Bitcointalk was hacked in [2011] , [2013] and [2015]Previously the forum was hosted on sourceforge
http://bitcoin.sourceforge.net/boards/index.php which is no longer reachable.
Founded by
Satoshi Nakamoto. The domain name was owned by
Sirius but is now controlled by
Cøbra. The forum is administrated by
theymos .
The forum was also reachable under forum.bitcoin.org for some time before it moved to bitcointalk.org IIRC.
The "name" of the forum is actually "Bitcoin Forum", not "Bitcointalk" (see upper left corner of this page).
Bitcointalk has cloudflare protection so finding out the current hosting provider is difficult.
https://bitcointalksearch.org/topic/m.34255007September 09, 2011, Bitcointalk.org Hacked by SomethingAwful.Bitcointalk was hacked and defaced. "My browser's been Cosjacked!" Bill Cosby images were displayed.Hahaha this is pretty funny. Nothing about Bitcoin is safe these days.
Holy shit Cosby is everywhere!
https://bitcointalksearch.org/topic/m.517910EDIT: To disable the Cosby Hack use AdBlock and block "bitcointalk.org/Smileys/default/final.js" - Thanks ShadowOfHarbringer and TechCF <3
https://bitcointalksearch.org/topic/bitcointalkorg-hacked-by-somethingawful-pics-42549On September 3, an attacker used a 0-day exploit in SMF to gain administrative access to the forum. This went unnoticed until September 9, when he inserted some annoying JavaScript into all pages. The forum was at this point shut down.
The attacker was capable of running arbitrary PHP code, and he could have therefore copied all password hashes and read all personal messages. He also could have done all of the things that admins can normally do, such as editing/deleting/moving posts.
PasswordsIt is not known for sure that the attacker copied any password hashes, but it should be assumed that he did.
SMF hashes passwords with SHA-1 and salts the hash with your (lowercase) username. This is unfortunately not an incredibly secure way of hashing passwords.
The password you used on the forum should be assumed to already be compromised if your password had:
- Less than 16 characters, numbers only
- Less than 12 characters, lowercase only
- Less than 11 characters, lowercase+numeric
- Less than 10 characters, lowercase+uppercase
- Less than 9 characters, lowercase+uppercase+numbers
- Less than 8 characters, all standard characters
If you have only 2-3 more characters than what I listed above, then you should assume that your password will be compromised at some point in the future.
No matter how strong your password was, it is a good idea to change your password here
and wherever else you used it.
Database stateBackups exist of the previous database state, but it has been decided to continue with the latest state to avoid losing thousands of posts. If you notice that any posts are missing or changed, let me know.
Also, it's possible that the attacker took control of some accounts. If you are being impersonated, email me and I'll reset your password to its previous value.
More attack infoThe attacker first paid for a donator account so he could change his displayed username. The displayed username field is not escaped properly, so he was able to inject SQL from there. He took over Satoshi's account, and from Satoshi's administrative interface he was able to inject arbitrary PHP code by modifying the style template.
The attacker probably used these user accounts, though his level of access would allow him to forge this data:
brad
EconomicOracle
Economic Oracle
SwimsuitPaul
BitcoinsInMyLoins
He probably used these IP addresses:
74.242.208.15974.242.205.69
152.14.219.223
152.14.247.62
74.242.205.161
74.242.206.245
74.242.208.159
74.242.235.132
98.69.157.69
98.69.160.187
41.125.48.26
150.206.212.72
(Thanks to Mark Karpeles for finding most of this info.)
Change of hostingMark Karpeles is now hosting the forum's server. The forum is still owned by Sirius, as it has always been. There will be no policy changes.
Signed version of this messageTwo months later Bitcointalk was looking for tenders for new forum software.
November 02, 2011, Looking for someone to create/modify software for this forum and 5500+ BTC raised for the project.https://bitcointalksearch.org/topic/looking-for-someone-to-createmodify-software-for-this-forum-5500-btc-50617October 02, 2013. Ross Ulbricht arrested, FBI Seize Deep Web Marketplace Silk Roadhttps://bitcointalksearch.org/topic/2013-10-02-fbi-seize-deep-web-marketplace-silk-road-arrest-owner-306338https://bitcointalksearch.org/topic/silk-road-trail-of-1132989btc-310600-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Here's what we think happened:
8-14 hours ago, an attacker used a flaw in the forum's AnonymousSpeech registrar to change the forum's DNS to point to 108.162.197.161 (exact details unknown). Sirius noticed this 8 hours ago and immediately transferred bitcointalk.org to a different registrar. However, such changes take about 24 hours to propagate.
Because the HTTPS protocol is pretty terrible, this alone could have allowed the attacker to intercept and modify encrypted forum transmissions, allowing them to see passwords sent during login, authentication cookies, PMs, etc. Your password only could have been intercepted if you actually entered it while the forum was affected. I invalidated all security codes, so you're not at risk of having your account stolen if you logged in using the "remember me" feature without actually entering your password.
For the next ~20 hours, you should only log into the forum if you're quite sure that you're talking to the correct server. This can be done by adding '109.201.133.195 bitcointalk.org' to your hosts file (remember to remove it later!), or by using some browser plugin to ensure that you're talking to the server with TLS certificate SHA1 fingerprint of:
29:0E:CC:82:2B:3C:CE:0A:73:94:35:A0:26:15:EC:D3:EB:1F:46:6B
Simultaniously, the forum has been the target of a massive DDoS attack. These two events are probably related, though I'm not yet sure why an attacker would do both of these things at once.
-----BEGIN PGP SIGNATURE-----
A youtube video was made of the result of the hack:
https://www.youtube.com/watch?v=0FqIxh6Q-20On October 3, it was discovered that an attacker inserted some JavaScript into forum pages. The forum was shut down soon afterward so that the issue could be investigated carefully. After investigation, I determined that the attacker most likely had the ability to execute arbitrary PHP code. Therefore, the attacker probably could have accessed personal messages, email addresses, and password hashes, though it is unknown whether he actually did so.
Passwords were hashed very strongly. Each password is hashed with 7500 rounds of sha256crypt and a 12-byte random salt (per password). Each password would need to be individually attacked in order to retrieve the password. However, even fairly strong passwords may be crackable after a long period of time, and weak passwords (especially ones composed of only a few dictionary words) may still be cracked quickly, so it is recommended that you change your password here and anywhere else you used the password.
The attacker may have modified posts, PMs, signatures, and registered Bitcoin addresses. It isn't practical for me to check all of these things for everyone, so you should double-check your own stuff and report any irregularities to me.
How the attack was doneI believe that this is how the attack was done: After the 2011 hack of the forum, the attacker inserted some backdoors. These were removed by Mark Karpelles in his post-hack code audit, but a short time later, the attacker used the password hashes he obtained from the database in order to take control of an admin account and insert the backdoors back in. (There is a flaw in stock SMF allowing you to login as someone using only their password
hash. No bruteforcing is required. This was fixed on this forum when the password system was overhauled over a year ago.) The backdoors were in obscure locations, so they weren't noticed until I did a complete code audit yesterday.
After I found the backdoors, I saw that someone (presumably the attacker) independently posted about his attack method with matching details. So it seems very likely that this was the attack method.
Because the backdoors were first planted in late 2011, the database could have been secretly accessed any time since then.
It was initially suspected by many that the attack was done by exploiting a flaw in SMF which allows you to upload any file to the user avatars directory, and then using a misconfiguration in nginx to execute this file as a PHP script. However, this attack method seems impossible if PHP's security.limit_extensions is set.
The futureThe forum is now on a new server inside of a virtual machine with many extra security precautions which will hopefully provide some security in depth in case there are more exploits or backdoors. Also, I have disabled much SMF functionality to provide less attack surface. In particular, non-default themes are disabled for now.
I'd like to publish the forum's current code so that it can be carefully reviewed and the disabled features can be re-enabled. SMF 1.x's license prohibits publishing the code, though, so I will have to either upgrade to 2.x, get a special copyright exception from SMF, or do the auditing myself. During this investigation, a few security disadvantages to 2.x were brought to my attention, so I don't know whether I want to upgrade if I can help it. (1.x is still supported by SMF.)
Special thanks to these people for their assistance in dealing with this issue:
- warren
- Private Internet Access
- nerta
- Joshua Rogers
- chaoztc
- phantomcircuit
- jpcaissy
- bluepostit
- All others who helped
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
As of October 7 2013, the Bitcoin Forum has been restored to bitcointalk.org.
-----BEGIN PGP SIGNATURE-----
iF4EAREIAAYFAlJSRF8ACgkQxlVWk9q1keemWgD/WcvrsikPq6AHpEo20KGmQInp
FlyAWNbX74z65KJrsUEBAIcCzYnHZ7gAs49mlhSq1fR9o2LZCETV3BJveCTu7lAi
=b9Xb
-----END PGP SIGNATURE-----
November 06, 2014, Anyone else get an email trying to sell you bitcointalk.org and btc-e.com dumps?I received this email yesterday:
From: [email protected]
Reply to: [email protected]
import database.sql c99 wso
Bitcointalk.org database.txt BTC-E Bitcoin dump.sql 64.9 MB Size WE SELL FULL DATABASE DUMP OF Bitcointalk.org + BTC-E.COM 2014 YES
SELL FULL DATABASE DUMP.SQL OF Bitcointalk.org + BTC-E.COM
HERE IS LIST OF WHAT WE HAVE FOR YOU.
Maybe You Ask For Why You Must Buy Dump.sql include Mails And Details Personale Users?
YOU ASK FOR WHAT?
1. Affiliate/invites
Casino/Poker/Forex Etc...
2. You Get Mails Very Big Size To Your Bussines Promotions RESULTABLE leads Target 100% Bitcoins Mails in Sql
3. You Be Make Nice Profit % Yes
you be earn multi profits
this very quality material for stable more biz to you
OVER 4+ GB OF DATA TOTAL: EMAILS, PASSWORDS, PINS, ETC FOR ALL USERS.
FULL .SQL FILE DUMP FORMAT
LEAKED BTC-E SOURCE CODE
FULL DATABASE SQL DUMP
BitcoinPayment>Email Me->Give You TxT/SQL/Zip
if you interest buy
i calculate for you specific price
who interest make payment and buy for me I AM SURE 100%
THIS IN PRACTIC MY SKILL AND PROOFS IF YOU DREAM ABOUT THIS I OWNER THIS IN THIS MOMENT YES
OTHER BITCOIN EXCHANGE
BTC-E.COM
FULL DATABASE DUMP. EMAILS, PASSWORDS, USERS (850.000+) - 16-10-2014 *FRESH*
FULL .SQL FILE DUMP FORMAT
WE HACKED BTC-E; AND ASWELL WITH TRADINGS.
Bitcoin Address : 1shopAH6JmxABLCbbG4wNAUZVh3ZjtGfF
you interest?
Ok if you make payment i contact you and be help you
i sent back to you memo my jabber/icq details to chat individual to you if you be my client make copy sql to you
IF I SAY I MAKE
THIS MY PRINCIPIAL POSITION
I RUSSIAN
I POSITIVE IF YOU BE MY CLIENT
----------------------------------
" BTC-E.COM"
Prices (Bitcoin):
0.3 BTC - FULL USERDUMP ON BTC-E.COM (850.000+ USERLIST)
- Full dump on Emails, PINS, Usernames and best of all Passwords.
Price BTC - FULLY FUNCTIONALLY BTC-E.COM SOURCECODE + BTC-E DUMP (USERS,PASSWORDS,EMAILS,PINS)
----------------------------------
" BitcoinTalk.org "
Prices (Bitcoin):
0.15 BTC - FULL USERDUMP ON BitcoinTalk.org (374602 Members+ USERLIST)
- Full dump.sql on Emails, Usernames and best of all Passwords.
Price BTC - BitcoinTalk.org SOURCECODE
- If you want to buy full source code. Price is 0.15 BTC.
After You Make Payment, send us an e-mail or your Jabber to [email protected] with what you want and what file download locations and instructions.
When you make the payment, remember to send us an e-mail to [email protected]
with the amount sent and the wallet address in which you want to receive link to download dump.sql
After you Make Payment You Get My Help 100%
Save Details Transaction And Sent Me For This Specific Mail [email protected]
N1 Pay [Save Your Details Transaction] Example Test i want to buy full source code. Price is 0.15 BTC.
N2 Contact Me [email protected]
SQL INJECTION DUMP MEGAPACK
https://bitcointalksearch.org/topic/anyone-else-get-an-email-trying-to-sell-you-bitcointalkorg-and-btc-ecom-dumps-848462December 03, 2014, Theymos receives first DPR subpoena regarding Ulbricht (Silk Road) and the heroin store topic.This is not very surprising/interesting, but I thought I'd mention that I received a subpoena for information related to Ross Ulbricht's alleged forum account
altoid. I mostly just compiled some publicly-available information. The only non-public data I had to include were some deleted posts in the
heroin store topic that were not written by DPR and probably won't be useful in the case.
You might be surprised to learn that this is the first subpoena I've received for the forum.
In Silk Road's early days, Ulbricht had posted in a Bitcoin forum promoting the site under his real email,
[email protected].
May 25, 2015, Bitcointalk server compromised.On May 22 at 00:56 UTC, an attacker gained root access to the forum's server. He then proceeded to try to acquire a dump of the forum's database before I noticed this at around 1:08 and shut down the server. In the intervening time, it seems that he was able to collect some or all of the "members" table. You should assume that the following information about your account was leaked:
- Email address
- Password hash (see below)
- Last-used IP address and registration IP address
- Secret question and a basic (not brute-force-resistant) hash of your secret answer
- Various settings
As such, you should change your password here and anywhere else you used that same password. You should disable your secret question and assume that the attacker now knows your answer to your secret question. You should prepare to receive phishing emails at your forum email address.
While nothing can ever be ruled out in these sorts of situations, I do not believe that the attacker was able to collect any personal messages or other sensitive data beyond what I listed above.
Passwords are hashed with 7500 rounds of sha256crypt. This is pretty good, but certainly not beyond attack. Note that even though SHA-256 is used here, sha256crypt is different enough from Bitcoin's SHA-256d PoW algorithm that Bitcoin mining ASICs almost certainly cannot be modified to crack forum passwords.
I will now go into detail about how well you can expect your password to fare against a determined attacker. However,
regardless of how strong your password is, the only prudent course of action is for you to immediately change your password here and everywhere else you used it or a similar password.The following table shows how long it will take on average for a rather powerful attacker to recover
RANDOM passwords using current technology, depending on the password's alphabet and length. If your password is not completely random (ie. generated with the help of dice or a computer random number generator), then you should assume that your password is already broken.
It is not especially helpful to turn words into leetspeak or put stuff between words. If you have a password like "
w0rd71
Voc4b", then you should count that as just 2 words to be safe. In reality, your extra stuff will slow an attacker down, but the effect is probably much less than you'd think. Again, the times listed in the table only apply if the words were chosen at random from a word list. If the words are significant in any way, and especially if they form a grammatical sentence or are a quote from a book/webpage/article/etc., then you should consider your password to be broken.
Estimated time (conservative) for an attacker to break randomly-constructed
bitcointalk.org passwords with current technology
s=second; m=minute; h=hour; d=day; y=year; ky=1000 years; My=1 million years
Password length a-z a-zA-Z a-zA-Z0-9
8 0 3s 12s 2m
9 0 2m 13m 3h
10 8s 2h 13h 13d
11 3m 5d 34d 1y
12 1h 261d 3y 260y
13 1d 37y 366y 22ky
14 43d 1938y 22ky 1My
15 1y 100ky 1My 160My
-------------------------------------------------------
1 word 0
2 words 0
3 words 0
4 words 3m
5 words 19d
6 words 405y
7 words 3My
Each password has its own 12-byte random salt, so it isn't possible to attack more than one password with the same work. If it takes someone 5 days to recover your password, that time will all have to be spent on your password. Therefore, it's likely that only weak passwords will be recovered en masse -- more complicated passwords will be recovered only in targeted attacks against certain people.
If your account is compromised due to this, email
[email protected] from the email that was previously associated with your account.
For security reasons, I deleted all drafts. If you need a deleted draft, contact me soon and I can probably give it to you.
A few people might have broken avatars now. Just upload your avatar again to fix it.
Unproxyban fee processing isn't working right now. If you want to register and you can't, get someone to post in Meta for you and you'll be whitelisted.
Searching is temporarily disabled, though it won't be disabled for as long as last time because I improved the reindexing code.
If you changed your password in the short time when the forum was online a little over a day ago, the change didn't stick. You'll have to change it again.
How the compromise happened:
The attacker was able to acquire KVM access credentials for the server. The investigation into how this was possible is still ongoing, so I don't know everything, and I don't yet want to publish everything that I do know, but it seems almost certain that it was a problem on the ISP's end.
After he got KVM access, the attacker convinced the ISP NFOrce that he was me (using his KVM access as part of his evidence) and said that he had locked himself out of the server. So NFOrce reset the server's root password for him, giving him complete access to the server and bypassing most of our carefully-designed security measures. I originally assumed that the attacker gained access
entirely via social engineering, but later investigation showed that this was probably only part of the overall attack. As far as I know, NFOrce's overall security practices are no worse than average.
To reduce downtime and avoid temporarily-broken features, I was originally going to stay in NFOrce's data center. However, some things made me suspicious and I moved everything elsewhere. That's where the extra day+ of downtime came from after a short period of uptime. No additional data was leaked.
The forum will pay up to 15 XAU (converted to BTC) for information about the attacker's real-world identity. Exact payment amounts will depend on the quality and usefulness of information as well as what information I've already acquired, but if for example you're the first person to contact me and your info allows me to successfully prosecute this person, then you will get the full 15 XAU. You need to actually convince me that your info is accurate -- just sending me someone's name is useless.
The attacker used the following IPs/email:
37.48.77.227
66.172.27.160
[email protected]A few days later Ross Ulbricht is sentenced to life in prison.
May 29, 2015, Silk Road Founder Ross Ulbricht Sentenced to Life in Prisonhttps://bitcointalksearch.org/topic/silk-road-founder-ross-ulbricht-sentenced-to-life-in-prison-1074337The forum was also reachable under forum.bitcoin.org for some time before it moved to bitcointalk.org IIRC.
The "name" of the forum is actually "Bitcoin Forum", not "Bitcointalk" (see upper left corner of this page).
Also, it might be noteworthy that for some time, DDOSing this forum coincided with dumps on then dominant Bitcoin exchange MtGox. I.e., you could DDOS this forum, which in turn made the price of Bitcoin drop. Market manipulation wild Wild West
Thank you to
taikuri13 for finding additional information.