Topic: Is this a security issue? Massive worker un & pw list found through google ... - page 2. (Read 4026 times)
September 22, 2011, 11:43:55 AM
lol! i thought that was my database!
September 22, 2011, 11:41:38 AM
oh holy hell, I hope people didn't use these logins/passwords for their mtgox account. I'm glad I'm not on the list 
But if I we're, the only thing I have on mtgox right now is .0034 btc
But if I we're, the only thing I have on mtgox right now is .0034 btc September 22, 2011, 10:26:35 AM
Just in time, daddy needs a new pair of shoes.
September 22, 2011, 10:23:59 AM
https://encrypted.google.com/#q=redline888%40gmail.com first hit for example ...
Thank you. Sorry to OP for saying I find this hard to believe. I stand corrected.
September 22, 2011, 09:26:29 AM
https://encrypted.google.com/#q=redline888%40gmail.com first hit for example ...
September 22, 2011, 09:22:13 AM
http://50.19.139.134/test.php
I found it by simply doing a google search for my email address. I wonder how many people used a password on there that may be to an actual account somewhere else?
I found it by simply doing a google search for my email address. I wonder how many people used a password on there that may be to an actual account somewhere else?
can you please let us know exactly what you google
searched? I'm finding this hard to believe
As I said in the first post if you had looked, I simply googled my email address ...
September 22, 2011, 09:18:24 AM
http://50.19.139.134/test.php
I found it by simply doing a google search for my email address. I wonder how many people used a password on there that may be to an actual account somewhere else?
I found it by simply doing a google search for my email address. I wonder how many people used a password on there that may be to an actual account somewhere else?
can you please let us know exactly what you google
searched? I'm finding this hard to believe
September 22, 2011, 09:08:23 AM
@OP actually you're the dick for posting the link without any attempt to warn those affected.
Fuck you ... how is it my responsibility to do anything about it? What am I gonna do, email everyone on that list a sweet little message? Get real ... I could have just as well done something nefarious with it but I posted it here in hopes of getting it resolved.
September 22, 2011, 07:35:57 AM
Write a script to just pull the email addresses from the list end send an email to all of them.
Write a script to change all their passwords faster than somebody does what you suggested ...
No, this should go to the email provider's attention don't you think so?
September 22, 2011, 07:25:34 AM
Write a script to just pull the email addresses from the list end send an email to all of them.
September 22, 2011, 07:19:12 AM
Ok, the one gmail account I tried out and worked got this message a minute ago:
Your request (#....) has been received, and will be reviewed by our support staff.
Our help desk is experiencing unusually high traffic currently. We regret to inform you that you will experience some delays (currently 48-72 hrs) in us getting back to you.
We sincerely apologize for the inconvenience and are working on all fronts to improve our response times.
To review the status of the request and add additional comments, follow the link below:
http://support.mtgox.com/tickets/....
This means somebody even more evil than the OP and me is already at it. I could have logged into Gox but didn't as from having his main mail account I know the rest is trivial.
HOW TO RING THE BELLS?
?
Your request (#....) has been received, and will be reviewed by our support staff.
Our help desk is experiencing unusually high traffic currently. We regret to inform you that you will experience some delays (currently 48-72 hrs) in us getting back to you.
We sincerely apologize for the inconvenience and are working on all fronts to improve our response times.
To review the status of the request and add additional comments, follow the link below:
http://support.mtgox.com/tickets/....
This means somebody even more evil than the OP and me is already at it. I could have logged into Gox but didn't as from having his main mail account I know the rest is trivial.
HOW TO RING THE BELLS?
? September 22, 2011, 07:04:49 AM
@OP actually you're the dick for posting the link without any attempt to warn those affected.
September 22, 2011, 07:04:03 AM
Ok, I'm a dick. 3rd try of a gmail account worked. I'll try to inform gmail to lock them all but ... hmm ... how to reach all mail hosters?
September 22, 2011, 12:37:30 AM
I bet a few of those passwords work on those emails...and that a few more work on their Gox accounts as well...
September 22, 2011, 12:32:07 AM
... but I am not enough of a dick.
Got me fooled!
September 22, 2011, 12:21:41 AM
Yes, well, we're the smart ones apparently. Not everyone is. You have a nice list now of email addresses and potential passwords. You do the maths.
It is kind of terrible...taking a closer look, a LOT of people have complex passwords set for their workers. It makes me want to start trying them on facebook, but I am not enough of a dick.
September 22, 2011, 12:18:52 AM
Yes, well, we're the smart ones apparently. Not everyone is. You have a nice list now of email addresses and potential passwords. You do the maths.
September 22, 2011, 12:15:00 AM
Whats the point of having passwords for workers? I'd be glad if someone mined on my account 
My password for all workers on every pool is bitcoin123 feel free to use it.
My password for all workers on every pool is bitcoin123 feel free to use it.
September 22, 2011, 12:09:30 AM
Looks like there's a lot of SA members there. But no one here would dare to...Surely not...No Way!
Remember: Play nice!
Remember: Play nice!
And don't even think about sending Cosby Coins to any of the SA members on the list.
September 21, 2011, 11:57:56 PM
worker passwords are totally pointless. mine are all default. you guys wanna mine for me? feel free.
Jump to: