Why is it every time Ryan sells a site there is an alleged hack or win under mysterious circumstances?
would you mind to give us some samples of those sites he sold? I don't know of any
Topic: bustabit – The original crash game - page 93. (Read 61490 times)
would you mind to give us some samples of those sites he sold? I don't know of any
Why is it every time Ryan sells a site there is an alleged hack or win under mysterious circumstances?
I hope no other sites report having this vulnerability
frankly I would like to see another licensed bustabit site be hacked and would like to see how it is handled. this would answer my question
Legit withdrawals? Nah, they were canceled for KYC refusal and Snoop Dogg is currently smoking that money. Bye sweetie.
Don't come crying to me to bail you out of prison, Brett. Get off Daniel's thread.
I hope no other sites report having this vulnerability
frankly I would like to see another licensed bustabit site be hacked and would like to see how it is handled. this would answer my question
Legit withdrawals? Nah, they were canceled for KYC refusal and Snoop Dogg is currently smoking that money. Bye sweetie.
I hope no other sites report having this vulnerability
frankly I would like to see another licensed bustabit site be hacked and would like to see how it is handled. this would answer my question
Oh that is a bit harsh
TBH it is clear devans is an honest person and his word is his bond. Others have made loud noises about protecting investors but backed out leaving their projects dangling on the verge of closure but devans has not had a bad word said against him.
Just look at the way he handled this attack and covered nearly $500,000 worth of losses from his own pocket. That is the sign of somebody who is genuine and caring, approachable and has the right mindset to operate a business using other peoples BTC for bankroll to the tune of over $12 million dollars (if I am not mistaken).
I would prefer devans make his position clear about what would happen to other sites if they also get attacked while running licensed software, no need to see others getting hacked.
I hope no other sites report having this vulnerability
frankly I would like to see another licensed bustabit site be hacked and would like to see how it is handled. this would answer my question
Quote
as I thought about licensing a bustabit version, how would it be handled if I got hacked with this kind of hack? who would pay for the damage?
I had it happen to one of our sites and they will just mark your license with a 'credible scam accusation'. You're responsible for all the bullshit that happens.
Your site has never been hacked. You blocked legitimate withdrawals from 3 players. Daniel has had fraudulent bets made via misuse of bustabit's public API. Where's evidence of your hack?
Quote
as I thought about licensing a bustabit version, how would it be handled if I got hacked with this kind of hack? who would pay for the damage?
I had it happen to one of our sites and they will just mark your license with a 'credible scam accusation'. You're responsible for all the bullshit that happens.
I hope no other sites report having this vulnerability
Earlier today, an attacker exploited a previously unknown vulnerability in one of bustabit's API methods which allowed him to find out the current game's outcome before its end. By exploiting this bug the attacker managed to win a total of 122.5686 BTC and empty the hot wallet.
I have confirmed the existence of this vulnerability and deployed a fix for it. In a few minutes, the game will resume and the hot wallet refilled.
bustabit will reimburse all affected bankroll investors out of pocket. Each investor's account will be credited with the full amount of bits lost to the attacker and an equal amount of dilution fee credits. Because I want to ensure that all affected investors are made whole (vs just adding 122.5686 BTC to the bankroll again), this will take 1-2 days while I calculate how much each investors is owed.
There is no indication that this vulnerability was exploited before today. Player funds were not at risk at any point in time. The problem was specific to bustabit and bustadice was not affected in any way.
I have confirmed the existence of this vulnerability and deployed a fix for it. In a few minutes, the game will resume and the hot wallet refilled.
bustabit will reimburse all affected bankroll investors out of pocket. Each investor's account will be credited with the full amount of bits lost to the attacker and an equal amount of dilution fee credits. Because I want to ensure that all affected investors are made whole (vs just adding 122.5686 BTC to the bankroll again), this will take 1-2 days while I calculate how much each investors is owed.
There is no indication that this vulnerability was exploited before today. Player funds were not at risk at any point in time. The problem was specific to bustabit and bustadice was not affected in any way.
Chapeau! for the way you handle it
as I thought about licensing a bustabit version, how would it be handled if I got hacked with this kind of hack? who would pay for the damage?
bustabit v2 code is not available for licensing. v1 code is available, but it is not subject to the same vulnerability, which involves the betID parameter.
thx but that does not answer my question
Only Daniel is qualified to answer this, but here's what I think he'd say. The main product you purchase is the license, which is your name on the license.txt file. You also get the code along with this, or you can use the public code which is posted on Github. Now, it's your site's responsbility to make sure the code doesn't have bugs. If, for some reason, the code causes your v1 clone to use money, I think Daniel would not reimburse you, because it's your responsibility to have thoroughly audited the code before implementation.
Also, keep in mind that there are 20-30 sites that are running on v1 code, and there have been no serious exploits or bugs thus far, so it's unlikely that one will crop up any time soon, unless people make heavy edits to the code before deployment.
Earlier today, an attacker exploited a previously unknown vulnerability in one of bustabit's API methods which allowed him to find out the current game's outcome before its end. By exploiting this bug the attacker managed to win a total of 122.5686 BTC and empty the hot wallet.
I have confirmed the existence of this vulnerability and deployed a fix for it. In a few minutes, the game will resume and the hot wallet refilled.
bustabit will reimburse all affected bankroll investors out of pocket. Each investor's account will be credited with the full amount of bits lost to the attacker and an equal amount of dilution fee credits. Because I want to ensure that all affected investors are made whole (vs just adding 122.5686 BTC to the bankroll again), this will take 1-2 days while I calculate how much each investors is owed.
There is no indication that this vulnerability was exploited before today. Player funds were not at risk at any point in time. The problem was specific to bustabit and bustadice was not affected in any way.
I have confirmed the existence of this vulnerability and deployed a fix for it. In a few minutes, the game will resume and the hot wallet refilled.
bustabit will reimburse all affected bankroll investors out of pocket. Each investor's account will be credited with the full amount of bits lost to the attacker and an equal amount of dilution fee credits. Because I want to ensure that all affected investors are made whole (vs just adding 122.5686 BTC to the bankroll again), this will take 1-2 days while I calculate how much each investors is owed.
There is no indication that this vulnerability was exploited before today. Player funds were not at risk at any point in time. The problem was specific to bustabit and bustadice was not affected in any way.
Chapeau! for the way you handle it
as I thought about licensing a bustabit version, how would it be handled if I got hacked with this kind of hack? who would pay for the damage?
bustabit v2 code is not available for licensing. v1 code is available, but it is not subject to the same vulnerability, which involves the betID parameter.
thx but that does not answer my question
Earlier today, an attacker exploited a previously unknown vulnerability in one of bustabit's API methods which allowed him to find out the current game's outcome before its end. By exploiting this bug the attacker managed to win a total of 122.5686 BTC and empty the hot wallet.
I have confirmed the existence of this vulnerability and deployed a fix for it. In a few minutes, the game will resume and the hot wallet refilled.
bustabit will reimburse all affected bankroll investors out of pocket. Each investor's account will be credited with the full amount of bits lost to the attacker and an equal amount of dilution fee credits. Because I want to ensure that all affected investors are made whole (vs just adding 122.5686 BTC to the bankroll again), this will take 1-2 days while I calculate how much each investors is owed.
There is no indication that this vulnerability was exploited before today. Player funds were not at risk at any point in time. The problem was specific to bustabit and bustadice was not affected in any way.
I have confirmed the existence of this vulnerability and deployed a fix for it. In a few minutes, the game will resume and the hot wallet refilled.
bustabit will reimburse all affected bankroll investors out of pocket. Each investor's account will be credited with the full amount of bits lost to the attacker and an equal amount of dilution fee credits. Because I want to ensure that all affected investors are made whole (vs just adding 122.5686 BTC to the bankroll again), this will take 1-2 days while I calculate how much each investors is owed.
There is no indication that this vulnerability was exploited before today. Player funds were not at risk at any point in time. The problem was specific to bustabit and bustadice was not affected in any way.
Chapeau! for the way you handle it
as I thought about licensing a bustabit version, how would it be handled if I got hacked with this kind of hack? who would pay for the damage?
bustabit v2 code is not available for licensing. v1 code is available, but it is not subject to the same vulnerability, which involves the betID parameter.
Earlier today, an attacker exploited a previously unknown vulnerability in one of bustabit's API methods which allowed him to find out the current game's outcome before its end. By exploiting this bug the attacker managed to win a total of 122.5686 BTC and empty the hot wallet.
I have confirmed the existence of this vulnerability and deployed a fix for it. In a few minutes, the game will resume and the hot wallet refilled.
bustabit will reimburse all affected bankroll investors out of pocket. Each investor's account will be credited with the full amount of bits lost to the attacker and an equal amount of dilution fee credits. Because I want to ensure that all affected investors are made whole (vs just adding 122.5686 BTC to the bankroll again), this will take 1-2 days while I calculate how much each investors is owed.
There is no indication that this vulnerability was exploited before today. Player funds were not at risk at any point in time. The problem was specific to bustabit and bustadice was not affected in any way.
I have confirmed the existence of this vulnerability and deployed a fix for it. In a few minutes, the game will resume and the hot wallet refilled.
bustabit will reimburse all affected bankroll investors out of pocket. Each investor's account will be credited with the full amount of bits lost to the attacker and an equal amount of dilution fee credits. Because I want to ensure that all affected investors are made whole (vs just adding 122.5686 BTC to the bankroll again), this will take 1-2 days while I calculate how much each investors is owed.
There is no indication that this vulnerability was exploited before today. Player funds were not at risk at any point in time. The problem was specific to bustabit and bustadice was not affected in any way.
Do you can help to another busta sites, for solved that vulnerability too ?
Earlier today, an attacker exploited a previously unknown vulnerability in one of bustabit's API methods which allowed him to find out the current game's outcome before its end. By exploiting this bug the attacker managed to win a total of 122.5686 BTC and empty the hot wallet.
I have confirmed the existence of this vulnerability and deployed a fix for it. In a few minutes, the game will resume and the hot wallet refilled.
bustabit will reimburse all affected bankroll investors out of pocket. Each investor's account will be credited with the full amount of bits lost to the attacker and an equal amount of dilution fee credits. Because I want to ensure that all affected investors are made whole (vs just adding 122.5686 BTC to the bankroll again), this will take 1-2 days while I calculate how much each investors is owed.
There is no indication that this vulnerability was exploited before today. Player funds were not at risk at any point in time. The problem was specific to bustabit and bustadice was not affected in any way.
I have confirmed the existence of this vulnerability and deployed a fix for it. In a few minutes, the game will resume and the hot wallet refilled.
bustabit will reimburse all affected bankroll investors out of pocket. Each investor's account will be credited with the full amount of bits lost to the attacker and an equal amount of dilution fee credits. Because I want to ensure that all affected investors are made whole (vs just adding 122.5686 BTC to the bankroll again), this will take 1-2 days while I calculate how much each investors is owed.
There is no indication that this vulnerability was exploited before today. Player funds were not at risk at any point in time. The problem was specific to bustabit and bustadice was not affected in any way.
Chapeau! for the way you handle it
as I thought about licensing a bustabit version, how would it be handled if I got hacked with this kind of hack? who would pay for the damage?
Excellent question. It would open up various legal issue right?
And those that are already using the software via a licence fee, would you contact them explaining them how to apply the fix/patch?
Earlier today, an attacker exploited a previously unknown vulnerability in one of bustabit's API methods which allowed him to find out the current game's outcome before its end. By exploiting this bug the attacker managed to win a total of 122.5686 BTC and empty the hot wallet.
I have confirmed the existence of this vulnerability and deployed a fix for it. In a few minutes, the game will resume and the hot wallet refilled.
bustabit will reimburse all affected bankroll investors out of pocket. Each investor's account will be credited with the full amount of bits lost to the attacker and an equal amount of dilution fee credits. Because I want to ensure that all affected investors are made whole (vs just adding 122.5686 BTC to the bankroll again), this will take 1-2 days while I calculate how much each investors is owed.
There is no indication that this vulnerability was exploited before today. Player funds were not at risk at any point in time. The problem was specific to bustabit and bustadice was not affected in any way.
I have confirmed the existence of this vulnerability and deployed a fix for it. In a few minutes, the game will resume and the hot wallet refilled.
bustabit will reimburse all affected bankroll investors out of pocket. Each investor's account will be credited with the full amount of bits lost to the attacker and an equal amount of dilution fee credits. Because I want to ensure that all affected investors are made whole (vs just adding 122.5686 BTC to the bankroll again), this will take 1-2 days while I calculate how much each investors is owed.
There is no indication that this vulnerability was exploited before today. Player funds were not at risk at any point in time. The problem was specific to bustabit and bustadice was not affected in any way.
Chapeau! for the way you handle it
as I thought about licensing a bustabit version, how would it be handled if I got hacked with this kind of hack? who would pay for the damage?
Thanks for your investigation, and refund for the investors, you gained my respect.
However, if you accept a suggestion, next time a bug or something forces you to pause the game for hours, we (investors, and players) would be happy to receive some regular update on the status.
BigTHX again
However, if you accept a suggestion, next time a bug or something forces you to pause the game for hours, we (investors, and players) would be happy to receive some regular update on the status.
BigTHX again
Earlier today, an attacker exploited a previously unknown vulnerability in one of bustabit's API methods which allowed him to find out the current game's outcome before its end. By exploiting this bug the attacker managed to win a total of 122.5686 BTC and empty the hot wallet.
I have confirmed the existence of this vulnerability and deployed a fix for it. In a few minutes, the game will resume and the hot wallet refilled.
bustabit will reimburse all affected bankroll investors out of pocket. Each investor's account will be credited with the full amount of bits lost to the attacker and an equal amount of dilution fee credits. Because I want to ensure that all affected investors are made whole (vs just adding 122.5686 BTC to the bankroll again), this will take 1-2 days while I calculate how much each investors is owed.
There is no indication that this vulnerability was exploited before today. Player funds were not at risk at any point in time. The problem was specific to bustabit and bustadice was not affected in any way.
I have confirmed the existence of this vulnerability and deployed a fix for it. In a few minutes, the game will resume and the hot wallet refilled.
bustabit will reimburse all affected bankroll investors out of pocket. Each investor's account will be credited with the full amount of bits lost to the attacker and an equal amount of dilution fee credits. Because I want to ensure that all affected investors are made whole (vs just adding 122.5686 BTC to the bankroll again), this will take 1-2 days while I calculate how much each investors is owed.
There is no indication that this vulnerability was exploited before today. Player funds were not at risk at any point in time. The problem was specific to bustabit and bustadice was not affected in any way.
Have to express the way you managed this situation is exemplary. You are going to cover the losses of 122.5686 BTC and dilution fee credits - excellent. That equates to around $475,000 in FIAT.
It is unfortunate this attack took place but it is commendable you managed to isolate the issue and fixed it so quickly and it cannot be exploited again.
Regarding the vulnerability, though you have run thorough checks it just might be possible that the attacker made test runs with tiny amounts in the recent past to check the vulnerability exists before going after the 122.5686 BTC. It seems highly unlikely the attacker stumbled across the vulnerability by chance, it seems more probable the attacker carried out the attack after devising a plan.
Good job, proud to be BAB investor.
Earlier today, an attacker exploited a previously unknown vulnerability in one of bustabit's API methods which allowed him to find out the current game's outcome before its end. By exploiting this bug the attacker managed to win a total of 122.5686 BTC and empty the hot wallet.
I have confirmed the existence of this vulnerability and deployed a fix for it. In a few minutes, the game will resume and the hot wallet refilled.
bustabit will reimburse all affected bankroll investors out of pocket. Each investor's account will be credited with the full amount of bits lost to the attacker and an equal amount of dilution fee credits. Because I want to ensure that all affected investors are made whole (vs just adding 122.5686 BTC to the bankroll again), this will take 1-2 days while I calculate how much each investors is owed.
There is no indication that this vulnerability was exploited before today. Player funds were not at risk at any point in time. The problem was specific to bustabit and bustadice was not affected in any way.
I have confirmed the existence of this vulnerability and deployed a fix for it. In a few minutes, the game will resume and the hot wallet refilled.
bustabit will reimburse all affected bankroll investors out of pocket. Each investor's account will be credited with the full amount of bits lost to the attacker and an equal amount of dilution fee credits. Because I want to ensure that all affected investors are made whole (vs just adding 122.5686 BTC to the bankroll again), this will take 1-2 days while I calculate how much each investors is owed.
There is no indication that this vulnerability was exploited before today. Player funds were not at risk at any point in time. The problem was specific to bustabit and bustadice was not affected in any way.
Do you can help to another busta sites, for solved that vulnerability too ?
Earlier today, an attacker exploited a previously unknown vulnerability in one of bustabit's API methods which allowed him to find out the current game's outcome before its end. By exploiting this bug the attacker managed to win a total of 122.5686 BTC and empty the hot wallet.
I have confirmed the existence of this vulnerability and deployed a fix for it. In a few minutes, the game will resume and the hot wallet refilled.
bustabit will reimburse all affected bankroll investors out of pocket. Each investor's account will be credited with the full amount of bits lost to the attacker and an equal amount of dilution fee credits. Because I want to ensure that all affected investors are made whole (vs just adding 122.5686 BTC to the bankroll again), this will take 1-2 days while I calculate how much each investors is owed.
There is no indication that this vulnerability was exploited before today. Player funds were not at risk at any point in time. The problem was specific to bustabit and bustadice was not affected in any way.
I have confirmed the existence of this vulnerability and deployed a fix for it. In a few minutes, the game will resume and the hot wallet refilled.
bustabit will reimburse all affected bankroll investors out of pocket. Each investor's account will be credited with the full amount of bits lost to the attacker and an equal amount of dilution fee credits. Because I want to ensure that all affected investors are made whole (vs just adding 122.5686 BTC to the bankroll again), this will take 1-2 days while I calculate how much each investors is owed.
There is no indication that this vulnerability was exploited before today. Player funds were not at risk at any point in time. The problem was specific to bustabit and bustadice was not affected in any way.
Great job! You are the best!
Jump to: