Topic: [ANN][MOON] Mooncoin: You know where it's headed! KGW exploit FIXED 4/3/2014 - page 58. (Read 1106913 times)

Total used addresses:    636484
Total funded addresses:    44405
Total empty addresses:    592079


happy holidays! Buona pasqua 

Total used addresses:    636074
Total funded addresses:    44391
Total empty addresses:    591683

Dragon Knight, which offers MoonCoin as a withdrawal option, is doing pretty well with over 200 players joining in a short period of time since launch. Drop on in and earn cryptos just for playing!

Total used addresses:    635518
Total funded addresses:    44335
Total empty addresses:    591183

Cryptoine exchange Update ...

We apologize everyone, and thank you all for your understanding.

Attacker acted in hours from 3:15 to 10:00 UTC.

Cryptoine database is reversed to 2015-03-24 03:08 UTC and frozen.

In response to many questions...

There was no break-in to the system
There was no leak of data
Wallet private keys are safe and not compromised
The attacker was not able to execute any external code
The bug has been located and fixed. However, the losses are irreversible. We plan to complete the activity of exchange.

We will enable withdrawals in April 2015.

It's sad to say goodbye to all crypto-community. We need to take a few months break. But we will back stronger and more experienced than ever before.

Total used addresses:    634722
Total funded addresses:    44315
Total empty addresses:    590407

Total used addresses:    634483
Total funded addresses:    44232
Total empty addresses:    590251

Swisscex no hacked but i suppose they have lost on CHF/eur after SNb decision ....

Are you sure, Swisscex was hacked, too? They close their doors, yes, but because of a hack?

Within a month, unfortunately, due to hacker attacks, we lost three exchanges Cryptoine Allcrypt and Swisscex..
moon listed on cryptsy and on bleutrade 

https://bleutrade.com/exchange/MOON/LTC

I've got some MOON. Can it be exchanged somewhere ?

@GigaBitcoin: "I expect Bitcoin will never become a dominant payment system. I expect it will, at most, account ... http://t.co/Ifxml7lQBR via @Reddit

"
[–]squarepush3r 0 punti 4 hours ago
moon?
permalinkriferimento
[–]GroundhogExpert 1 punto an hour ago
You cannot be serious."   
 

@CoinTelegraph: The Future of Bitcoin, Litecoin & Dogecoin (Op-Ed) http://t.co/DOGT85pKzx #Bitcoin #Litecoin http://t.co/vAnLfWjxp8

That won't help if the cryptologic basis as such is insecure, i.e.: private keys are recoverable with a method we don't know by now, but only a hacker, for example. Again, think of poor randomness.
Regarding multisig: for now that method seems to be safe. But who knows exactly? What if both signatures/keys were created on the same system? With poor randomness or other failure? Then it might even be easier to compromise such a wallet or the private keys, because the signature of the poor randomness is in both keys, which might make it less complicated for a hacker to decrypt them than decrypting a single one, only because of similarities in the keys.

Again: all hypothetical, but ... see above.


What if Cryptsy closes its doors because of a hack? Then the coins there are also gone, even if secured with 2FA and all other means. The question then is only, are they financially strong enough to recover the losses of their users/customers, AND: are they willing to?


Regarding the current Mooncoin-wallet, Titan reported the Mooncoin-wallet to be safe, after his investigations, at least the source-code --> https://github.com/realmooncoin/mooncoin. Btw: this is still the old one, created by deaconboogie. It is still the latest.

As far as I know, peme hasn't found anything either so far, aside from an old OpenSSL-version with the heartbleed-bug being used to compile the binary-wallets. But as I understood it, it is not critical for the normal use of the wallet.

According to both, it is difficult to check a Windows- or Mac-binary, so I hope they are still working on that, to get more information. If any expert for this passes by and reads this, please could you also check the Mooncoin-binaries, in order to help the community?

I hope that peme stops by soon, to inform us about the current situation.


Edit:
Btw: Have you read the latest information on Cryptoine.com on how they will return the remaining coins? https://cryptoine.com

Remember.... The safest place as the legendary creator deacomboogie said is the paperwallet  https://t.co/eupTd7TaRD http://t.co/wY11uBMxNJ #altcoin

@528Crypto: Multisignature + Brain Wallet = Ultimate in Easy Security http://t.co/fN5TzvVaic

Multisig is the solution..no wallets multisig have been stolen!

all my billion coins in wallet windows qt, paper extra randomless wallets and on cryptsy locked (12hour) i think are safe...

in the wallet that we currently use, just keep the coins that we are willing to lose 

In the Dark Moon is very Important...but here need more development for progress.....  

At least that's a long story, and it sounds not impossible. The most important statement in that text is this:


That's what I say, too. Just think of all the hacks of BTC-exchanges in the not so far past (e.g. BTC-e). We don't have detailed information about all those, like we have here. And even if, for many it is simply an inside-job and they are done with it and move on.

But: may BTC and all its derivates be insecure somehow, but no one really wants to talk about this eventuality, even if it is only because they can't imagine this? Or because they all are too much involved and/or invested into cryptocurrency, so that it simply "must" be ignored, in order to avoid high personal losses? Can SHA256- and scrypt-encrypted private keys (and others like X11 etc.) easily be decrypted by someone who REALLY knows? What about governmental forces/resources (see: time and ingenuity above; add money to that equation) that are being utilized to protect conventional currencies? Sounds unbelievable, but many things sound unbelievable - until they happen or become true. All hypothetical, true, but never say never.

Hackers have always found a way to breach even the most secure systems. And someone who has the knowledge to break the security of cryptos (only think of possible poor randomness-problems when creating a private key) would be a very rich man or woman, so why would he/she share how to do that (if not a white hat)? He could steal thousands of BTC (or LTC, DOGE etc.) only by grabbing some here and a few days or weeks later some there, all without really scaring the cryptoworld too much. The personal losses of the single individuals (and exchanges, too) would be pitied and bemoaned, but life moves on and some weeks later it is already forgotten - only the victims are left with their loss and the exchanges want to carry on with their business (if even possible after a theft), so don't want to talk about that further anyway.

Back to Allcrypt:
They have not mentioned the possibility of a man-in-the-middle-attack. Maybe someone at the email-provider had prying eyes? Maybe he connected in an internet-café via his laptop/cellphone and even if using SSL/TLS, there was a redirection via an unsafe proxy or such and the one running the hotspot or someone else in the chain was grabbing information ...? Maybe someone at the hoster where Allcrypt.com had all its infrastructure was not reliable? All possible.