Topic: closed - page 2. (Read 20064 times)

There are quite a few other ways to exploit a box running Linux. Attempting the method you described there would be my last thought.

Awesome sleuthing, spruce.  I'd tip you if I wasn't so cheap!

Only when the time is right.

Do you always refer to yourself in third person?

Diki thinks half of the people in the thread should see a psychiatrist.

As immune hasn't even posted yet...

This was a problem from first post, now with teh sleuthing it seems you are a crook and this was your plan the whole time, Hiding behind bitcoin is possible but not fool proof so I hope someone gets their hands on you.

So if he was hacked, has anyone mentioned the irony, with his handle being immune.

Wow immune... I hope you're on the run, like now.  Because people are going to be after you like dogs on... a hot dog (both kinds).

Anyway, this is exactly why I wish more people would start using bitcoinfeedback.  With lots of usage, buyers would start to have power to say "I won't buy from anyone with less that X number of feedback".  Sure, you could still get screwed over, but don't buy 10 6990's from a guy who has only sold resistors and gumpacks before, and you should be ok.

That's why you *never* enable password access on SSH, and certainly never allow remote root logins.

Here's a bit of idle sleuthing:

The 16k6Keq... address is labelled "OP a/c" as it is self-identified in a subsequent post at June 21, 2011, 01:27:54 pm.

The blocks are in date order.


-----

Block 132307 2011-06-21 13:00:14
From: misc small
From: 1KJN1KGGJCLLpTXeGpv3YLXb14QCPBHrXZ: 211 (??)
to: 16k6KeqY13MEwXCKa6uMWvsg7Bmqq1TzXb: 228 (OP a/c)

-----

Block 132313 2011-06-21 13:21:39
From: (mostly) 1CzYyxkCkRd2R5JqHYsYgaxw14Xdqq9mQE: 0.45
to: 16k6KeqY13MEwXCKa6uMWvsg7Bmqq1TzXb: 0.5 (OP a/c)

-----

http://forum.bitcoin.org/index.php?topic=20594.0
Bitcoin wallet problem. Coins not showing up. Please Help!
June 21, 2011, 01:27:54 pm


-----

Block 132345 2011-06-21 17:58:21
From: 16k6KeqY13MEwXCKa6uMWvsg7Bmqq1TzXb: 228 (OP a/c)
to: 1MQhCaxAkbcFwAxNiL37sJfwk25cJ39F6u: 150 (?)
to: 1PWjXneVnL9T3yqTg5mLr2b7xGWvhLiGD: 78 (see end of post for follow-up transfer)

-----


assume legit transaction

Block 132613 2011-06-22 17:54:09
To: 1HnrkZinXsb7BVg6Cid82mkH2iGZ2S46fm: 35 (OP a/c)

-----

Block 132640 2011-06-22 20:12:33
From: 1HnrkZinXsb7BVg6Cid82mkH2iGZ2S46fm: 35 (OP a/c)
to: 16k6KeqY13MEwXCKa6uMWvsg7Bmqq1TzXb: 35 (OP a/c)

-----

So at this point the BTC in question are still in Immune's control as he is still transferring coins to this same 16k6Keq address. Note the transfer out of this address of 228 BTC the previous day.

Immune (OP) posts at 2011-06-23 00:45:26 saying 400 BTC stolen "hours" ago. But there are no transfers out of this address since Block 132640 2011-06-22 20:12:33, when OP sent 35 BTC to this same address.

16 hours later, a transfer is made from this address of 35 BTC:

-----

Block 132843 2011-06-23 16:44:38
From: 16k6KeqY13MEwXCKa6uMWvsg7Bmqq1TzXb: 35 (OP a/c)
to: 17u8j4Eu2LnsY8pGKaXgayoKrASmfGScFW: 30
to: 16paRtbrHkzetP22NUAJGzPAvjR5Uzijz2: 5

-----

And a follow-up of the transfer:

-----

Block 132764
2011-06-23 08:07:15
From: 1PWjXneVnL9T3yqTg5mLr2b7xGWvhLiGD: 78
plus 15 others totalling 750 BTC
to: 167uGc235YogUFFRqLyvoaXoA7GdXozqYi: 750

-----

Block 132831
2011-06-23 15:30:27
From: 167uGc235YogUFFRqLyvoaXoA7GdXozqYi: 750
to: 1DvJjEapvLLY6fkbECxNsrczrhwvqPFVay: 747
to: 19m847ob4dBwQGpVnetefjKYLWJU7jPtBE: 3

-----

Any further comments, Immune?

I invited the members, please don't PM them so they get barraged.

The only one of my Linux machines that got hacked was hacked in a similar way, except it was a VPS and my mistake was not realising that HyperVM was sneakily resetting my root password to the provider-set default of "changeme" behind my back. (Surprisingly, even then it seems it took several days for anyone to actually brute-force their way in.)

If all that's true, you're holding board member BTC. Correction, you were. I hope to god you ship out those cards or your the thief.

Don't expect sympathy for DEMANDING people meet you on your terms, not use escrow, collect payment before shipping......

I smell a set up. Let's  bring those other members to this thread and figure this out.

Brothers, gonna have to do some reading here.....

such a coincidence http://forum.bitcoin.org/index.php?topic=19630.0

So is this new troll policy???

Always keep a fresh topic on the list about a hack or BTC theft. I swear I've read this same post and the same tone several times now. Even some of the same words of desperation.

Any newbie or reporter that comes by will see it posted there.

I'm sorry but I just don't buy it. I call BS of the highest order.

Good point, Imperi. He could also be saying "I forgot to change the default config on my new install of SSH, and now I'm going to be sued because I am an idiot."

Especially after that whole debacle with the iPhone - or was it Android - I can remember, But a bunch of phones got hacked via the default ssh password.

Someone actually managed to hack into my Linux box yesterday through some SSH hole. Luckily I didn't have my wallet sitting around. I'm amazed that the hole was there by default (I installed SSH and figured it would only work for my username).

There have been Linux security vulnerabilities before, you know. As in bona-fide, open the wrong webpage and get instantly hacked vulnerabilities. In fact, most of the security issues in programs like Flash and Firefox apply just as much on Linux as on Windows these days, it's just that no-one really bothers to target Linux desktops. Bitcoin seems like a very worthwhile reason for some hacker to change that.

Most unconvincing OP ever. I'm amazed that he did ask for donations to recoup the 'hack'.