Pages:
Author

Topic: [ANN][Pool][Profit-Switch][Optional Auto-Exchange per Coin][Vardiff] ~ Hashcows - page 95. (Read 347337 times)

sr. member
Activity: 350
Merit: 250
yeah i didnt know because i have the coin balances page favorated and its only on the homepage
hero member
Activity: 798
Merit: 1000
This thread is starting to sound like this:

1. The color is red.
2. Official Admin Post - Yeah the color is red. We're looking into it after Xmas.
3. Hey, did anyone know the color is red?
4. Just wanted to check here, did anyone notice the color is red.
5. I hate that the color is red.
6. Does anyone know what color it is?
7. *Bangs Head on table* - don't you all read, the color is red dammit!!!
8. Hey, I read every post and couldn't find the answer... Is the color red?
...snip...
10003029. Read my blog post: " the color red vs the color blue, a retrospective"
10003030. You know what, I think... Yes.. It seems the color is red.
10003031. Can someone tell me if the color is red or not?
hero member
Activity: 821
Merit: 503
Well just an FYI i am still loged in on my Ipad (not on computer) and can check my account balances/etc and shocker they didn't mess with my account address or payout , but i always have payout set at .001.. and i don't mine here anymore.. guess that helped a bit too Tongue

But i do hope you guys come back up.. competition is always a good thing.


Icon

sr. member
Activity: 259
Merit: 250
My guess is SQL injection via unsanitized inputs... I'd imagine if you can get unfettered access to the database that's all you need to accomplish what they did.
hero member
Activity: 798
Merit: 1000
is anyones manual payouts working? it says it ques them and they just never send.

Um.... Seriously?   There have been pages upon pages upon pages saying the site is on lockdown due to the hack and stolen balances... There's a big message on the Hashcow's site as well.  I think you need to do some reading.


Maybe this will stem the tide of people asking the same questions again and again without taking the time to read even one post before they post.  But I doubt it....

sr. member
Activity: 350
Merit: 250
is anyones manual payouts working? it says it ques them and they just never send.
legendary
Activity: 1414
Merit: 1000
There should be a nice red bolded announcement on website saying that login is temporarily disabled, so we can get rid of this users spamming forum with "omg, I can´t login".

I thinks it's a lot less "Omg I can't log in" vs "Omg why can't I have access to my account to even see what happened".  That is truly annoying since some of you obviously still can.  I hope the admins fix this soon now that X -mas is over, because I know if there was a major breach like this at my own business X - mas wouldn't matter, my clients finances are very important so I would have spent Xmas at the office fixing this as a business I can't spend even a day down losing my clients trust.

The only way I would disagree with this is if the admins were doing this as a hobby that doesn't pay much. If this is their business and main source of income, the way they have responded thus far makes me wonder if this was an inside job.
Instead of "we'll get around to it in the next few days" they should have already answered questions of whether miners should continue mining, whether they will eat the loss since it was someone's fault and it sure as hell wasn't the miners, and wth is going on with passwords and addresses.
newbie
Activity: 26
Merit: 0
I've got 14 CPU cores hashing away in their spare time...  Not going to cry over a lost $8. Smiley

But if the servers are actually rooted, how can we guarantee that the site is truly 'locked down'?  Depending on how much access they have, can't they just take it out of read-only mode and drain more accounts?
sr. member
Activity: 422
Merit: 250
Question for the devs:

Are you guys aware that you have had session issues this entire time? Just wondering. I get logged out but still see a live hash rate.

Yip! The same for me!

Yea I've always wondered about this. Assuming it wasn't an inside job, it could have been the entry for the exploit.
full member
Activity: 205
Merit: 100
Question for the devs:

Are you guys aware that you have had session issues this entire time? Just wondering. I get logged out but still see a live hash rate.

Yip! The same for me!
full member
Activity: 201
Merit: 100
There should be a nice red bolded announcement on website saying that login is temporarily disabled, so we can get rid of this users spamming forum with "omg, I can´t login".

I thinks it's a lot less "Omg I can't log in" vs "Omg why can't I have access to my account to even see what happened".  That is truly annoying since some of you obviously still can.  I hope the admins fix this soon now that X -mas is over, because I know if there was a major breach like this at my own business X - mas wouldn't matter, my clients finances are very important so I would have spent Xmas at the office fixing this as a business I can't spend even a day down losing my clients trust.
full member
Activity: 201
Merit: 100
Am I the only one that wants to login and see if I have any coins left, but gets:

Account match found.

Followed by:

Database Failure - Unable to change password

It seems that the new random password gets sent to my email, but it doesn't change it in the database, therefore I cant use my old password and I cant set the new password to login and see if any coins are left.

Wondering if I should continue mining, not knowing what is happening in my account as far as earnings :/

That's kind if where I'm at.  I have and want to continue mining here through these issues as nearmiss has been a great guy but I can't even log in to see "if" I lost something.  I never leave much BTC here for just this kind of incident but being locked out is kind of annoying since I can't even see if my headless miners are still mining correctly.
sr. member
Activity: 476
Merit: 250
I´ve got a picture! Haha!
There should be a nice red bolded announcement on website saying that login is temporarily disabled, so we can get rid of this users spamming forum with "omg, I can´t login".
member
Activity: 224
Merit: 10
Question for the devs:

Are you guys aware that you have had session issues this entire time? Just wondering. I get logged out but still see a live hash rate.
member
Activity: 224
Merit: 10
Am I the only one that wants to login and see if I have any coins left, but gets:

Account match found.

Followed by:

Database Failure - Unable to change password

It seems that the new random password gets sent to my email, but it doesn't change it in the database, therefore I cant use my old password and I cant set the new password to login and see if any coins are left.

Wondering if I should continue mining, not knowing what is happening in my account as far as earnings :/

Do you guys even read?
hero member
Activity: 532
Merit: 500
Are you like these guys?
I have a similar situation to some others in the Hashcows community, that is, I was logged in when the hack occurred, so I can now still see the various pages on the site and I can see quite clearly that the hacker has managed to change my bitcoin address and has managed to withdraw the total balance in my account.

I'm happy to keep mining and support the pool as the admin guys work through this difficult situation.

Good luck with the fix and please make sure to take your time, enjoy the Christmas holidays, take time with your families and don't worry, it will all be fine in the next couple of weeks.

Smiley



newbie
Activity: 3
Merit: 0
Am I the only one that wants to login and see if I have any coins left, but gets:

Account match found.

Followed by:

Database Failure - Unable to change password

It seems that the new random password gets sent to my email, but it doesn't change it in the database, therefore I cant use my old password and I cant set the new password to login and see if any coins are left.

Wondering if I should continue mining, not knowing what is happening in my account as far as earnings :/
sr. member
Activity: 462
Merit: 250
Lux e tenebris
BTC 101 Trust no one, assume nothing
BTC 102 You are responsible for your financial affairs
full member
Activity: 181
Merit: 100
Report from the Mineshaft - The Cost Of Success (Middlecoin and Hashcows)
http://www.devtome.com/doku.php?id=report_from_the_mineshaft-the_cost_of_success

Let me get this straight. According to this opinion piece, ANY balance above a daily payout treshold (whatever that might be) is "fair game" to hackers and we have no right to complain about it being stolen or demand reimbursement?

Well I don't agree. Hypotethically, you could have been mining on Cows for just one day (e.g. the 23rd of December) and just before your automatic daily payout occurs on the 24th, the site is hacked and you lose everything. Hypothetically. Are you still not allowed to complain? How could you have prevented any of this? Manual payouts every hour? WTF do you draw the line??

Well, loosing one day of mining is not so big deal at all, unless You have 1THS

The whole point is that to say anything like that is quite arbitrary and no one's business really. In principle, even losing 0.001BTC to the hack is not the miner's fault, so why should I not demand a compensation?
sr. member
Activity: 476
Merit: 250
I´ve got a picture! Haha!
Report from the Mineshaft - The Cost Of Success (Middlecoin and Hashcows)
http://www.devtome.com/doku.php?id=report_from_the_mineshaft-the_cost_of_success

Let me get this straight. According to this opinion piece, ANY balance above a daily payout treshold (whatever that might be) is "fair game" to hackers and we have no right to complain about it being stolen or demand reimbursement?

Well I don't agree. Hypotethically, you could have been mining on Cows for just one day (e.g. the 23rd of December) and just before your automatic daily payout occurs on the 24th, the site is hacked and you lose everything. Hypothetically. Are you still not allowed to complain? How could you have prevented any of this? Manual payouts every hour? WTF do you draw the line??

Well, loosing one day of mining is not so big deal at all, unless You have 1THS
Pages:
Jump to: