper security measures before bringing the exchange back online.
What happened was an attacker used social engineering to gain root access to a wallet server. This was made possible by absolutely jaw-dropping negligence on the part of the hosting provider. Fortunately, I caught the attempt in time and was able to shut down the server before anything was taken. All BTC has been moved into cold storage, and then next step is to set up a new server with a different provider.
Please stop sending BTC to your old BTC deposit addresses. The funds will not be lost, but all new addresses must be generated, as I must assume the old wallet is compromised. It is very unlikely that it was, but "unlikely" is not good enough.
I appreciate everyone's patience while I take proper security measures before bringing the exchange back online.
Thanks For clarification because of the honesty you have ...Many trust you and a few will attempt to attack good luck ...we will wait .
poloniex doesnt work for me most of the time recently. am i alone?
Yep, it's just you. It works for everyone else.
poloniex doesnt work for me most of the time recently. am i alone?
Yeah, its an awesome exchange but nobody can run something so big alone man. You need to get a crew on board, a security specialist. Don't let your pride ruin the magic you have created! 
Ok. How do you access your servers? Console access? That's not locked down via ip then either? So I can login from anwhere in the world?
Yes, you can't stop bad system admins from making mistakes but you CAN also limit damage in other ways. In this case maybe not, but without locking things down to known good IPs, you are missing a very basic security feature that can give a huge increase over not doing it.
So please, "Stop spreading garbage" as this was a basic query for information on how it could happen if network level firewall rules are in place, which they should be.
Yes, you can't stop bad system admins from making mistakes but you CAN also limit damage in other ways. In this case maybe not, but without locking things down to known good IPs, you are missing a very basic security feature that can give a huge increase over not doing it.
So please, "Stop spreading garbage" as this was a basic query for information on how it could happen if network level firewall rules are in place, which they should be.
I VPN with both certificates & passwords, in some cases also with RSA. Never locked down to IP, so yes from anywhere in the world.
The culprit was able to fool an incompetent sys admin into allowing him access. Probably via console, yes, or by tearing down the firewall, changing the passphrase, etc. At this point we don't know if it was a dedicated or VPS.
Garbage might have been the wrong word. Please, stop fear mongering.
I was going to stay quiet in this, however seeing that you are trying to censor people who have legitimate concerns, and I happen to have a few BTC worth of coins on your exchange, I think its time to say something.
#1. its not "fear mongering" if he is speaking the truth, he is just asking questions/making statements that YOU dont like, therefor its "FUD"
#2. You are too easily passing the blame on to the Sys admin, your site has already been hacked once and lost money that you then ILLEGALY created debt instruments to get back the money that your incompetence lost in the first place.
#3. Chiz is the guy that I talk to when I have a question about security for any of my sites, so if i were you I would be asking him for help or to tell you how he might fix an issue like this so it never happens again, not just calling him a "fear mongerer".
TLDR, dont be a douchebag and listen when people ask you questions. You haven't learned from the last hack, so start learning now or shut down your exchange.
this sucks ass, no friday night trade action 
so sick!!!
im sure they want to hack XBC! wc and some others coins were frozen since 2 days too.
fucking hackers! go to hell!
im sure they want to hack XBC! wc and some others coins were frozen since 2 days too.
fucking hackers! go to hell!
Ok. How do you access your servers? Console access? That's not locked down via ip then either? So I can login from anwhere in the world?
Yes, you can't stop bad system admins from making mistakes but you CAN also limit damage in other ways. In this case maybe not, but without locking things down to known good IPs, you are missing a very basic security feature that can give a huge increase over not doing it.
So please, "Stop spreading garbage" as this was a basic query for information on how it could happen if network level firewall rules are in place, which they should be.
Yes, you can't stop bad system admins from making mistakes but you CAN also limit damage in other ways. In this case maybe not, but without locking things down to known good IPs, you are missing a very basic security feature that can give a huge increase over not doing it.
So please, "Stop spreading garbage" as this was a basic query for information on how it could happen if network level firewall rules are in place, which they should be.
I VPN with both certificates & passwords, in some cases also with RSA. Never locked down to IP, so yes from anywhere in the world.
The culprit was able to fool an incompetent sys admin into allowing him access. Probably via console, yes, or by tearing down the firewall, changing the passphrase, etc. At this point we don't know if it was a dedicated or VPS.
Garbage might have been the wrong word. Please, stop fear mongering.
Anyways, sounds like maybe the box was brought up on a separate network without the firewall rules or maybe the user was given access to the entire account and not just a single box.
In the end all that matters is our coins our safe.
But please do the above mentioned questions etc for account recovery and lock down all access to your accounts via associated IPs as well.
The bad guys will always find a way but its our job to make them work harder.
In the end all that matters is our coins our safe.
But please do the above mentioned questions etc for account recovery and lock down all access to your accounts via associated IPs as well.
The bad guys will always find a way but its our job to make them work harder.
Can't...live...without...polo & trollboxxxx
when do you expect to be back online?
Is the trollbox really just an irc chan we can join? I need my fix and I'm pretty sure I'm not alone.
Screw it.. I made my own... #polotrollbox
Nevermind... everyone seems to be gathering here: #poloniextraders
Screw it.. I made my own... #polotrollbox
Nevermind... everyone seems to be gathering here: #poloniextraders
mugwampbro, I hear you, I really do. I haven't been able to duplicate the log-out issue, and I will change the Captcha. But I need to get the site running again first.
Let me ask you guys this -- is there any defense against incompetent systems administrators? They decided this guy was me. Are they going to say "sorry, you're locked out forever"?
Let me ask you guys this -- is there any defense against incompetent systems administrators? They decided this guy was me. Are they going to say "sorry, you're locked out forever"?
Thank you..I figured you cared cause you did at least ask all the trollers. I don't think it is a firefox issue, because it doesn't happen to me on MP , c-cex or Bittrex.
Setup a protocol with your new host so that every time you want to enter recovery mode or anything of that nature - they MUST call you
at the phone number you provided upon signup. And that phone number cannot ever be changed unless you provide payment details and the like.
And if that phone number is changed they must call the old one to make sure you changed it.
That would solve it. Well... it would if it was followed 100% of the time.
The only other solution would be on-site servers in your own offices or a locked cage at the datacenter. Where there is a physical
restriction to the servers. Which is obviously far more expensive.
at the phone number you provided upon signup. And that phone number cannot ever be changed unless you provide payment details and the like.
And if that phone number is changed they must call the old one to make sure you changed it.
That would solve it. Well... it would if it was followed 100% of the time.
The only other solution would be on-site servers in your own offices or a locked cage at the datacenter. Where there is a physical
restriction to the servers. Which is obviously far more expensive.
Nobody else is concerned that this person was able to ssh to the server without firewall rules blocking him?
Sounds like the only reason anyone even knew what was going on was due to the entire server being down and a bunch of wallets being offline.
Sounds like the only reason anyone even knew what was going on was due to the entire server being down and a bunch of wallets being offline.
Who said anyone was able to SSH into the server without firewall rules blocking him? Stop spreading garbage.
What happened was an attacker used social engineering to gain root access to a wallet server. This was made possible by absolutely jaw-dropping negligence on the part of the hosting provider.
Ok. How do you access your servers? Console access? That's not locked down via ip then either? So I can login from anwhere in the world?
Yes, you can't stop bad system admins from making mistakes but you CAN also limit damage in other ways. In this case maybe not, but without locking things down to known good IPs, you are missing a very basic security feature that can give a huge increase over not doing it.
So please, "Stop spreading garbage" as this was a basic query for information on how it could happen if network level firewall rules are in place, which they should be.
Nobody else is concerned that this person was able to ssh to the server without firewall rules blocking him?
Sounds like the only reason anyone even knew what was going on was due to the entire server being down and a bunch of wallets being offline.
Sounds like the only reason anyone even knew what was going on was due to the entire server being down and a bunch of wallets being offline.
Who said anyone was able to SSH into the server without firewall rules blocking him? Stop spreading garbage.
What happened was an attacker used social engineering to gain root access to a wallet server. This was made possible by absolutely jaw-dropping negligence on the part of the hosting provider.
mugwampbro, I hear you, I really do. I haven't been able to duplicate the log-out issue, and I will change the Captcha. But I need to get the site running again first.
Let me ask you guys this -- is there any defense against incompetent systems administrators? They decided this guy was me. Are they going to say "sorry, you're locked out forever"?
Let me ask you guys this -- is there any defense against incompetent systems administrators? They decided this guy was me. Are they going to say "sorry, you're locked out forever"?
Nobody else is concerned that this person was able to ssh to the server without firewall rules blocking him?
Sounds like the only reason anyone even knew what was going on was due to the entire server being down and a bunch of wallets being offline.
Sounds like the only reason anyone even knew what was going on was due to the entire server being down and a bunch of wallets being offline.
Unfortunately Busoni will probably not be able to give the exact details except that he "caught" it and it never went down
as the attacker hoped. You cannot show all your cards as of course hackers read all this that we write.
Usually in a security situation the site owner cannot say anything at all.
Way to skirt the question. The explanation given does not make any sense if they are really using proper firewall rules for server access. All I can read from this as a security expert is that the SSH port of the wallet server has been open to the entire world this whole time.
good answer
constantly having to sign in if you leave the page for a minute or two. Oh and that sign in Craptcha
Odd, never usually get logged out. Captcha takes about 5s
it would be ok if they at least gave you the option "keep me logged in for____ mins.
make a suggestion to one of the mods in trollbox or email it busoni is always open to new ideas
Tried that already..couple guys commented about their hate for the captcha. Busoni was on and asked everyone about the log off problem but no was interested in answering...coins to talk about, yah know..then busoni went back to trolling, so i said fuck it
support said: we've never had anyone complain about a log-off problem. So I suggested they put up a poll for.... log off/ captcha problem, and never heard back.
Jump to: