Author

Topic: DDoS extortion (Read 1385 times)

hero member
Activity: 756
Merit: 510
Dear me, I think I'm becoming a god
May 02, 2016, 08:14:21 AM
#20
How did you get the message @theymos? Maybe we can track them down
legendary
Activity: 1540
Merit: 1011
FUD Philanthropist™
May 02, 2016, 03:22:16 AM
#19
This was a common occurrence last year.
Cryptsy got hit as well as RarBG and many others.
I also seen stories about other P2P sites and rumors all over about Extortion demands for BTC.
Pretty sure a couple stories mentioned this last couple months at Torentfreak.

And ya screw 'em i would not give in to them.
Pay them once & they would be back later for more money anyway.
legendary
Activity: 3248
Merit: 1070
May 01, 2016, 01:32:21 PM
#18
is this the same guy(i'm assuming) that back then caused that huge ddos of the forum and we remained two days without the forum? it may be the same person, but i don't remember an extorsion at that time...
legendary
Activity: 2674
Merit: 2965
Terminated.
May 01, 2016, 10:03:48 AM
#17
Not really. This is the biggest cryptocurrency forum in the world. Everyone knows it. Hackers assume that Theymos has a small fortune in BTC from donations and ads published on bitcointalk.
So it will be easy for him to pay 'small fee' of 10 BTC to prevent DDOS. But paying anything is not the answer and solution but instead dead end and invitation to another DDOS.
I doubt that this is the case. The sender could probably be part of some larger group that is sending out these emails everywhere. Just recently, it has been discovered that a group has been doing this and due to receiving coins on a single address (some 'people' pay and some don't) they have not launched a single attack (free Bitcoins?). Anyhow, the forum should be fine for now. DDoS is just a temporary issue.
legendary
Activity: 1862
Merit: 1004
May 01, 2016, 09:25:21 AM
#16
10BTC for some DDoS on a forum? that's just ridiculous.
Not really. This is the biggest cryptocurrency forum in the world. Everyone knows it. Hackers assume that Theymos has a small fortune in BTC from donations and ads published on bitcointalk.
So it will be easy for him to pay 'small fee' of 10 BTC to prevent DDOS. But paying anything is not the answer and solution but instead dead end and invitation to another DDOS.
newbie
Activity: 21
Merit: 0
April 30, 2016, 04:44:18 PM
#15
you go theymos! screw those lamers trying to extort you Smiley
legendary
Activity: 1456
Merit: 1000
April 23, 2016, 11:25:10 PM
#14
10BTC for some DDoS on a forum? that's just ridiculous.

Extortion is ridiculous to begin with.  I'm glad theymos shared so we know whats going on if site slows down, or worst stops.  But if you pay them once... they will come back again wanting more chances are.  So who ever doing it is a idiot to think they will get payment.

Heck on the big hack on DB a while back theymos offered reward for tips/telling who did attack.  I like this side much better find a way to legally get the person trying to do this in court.
legendary
Activity: 1092
Merit: 1001
April 23, 2016, 09:44:34 PM
#13
I'd guess that DDoS attacker hacked mah account as well or the beta is leaking passwords. I'm not getting the reason how am I hacked? However, I've sent you a pm(theymos) for mah account recovery. How about checking 'em(mah pm)?
My guess is both of your above guesses are full of crap since your saying he also "hacked" your btc wallet.
So, you likely have malicious software on your computer and I'm guessing is still there now.

Also, this thread is to notify users of this DDoS extortion attempt and/or possible future downtime.
You posting in this thread to ask Theymos to check his PMs about your account reset is offtopic.
copper member
Activity: 2996
Merit: 2374
April 23, 2016, 09:41:26 PM
#12
Why not use cloudflaire servers? They proved to be resistant against all ddos attacks. Just my two cents.
Thanks for sharing the info.
This has been discussed a number of times. I believe that you need to give up your HTTPS keys to google in order to use CloudFlaire which is not something that theymos wants to do just yet. If you give your HTTPS keys to a third party then that party can potentially impersonate you without detection.
hero member
Activity: 910
Merit: 1000
「きみはこれ&#
April 23, 2016, 09:37:56 PM
#11
Why not use cloudflaire servers? They proved to be resistant against all ddos attacks. Just my two cents.
Thanks for sharing the info.
newbie
Activity: 28
Merit: 0
April 23, 2016, 09:30:32 PM
#10
I'd guess that DDoS attacker hacked mah account as well or the beta is leaking passwords. I'm not getting the reason how am I hacked? However, I've sent you a pm(theymos) for mah account recovery. How about checking 'em(mah pm)?
legendary
Activity: 1484
Merit: 1001
Personal Text Space Not For Sale
April 23, 2016, 09:24:04 PM
#9
Yes, you should never pay someone that threaten DDOS Bitcointalk. We, Bitcointalker here, will donate if there is a need to upgrade the server to a better standard.  Wink.

I guess that the attacker is out of resource now. Happy defending! Smiley.
administrator
Activity: 5222
Merit: 13032
April 23, 2016, 09:19:11 PM
#8
Didn't we subscribe to some kind of DDoS mitigation service several months ago?

Quite some time ago the forum was behind a DDoS protection service, but this service had many failures, and the alternatives were either unbelievably expensive or too intrusive (ie. they'd break HTTPS's security, make things difficult for Tor users, etc.), so I decided to roll my own DDoS protection. This has gone fairly well so far, though my DDoS mitigation techniques haven't been tested by any particularly large attacks until now. (Small-scale DoS attacks are very common, and my mitigations handle them easily.)
copper member
Activity: 2996
Merit: 2374
April 23, 2016, 09:13:00 PM
#7
Didn't we subscribe to some kind of DDoS mitigation service several months ago?

I have to agree that in the vast majority of the time it is not a good idea to pay this kind of extortion.
legendary
Activity: 2590
Merit: 3015
Welt Am Draht
April 23, 2016, 08:43:59 PM
#6
I assumed this forum was threatened with that about a thousand times a second. Then the wee creeps come on here and eulogise what they're screwing with.
sr. member
Activity: 756
Merit: 290
April 23, 2016, 08:19:08 PM
#5
hey theymos ignore this threads but i can protect you with praying for 5btc Smiley security is most important ^^
copper member
Activity: 924
Merit: 1007
hee-ho.
April 23, 2016, 08:18:11 PM
#4
10BTC for some DDoS on a forum? that's just ridiculous.
hero member
Activity: 920
Merit: 1014
April 23, 2016, 08:11:49 PM
#3
Don't pay those assholes anything......If the site goes down for a bit i'm sure we will all survive. Don't give into the demand.
hero member
Activity: 658
Merit: 500
April 23, 2016, 07:53:48 PM
#2
Thanks for letting us know, I was wondering what was going on
administrator
Activity: 5222
Merit: 13032
April 23, 2016, 07:52:23 PM
#1
Someone threatened to DDoS the forum if I didn't pay 10 BTC, and then shortly afterward there was a DDoS attack which took down the forum for a while. Needless to say, I will never pay this demand. For now, the attack has either stopped or been significantly reduced, but it might happen again in the near future. If there is another attack, I will try my best to mitigate it.
Jump to: