Author

Topic: CEX - Hack in Progress! (Read 1896 times)

hero member
Activity: 532
Merit: 500
Are you like these guys?
March 24, 2014, 06:16:02 AM
#14

Probably about time we changed the name from 'Bitcoin' to 'Hackcoin'.

Hardly a day goes by without some sort of hacking incident  Sad

hero member
Activity: 882
Merit: 501
Ching-Chang;Ding-Dong
March 23, 2014, 07:03:51 PM
#13
password resets no longer allowed on cex either.
hero member
Activity: 1582
Merit: 502
March 23, 2014, 09:06:23 AM
#12
I sent support a message mid hack as the failed attempts were coming in. best they said to do was change my email and password. all attempts were different ip address so the probably had control of a botnet. That kind of makes sense but my password held up so maybe i shouldn't change it.

anyway there is no way to change my username, thats part one of what they need to hack in.

cex should be using a unique id instead of user names in their referral links imo.

They were using Tor
sr. member
Activity: 448
Merit: 254
March 23, 2014, 08:49:12 AM
#11
Could be anon-proxies too.  I have about a thousand of them banned on one server i run for just this reason.  Constantly used for bruteforce attempts.

Thats where an account timeout helps. Continued failures and the account gets locked an hour.

A good bruteforce is going to require tens of thousands of attempts unless the user is very stupid (and used a password like passw0rd).  Its rare anyone has that many proxies to burn but even if they do lock the account for 10mins to an hour after every x failures and the chance of a bruteforce working are close to zero.

Edit:  I wont mention what i think of your suggestion of security by obscurity.  Its something but if you wish to pin your hopes on it god help you.
member
Activity: 82
Merit: 10
March 23, 2014, 08:43:56 AM
#10
I sent support a message mid hack as the failed attempts were coming in. best they said to do was change my email and password. all attempts were different ip address so the probably had control of a botnet. That kind of makes sense but my password held up so maybe i shouldn't change it.

anyway there is no way to change my username, thats part one of what they need to hack in.

cex should be using a unique id instead of user names in their referral links imo.
sr. member
Activity: 448
Merit: 254
March 23, 2014, 08:02:42 AM
#9
Wow 700 attempts you think a professional site would have some anti-brtue force timeouts in place.  Heck most forums and torrent sites lock down attempts to bruteforce very quickly. 

Three times and either the account locks for x time or the IP does is fairly basic protection but it bloody works.
hero member
Activity: 1582
Merit: 502
March 23, 2014, 07:33:18 AM
#8
and how would they get your usernames to even try it...

think long and hard about the possibiities

It's in his sig  Wink
sr. member
Activity: 756
Merit: 251
World's First Crowd Owned Cryptocurrency Exchange
March 22, 2014, 11:58:30 PM
#7
They should understand by now bruteforcing online is not the best to do it. If they got the database and bruteforcing offline now that could be another story.
hero member
Activity: 532
Merit: 500
Are you like these guys?
March 22, 2014, 11:32:56 PM
#6
and how would they get your usernames to even try it...

think long and hard about the possibiities


It doesn't take a genius to get a username Wink

legendary
Activity: 4410
Merit: 4766
March 22, 2014, 11:22:43 PM
#5
and how would they get your usernames to even try it...

think long and hard about the possibiities
member
Activity: 82
Merit: 10
March 22, 2014, 11:18:05 PM
#4
Yeah, they finally stopped trying on mine also. Went on for about an hour. I honestly don't have any balance there anyway. It was super annoying seeing over 700 attempts but rewarding at the same time knowing my pw was strong enough.
hero member
Activity: 672
Merit: 500
March 22, 2014, 10:04:53 PM
#3

Attack seems to have stopped... at least, the "Failed Authorisation" emails have stopped.

Smiley



Probably moved on to easier targets.  Good for you for using 2FA.
hero member
Activity: 532
Merit: 500
Are you like these guys?
March 22, 2014, 09:43:15 PM
#2

Attack seems to have stopped... at least, the "Failed Authorisation" emails have stopped.

Smiley

hero member
Activity: 532
Merit: 500
Are you like these guys?
March 22, 2014, 09:26:11 PM
#1

I'm probably not the only one who has a CEX account which is being attempted to be hacked right now Sad

I've spoken with CEX Support who state that as I've 2-factor authorisation, I should be okay but as I didn't see any mention of this hack in progress here on the forum, I wanted to let people know.

Check your email, you may see multiple "Failed Authorisations" from CEX as the hacker repeatedly attempts to brute-force your password.

I was still able to log in with my correct credentials and through there, contacted support. They are aware of it.

Hopefully all your accounts are safe.

 Undecided








Please note: topic self-moderated to keep the CEX haters away.
Jump to: