Pages:
Author

Topic: closed - page 2. (Read 20082 times)

newbie
Activity: 11
Merit: 0
June 23, 2011, 03:46:36 PM
By saying "my linux box just got hacked, and now I'm going to get sued", he also pretty much said:

"I downloaded something from an untrusted source, intentionally set it to executable, and then intentionally executed it. I gave the hacker your money. Now I am going to get sued because I am an idiot."
There are quite a few other ways to exploit a box running Linux. Attempting the method you described there would be my last thought.
member
Activity: 78
Merit: 10
June 23, 2011, 02:57:07 PM
Awesome sleuthing, spruce.  I'd tip you if I wasn't so cheap! Smiley
full member
Activity: 126
Merit: 100
June 23, 2011, 02:44:29 PM
Only when the time is right.
full member
Activity: 196
Merit: 101
June 23, 2011, 02:42:31 PM
Diki thinks half of the people in the thread should see a psychiatrist.

As immune hasn't even posted yet...

Do you always refer to yourself in third person?
full member
Activity: 126
Merit: 100
June 23, 2011, 02:40:54 PM
Diki thinks half of the people in the thread should see a psychiatrist.

As immune hasn't even posted yet...
legendary
Activity: 1428
Merit: 1000
https://www.bitworks.io
June 23, 2011, 02:39:37 PM
security problems are going to be the end of bitcoin.


I had almost 400 btc in my wallet on my linux box today. Someone was OBVIOUSLY watching the forums and either hacked me today or already had me hacked.

I had a very public LARGE business deal going and someone STOLE ALL OF THE BTC !!!!!

I was selling 10 XFX 6990's , I had 4 different buyers and I am completely screwed now!!!!!!


This was a problem from first post, now with teh sleuthing it seems you are a crook and this was your plan the whole time, Hiding behind bitcoin is possible but not fool proof so I hope someone gets their hands on you.
newbie
Activity: 54
Merit: 0
June 23, 2011, 02:38:03 PM
So if he was hacked, has anyone mentioned the irony, with his handle being immune. Smiley
legendary
Activity: 1400
Merit: 1005
June 23, 2011, 02:32:46 PM
Wow immune... I hope you're on the run, like now.  Because people are going to be after you like dogs on... a hot dog (both kinds).

Anyway, this is exactly why I wish more people would start using bitcoinfeedback.  With lots of usage, buyers would start to have power to say "I won't buy from anyone with less that X number of feedback".  Sure, you could still get screwed over, but don't buy 10 6990's from a guy who has only sold resistors and gumpacks before, and you should be ok.
newbie
Activity: 59
Merit: 0
June 23, 2011, 02:06:27 PM
The only one of my Linux machines that got hacked was hacked in a similar way, except it was a VPS and my mistake was not realising that HyperVM was sneakily resetting my root password to the provider-set default of "changeme" behind my back. (Surprisingly, even then it seems it took several days for anyone to actually brute-force their way in.)

That's why you *never* enable password access on SSH, and certainly never allow remote root logins.
full member
Activity: 140
Merit: 100
June 23, 2011, 02:03:36 PM
Here's a bit of idle sleuthing:

The 16k6Keq... address is labelled "OP a/c" as it is self-identified in a subsequent post at June 21, 2011, 01:27:54 pm.

The blocks are in date order.


-----

Block 132307 2011-06-21 13:00:14
From: misc small
From: 1KJN1KGGJCLLpTXeGpv3YLXb14QCPBHrXZ: 211 (??)
to: 16k6KeqY13MEwXCKa6uMWvsg7Bmqq1TzXb: 228 (OP a/c)

-----

Block 132313 2011-06-21 13:21:39
From: (mostly) 1CzYyxkCkRd2R5JqHYsYgaxw14Xdqq9mQE: 0.45
to: 16k6KeqY13MEwXCKa6uMWvsg7Bmqq1TzXb: 0.5 (OP a/c)

-----

http://forum.bitcoin.org/index.php?topic=20594.0
Bitcoin wallet problem. Coins not showing up. Please Help!
June 21, 2011, 01:27:54 pm

ok someone please help. Im kind of freaking out. I just sent almost 230 btc from one wallet to another , there have been 7 confirmations showing on the sender side but the transaction has not even showed up on the receiving end!

what do I do?
http://blockexplorer.com/address/16k6KeqY13MEwXCKa6uMWvsg7Bmqq1TzXb

thats the block explorer address for my receiving wallet


-----

Block 132345 2011-06-21 17:58:21
From: 16k6KeqY13MEwXCKa6uMWvsg7Bmqq1TzXb: 228 (OP a/c)
to: 1MQhCaxAkbcFwAxNiL37sJfwk25cJ39F6u: 150 (?)
to: 1PWjXneVnL9T3yqTg5mLr2b7xGWvhLiGD: 78 (see end of post for follow-up transfer)

-----

Im the one who sent him 35 BTC that he now owes me because he promised me an XFX 6990.  



Uploaded with ImageShack.us

assume legit transaction

Block 132613 2011-06-22 17:54:09
To: 1HnrkZinXsb7BVg6Cid82mkH2iGZ2S46fm: 35 (OP a/c)

-----

Block 132640 2011-06-22 20:12:33
From: 1HnrkZinXsb7BVg6Cid82mkH2iGZ2S46fm: 35 (OP a/c)
to: 16k6KeqY13MEwXCKa6uMWvsg7Bmqq1TzXb: 35 (OP a/c)

-----

So at this point the BTC in question are still in Immune's control as he is still transferring coins to this same 16k6Keq address. Note the transfer out of this address of 228 BTC the previous day.

Immune (OP) posts at 2011-06-23 00:45:26 saying 400 BTC stolen "hours" ago. But there are no transfers out of this address since Block 132640 2011-06-22 20:12:33, when OP sent 35 BTC to this same address.

16 hours later, a transfer is made from this address of 35 BTC:

-----

Block 132843 2011-06-23 16:44:38
From: 16k6KeqY13MEwXCKa6uMWvsg7Bmqq1TzXb: 35 (OP a/c)
to: 17u8j4Eu2LnsY8pGKaXgayoKrASmfGScFW: 30
to: 16paRtbrHkzetP22NUAJGzPAvjR5Uzijz2: 5

-----

And a follow-up of the transfer:

-----

Block 132764
2011-06-23 08:07:15
From: 1PWjXneVnL9T3yqTg5mLr2b7xGWvhLiGD: 78
plus 15 others totalling 750 BTC
to: 167uGc235YogUFFRqLyvoaXoA7GdXozqYi: 750

-----

Block 132831
2011-06-23 15:30:27
From: 167uGc235YogUFFRqLyvoaXoA7GdXozqYi: 750
to: 1DvJjEapvLLY6fkbECxNsrczrhwvqPFVay: 747
to: 19m847ob4dBwQGpVnetefjKYLWJU7jPtBE: 3

-----

Any further comments, Immune?
full member
Activity: 140
Merit: 101
June 23, 2011, 01:49:00 PM
I invited the members, please don't PM them so they get barraged.
hero member
Activity: 686
Merit: 564
June 23, 2011, 01:48:12 PM
Someone actually managed to hack into my Linux box yesterday through some SSH hole. Luckily I didn't have my wallet sitting around. I'm amazed that the hole was there by default (I installed SSH and figured it would only work for my username).
The only one of my Linux machines that got hacked was hacked in a similar way, except it was a VPS and my mistake was not realising that HyperVM was sneakily resetting my root password to the provider-set default of "changeme" behind my back. (Surprisingly, even then it seems it took several days for anyone to actually brute-force their way in.)
full member
Activity: 140
Merit: 101
June 23, 2011, 01:44:44 PM

If all that's true, you're holding board member BTC. Correction, you were. I hope to god you ship out those cards or your the thief.

Don't expect sympathy for DEMANDING people meet you on your terms, not use escrow, collect payment before shipping......

I smell a set up. Let's  bring those other members to this thread and figure this out.
full member
Activity: 140
Merit: 101
June 23, 2011, 01:41:01 PM

Brothers, gonna have to do some reading here.....
newbie
Activity: 41
Merit: 0
June 23, 2011, 01:36:07 PM
full member
Activity: 140
Merit: 101
June 23, 2011, 01:35:35 PM
So is this new troll policy???

Always keep a fresh topic on the list about a hack or BTC theft. I swear I've read this same post and the same tone several times now. Even some of the same words of desperation.

Any newbie or reporter that comes by will see it posted there.

I'm sorry but I just don't buy it. I call BS of the highest order.
hero member
Activity: 532
Merit: 500
FIAT LIBERTAS RVAT CAELVM
June 23, 2011, 01:35:24 PM
Good point, Imperi. He could also be saying "I forgot to change the default config on my new install of SSH, and now I'm going to be sued because I am an idiot."

Especially after that whole debacle with the iPhone - or was it Android - I can remember, But a bunch of phones got hacked via the default ssh password.
full member
Activity: 196
Merit: 101
June 23, 2011, 01:28:57 PM
Someone actually managed to hack into my Linux box yesterday through some SSH hole. Luckily I didn't have my wallet sitting around. I'm amazed that the hole was there by default (I installed SSH and figured it would only work for my username).
hero member
Activity: 686
Merit: 564
June 23, 2011, 01:27:07 PM
By saying "my linux box just got hacked, and now I'm going to get sued", he also pretty much said:

"I downloaded something from an untrusted source, intentionally set it to executable, and then intentionally executed it. I gave the hacker your money. Now I am going to get sued because I am an idiot."
There have been Linux security vulnerabilities before, you know. As in bona-fide, open the wrong webpage and get instantly hacked vulnerabilities. In fact, most of the security issues in programs like Flash and Firefox apply just as much on Linux as on Windows these days, it's just that no-one really bothers to target Linux desktops. Bitcoin seems like a very worthwhile reason for some hacker to change that.
jr. member
Activity: 120
Merit: 3
June 23, 2011, 01:09:12 PM
Most unconvincing OP ever. I'm amazed that he did ask for donations to recoup the 'hack'.
Pages:
Jump to: