These accounts weren't "phished" they were taken from a database dump which required SQL injection, CGI script vulnerabilities, or server vulnerabilities.
Best case scenario they used an API as a transaction gateway and immediately changed the API key before it was used on the wallet addresses stored with those user details else(full-wallet via CGI on same server) private keys are likely in attackers hands and all the currency has to be ported to a new key; which they also probably don't know how to do.
This is why I laugh every time I see these venture capital type guys in the crypto coin community making new crypto coins and services typically using the cheapest dev talent they can find.. It's the same with all types of services -especially betting and tumblers and TOR markets-. Habib from India has your security covered yall XD
Topic: BetcoinCasino.com-Betcoin.ag-DICE - 100% Bonus!480 BTC jackpots - page 7. (Read 52702 times)
January 15, 2016, 11:25:33 AM
January 15, 2016, 02:44:08 AM
What happened?
How did 'they' get everyone's account name and email address?
Were funds stolen?
I was wondering about it as well .....to be more precise I was wondering if some of my accounts details were stolen as my funds remained untouched tbh
January 14, 2016, 10:31:29 PM
Increased Email Security With Email Verification Code at Betcoin.ag
In order to increase our player security and prevent against phishing attempts and unauthorized messages going to players we have instituted an Email verification system.
In order to increase our player security and prevent against phishing attempts and unauthorized messages going to players we have instituted an Email verification system.
Dooglus has very good questions.
Quote from: Dooglus
Also, what happened? How did 'they' get everyone's account name and email address? Were funds stolen?
Should I include these questions in the the official "Scummy things that Betcoin.ag has done" list under "Serious Questions they've chosen to ignore "
I'll ask one more time, just to be fair.
What happened?
How did 'they' get everyone's account name and email address?
Were funds stolen?
January 14, 2016, 09:41:05 PM
Sounds like a great way to combat the ever increasing phishing scams in the BTC world.
January 14, 2016, 07:44:58 PM
Increased Email Security With Email Verification Code at Betcoin.ag
In order to increase our player security and prevent against phishing attempts and unauthorized messages going to players we have instituted an Email verification system.
https://www.betcoin.ag/increased-email-security-email-verification-code-betcoinag
To ensure that emails received to your email address are sent from Betcoin.ag and not an impersonator we include an email security code with every email that is sent to you. This security code is unique to your account. You can verify the authenticity of any email from us by pasting the security code in the following textarea here:
https://www.betcoin.ag/mail_security_verify
or clicking the verify button directly from your email. If your email does not have a security code or it is unable to be verified here DO NOT PROCEED FURTHER WITH THE EMAIL. Please contact us if you have any questions.
At the bottom of each email you will have the following unique verification code:
You must be logged into Betcoin.ag to verify the email and clicking the link will take you to the email verification page. The message give will be the code matches and the email is legitimate if the email was sent out from Betcoin.ag
We remind you that Betcoin.ag will never ask for your password or ask you to download any link direct from an email at anytime nor ask you to login to a page that isn't directly at www.betcoin.ag. As we continue to increase in size, unscrupulous people will try to game, scam, steal and do whatever they can, but we remain committed to providing you exceptional service and security and we are here for you anytime.
In order to increase our player security and prevent against phishing attempts and unauthorized messages going to players we have instituted an Email verification system.
https://www.betcoin.ag/increased-email-security-email-verification-code-betcoinag
To ensure that emails received to your email address are sent from Betcoin.ag and not an impersonator we include an email security code with every email that is sent to you. This security code is unique to your account. You can verify the authenticity of any email from us by pasting the security code in the following textarea here:
https://www.betcoin.ag/mail_security_verify
or clicking the verify button directly from your email. If your email does not have a security code or it is unable to be verified here DO NOT PROCEED FURTHER WITH THE EMAIL. Please contact us if you have any questions.
At the bottom of each email you will have the following unique verification code:
You must be logged into Betcoin.ag to verify the email and clicking the link will take you to the email verification page. The message give will be the code matches and the email is legitimate if the email was sent out from Betcoin.ag
We remind you that Betcoin.ag will never ask for your password or ask you to download any link direct from an email at anytime nor ask you to login to a page that isn't directly at www.betcoin.ag. As we continue to increase in size, unscrupulous people will try to game, scam, steal and do whatever they can, but we remain committed to providing you exceptional service and security and we are here for you anytime.
January 14, 2016, 07:03:05 PM
Russian hackers dumped their database tables..
Irony: I developed and own a casino too and mentioned here weeks ago how I get Russians trying to hack my back-end all the time. They do it with big-name fiat online casinos too. It's almost always China, Western Europe, or Russians.
Mine is binary socket servers and SQL Lite behind layers of network filters..
Irony: I developed and own a casino too and mentioned here weeks ago how I get Russians trying to hack my back-end all the time. They do it with big-name fiat online casinos too. It's almost always China, Western Europe, or Russians.
Mine is binary socket servers and SQL Lite behind layers of network filters..
January 14, 2016, 02:47:50 PM
I try play the best casino voted!
January 14, 2016, 02:40:47 PM
Today I received mail saying:
kpitti,
We are fixing the cases of unauthorized access to user accounts Betcoin and funds theft.
If you want to protect your account, you need to change password of your Betcoin account and make client update ....
There is a link attached to some url which smell fishy.
Are you Betcoin sending such message?
kpitti,
We are fixing the cases of unauthorized access to user accounts Betcoin and funds theft.
If you want to protect your account, you need to change password of your Betcoin account and make client update ....
There is a link attached to some url which smell fishy.
Are you Betcoin sending such message?
Can someone from Betcoin comment and explain what happen?
Was site hacked? As we seen that our email and userid were compromised.
What was/will be done to improve Betcoin?
I was't playing there for a long time. I did not lost any btc there. I did not open any link or attachment from mail I received. There is any harm of myself.
January 14, 2016, 01:54:21 PM
I'm a day late to this, but I received the same:
The link goes to hxxp://141.105.69.206/dn/?e=V2tjNWRsb3llREZqTUVKdVlsZEdjR0pETldwaU1qQTk=
It's a Russian IP address:
I wonder why there are no official warnings from the site on this thread.
Also, what happened? How did 'they' get everyone's account name and email address? Were funds stolen?
The link goes to hxxp://141.105.69.206/dn/?e=V2tjNWRsb3llREZqTUVKdVlsZEdjR0pETldwaU1qQTk=
It's a Russian IP address:
Due to recent phishing emails which look nearly identical to authentic support emails please visit this page for more info and stay safe:
https://www.betcoin.ag/increased-email-security-email-verification-code-betcoinag
https://www.betcoin.ag/phishing-attempt-warning-do-not-open-link-e-mail
https://www.betcoin.ag/increased-email-security-email-verification-code-betcoinag
https://www.betcoin.ag/phishing-attempt-warning-do-not-open-link-e-mail
I wonder why there are no official warnings from the site on this thread.
Also, what happened? How did 'they' get everyone's account name and email address? Were funds stolen?
January 14, 2016, 08:02:54 AM
Today I received mail saying:
kpitti,
We are fixing the cases of unauthorized access to user accounts Betcoin and funds theft.
If you want to protect your account, you need to change password of your Betcoin account and make client update ....
There is a link attached to some url which smell fishy.
Are you Betcoin sending such message?
kpitti,
We are fixing the cases of unauthorized access to user accounts Betcoin and funds theft.
If you want to protect your account, you need to change password of your Betcoin account and make client update ....
There is a link attached to some url which smell fishy.
Are you Betcoin sending such message?
I also got this email 2 times yesterday (19, 22 hours ago)
So I agree we can say that betcoin has been hacked.
But i stopped playing at betcoin more than 3-5 months. (Aftert betcoin became a pinnacle clone with lower margin. )
January 13, 2016, 03:51:18 PM
What is in the zip the emails have, that again are coming from the official server with data in them only in the internal database:
"Theft Stead Psos Personal 50"
"RasterVect Software Copyright 2006"
"8.5.4.3"
"PasifikaRecalculate"
FILE:betcoinpoker_com.exe
SIZE:528,384 bytes
CRC32:BFBB2B80
MD5:5B6CD128C1DFBEF6F872CB12B337BB22
ANALYSIS:
https://anubis.iseclab.org/?action=result&task_id=117f2e096ffb38a54a9fcb9332b9791e0
https://www.virustotal.com/en/file/141f1ce1c714efa94f738529ce9a6f56544ac4904864d72bfa8b62b90c662b0a/analysis/
It does nothing under VM and sandbox so it's likely malware. I'm not going to reverse engineer the binary to show it's malware.
"Theft Stead Psos Personal 50"
"RasterVect Software Copyright 2006"
"8.5.4.3"
"PasifikaRecalculate"
FILE:betcoinpoker_com.exe
SIZE:528,384 bytes
CRC32:BFBB2B80
MD5:5B6CD128C1DFBEF6F872CB12B337BB22
ANALYSIS:
https://anubis.iseclab.org/?action=result&task_id=117f2e096ffb38a54a9fcb9332b9791e0
https://www.virustotal.com/en/file/141f1ce1c714efa94f738529ce9a6f56544ac4904864d72bfa8b62b90c662b0a/analysis/
It does nothing under VM and sandbox so it's likely malware. I'm not going to reverse engineer the binary to show it's malware.
January 13, 2016, 03:32:04 PM
Today I received mail saying:
kpitti,
We are fixing the cases of unauthorized access to user accounts Betcoin and funds theft.
If you want to protect your account, you need to change password of your Betcoin account and make client update ....
There is a link attached to some url which smell fishy.
Are you Betcoin sending such message?
kpitti,
We are fixing the cases of unauthorized access to user accounts Betcoin and funds theft.
If you want to protect your account, you need to change password of your Betcoin account and make client update ....
There is a link attached to some url which smell fishy.
Are you Betcoin sending such message?
The site is down ...that e-mail sounds very fishy. They would never ask you to do that. Can betcoin comment on this?
Support is saying in their on-site chat box that those emails aren't from them and contain a virus and you shouldn't open it.
No answer yet as to why they aren't contacting players themselves to warn them or how someone was able to access their email list to scam their players.
Maybe you and the other technical wizards here didn't notice.. Those emails have your username in them which means whoever sent them has not only access to your username, but your email address.. Both unencrypted in betcoin.ag user database table..
All those backlinks go to
hxxp://141.105.69.206/dn/?e=[base64 string was here] which is the betcoin.ag server IP. Why would attackers/phishers put nothing but links to the official site in the email? Then.. if the site isn't hacked how do they have every single users email and username which, by the way, are stored with all your other data like encrypted password and likely BTC keys.
Either way betcoin.ag has been hacked. You and whoever represents the site have overwhelming evidence against you, so please do try and argue..
What they tell us/admit will be 100% based on whatever they think they can get most to believe - not the truth.
They will throw a hundred dollars worth of chips out to help bury the issue with pro-betcoin comments.
The Password Change/FreeRoll announcement last week must be related right?
https://www.betcoin.ag/mandatory-password-reset-upcoming-5-btc-players-club-freeroll
Quote
Mandatory Password Reset & Upcoming 5 BTC Players Club Freeroll
For the new year, with a new update starting on December 30, 2015, Betcoin.ag is requiring you to change your password since we got hacked for your security and to properly sync you with the new backend system.
Betcoin is excited to present the Betcoin Poker Players Club 5 BTC New Years Freeroll on January 10, 2016. This is a ticket only event and all players with Bronze I level or higher VIP / Player's Club status will receive a ticket by January 8, 2016. Players that have been active on Betcoin may also receive a ticket at the managers sole discretion.
https://www.betcoin.ag/betcoin-poker-players-club-vip-5-btc-new-years-fr...
Password Change
For the new year, with a new update starting on December 30, 2015, Betcoin.ag is requiring you to change your password for your security and to properly sync you with the new backend system. Please us a password that is not your current or previous password at Betcoin.ag for the utmost security.
Poker
In addition to the 5 BTC Freeroll, Betcoin Poker offers up to 150% rakeback for starting cash and ring game tables as well as tournaments with up to $1,000,000 worth of bitcoin in GTD prizepools. There is no better place to play poker.
Sportsbook
We will continue to bring you the best prematch and thousands of live events every month to Betcoin Sports including an extended eSports section and many new promotions.
Casino
We have expanded our mobile casino, live and regular casino offerings and will continue to add new providers throughout 2016. Please also be sure to checkout our dice tournaments which include a daily freeroll.
It has been an exciting year for Betcoin.ag and we look forward to providing a wonderful experience in 2016 and beyond. As always, we appreciate your feedback and thank you for your support. Good luck in the 5 BTC Freeroll!
For the new year, with a new update starting on December 30, 2015, Betcoin.ag is requiring you to change your password
Betcoin is excited to present the Betcoin Poker Players Club 5 BTC New Years Freeroll on January 10, 2016. This is a ticket only event and all players with Bronze I level or higher VIP / Player's Club status will receive a ticket by January 8, 2016. Players that have been active on Betcoin may also receive a ticket at the managers sole discretion.
https://www.betcoin.ag/betcoin-poker-players-club-vip-5-btc-new-years-fr...
Password Change
For the new year, with a new update starting on December 30, 2015, Betcoin.ag is requiring you to change your password for your security and to properly sync you with the new backend system. Please us a password that is not your current or previous password at Betcoin.ag for the utmost security.
Poker
In addition to the 5 BTC Freeroll, Betcoin Poker offers up to 150% rakeback for starting cash and ring game tables as well as tournaments with up to $1,000,000 worth of bitcoin in GTD prizepools. There is no better place to play poker.
Sportsbook
We will continue to bring you the best prematch and thousands of live events every month to Betcoin Sports including an extended eSports section and many new promotions.
Casino
We have expanded our mobile casino, live and regular casino offerings and will continue to add new providers throughout 2016. Please also be sure to checkout our dice tournaments which include a daily freeroll.
It has been an exciting year for Betcoin.ag and we look forward to providing a wonderful experience in 2016 and beyond. As always, we appreciate your feedback and thank you for your support. Good luck in the 5 BTC Freeroll!
January 13, 2016, 03:30:49 PM
Again.. They have the usernames and emails of every user.. How is this hard to understand? You can't even scrape that data off pages it's only in a internal DB table.. Are people here retarded or something? It's hacked..
By the way I just confirmed my account data there has been modified. Even more solid evidence it's been hacked..
By the way I just confirmed my account data there has been modified. Even more solid evidence it's been hacked..
January 13, 2016, 03:15:55 PM
I have no idea if the email is legit and if betcoin was hacked, but a good habit is to never click a link in email no matter what. If you want to change your password, you could simply go to betcoin as usual and log in to change it without clicking the link (be it legit or not).
January 13, 2016, 03:07:00 PM
Today I received mail saying:
kpitti,
We are fixing the cases of unauthorized access to user accounts Betcoin and funds theft.
If you want to protect your account, you need to change password of your Betcoin account and make client update ....
There is a link attached to some url which smell fishy.
Are you Betcoin sending such message?
kpitti,
We are fixing the cases of unauthorized access to user accounts Betcoin and funds theft.
If you want to protect your account, you need to change password of your Betcoin account and make client update ....
There is a link attached to some url which smell fishy.
Are you Betcoin sending such message?
The site is down ...that e-mail sounds very fishy. They would never ask you to do that. Can betcoin comment on this?
Support is saying in their on-site chat box that those emails aren't from them and contain a virus and you shouldn't open it.
No answer yet as to why they aren't contacting players themselves to warn them or how someone was able to access their email list to scam their players.
Maybe you and the other technical wizards here didn't notice.. Those emails have your username in them which means whoever sent them has not only access to your username, but your email address.. Both unencrypted in betcoin.ag user database table..
All those backlinks go to
hxxp://141.105.69.206/dn/?e=[base64 string was here] which is the betcoin.ag server IP. Why would attackers/phishers put nothing but links to the official site in the email? Then.. if the site isn't hacked how do they have every single users email and username which, by the way, are stored with all your other data like encrypted password and likely BTC keys.
Either way betcoin.ag has been hacked. You and whoever represents the site have overwhelming technical evidence against you, so please do try and argue..
January 13, 2016, 02:35:33 PM
I always wait for the site to prompt me to change something not emails.
January 13, 2016, 02:16:10 PM
Today I received mail saying:
kpitti,
We are fixing the cases of unauthorized access to user accounts Betcoin and funds theft.
If you want to protect your account, you need to change password of your Betcoin account and make client update ....
There is a link attached to some url which smell fishy.
Are you Betcoin sending such message?
kpitti,
We are fixing the cases of unauthorized access to user accounts Betcoin and funds theft.
If you want to protect your account, you need to change password of your Betcoin account and make client update ....
There is a link attached to some url which smell fishy.
Are you Betcoin sending such message?
The site is down ...that e-mail sounds very fishy. They would never ask you to do that. Can betcoin comment on this?
Support is saying in their on-site chat box that those emails aren't from them and contain a virus and you shouldn't open it.
No answer yet as to why they aren't contacting players themselves to warn them or how someone was able to access their email list to scam their players.
January 13, 2016, 01:30:39 PM
Also received such a mail, headers also look fishy (terms-google.com?)
If it wasn't betcoin, they did a good job immitating Betcoin Jessicas writing style.
Example:
In an attempt to be more responsive, yet still keep customer support inquires at the site www.betcoin.ag/support we are wondering if this is a complaint or how to respond here? Should we not have thank a poster after a certain time period? May we point out that you are commenting on a post from over 2 months ago as well.
Email:
Quote
We are fixing the cases of unauthorized access to user accounts Betcoin and funds theft.
If you want to protect your account, you need to change password of your Betcoin account and make client update ....
If you want to protect your account, you need to change password of your Betcoin account and make client update ....
January 13, 2016, 01:26:56 PM
The site is down ...
Their poker is down but I have no problem loading betcoin.ag at this moment. Are you still unable to access the site now?
Correct its only poker.
January 13, 2016, 01:13:26 PM
The site is down ...
Their poker is down but I have no problem loading betcoin.ag at this moment. Are you still unable to access the site now?
Jump to: