Topic: LTCgear.com, the best scrypt/scrypt n/X11 cloud mining service, Not paying!!! - page 144. (Read 361391 times)
December 23, 2014, 08:33:18 PM
Somebody changed my BTC and LTC addresses and we don't even know who this Chris guy is, we have no evidence to track that guy, we don't even have an address. So what will happen now, just re changed my btc and ltc addresses but that's bullshit. Seems like that ponzi collapse
December 23, 2014, 08:01:13 PM
The mass changing of the addresses, combined with no lockdown on the accounts point towards a direct database injection (also known as SQL Injection). Chris mentioned that he will be doing some migrating on the website, that of course includes databases migrating. I highly doubt this was malicious database injection and most likely the actuall reason is an error during the migration or some wrong command executed.
Yes the scale of the 'attack' suggests 3 options
1) Hacker using data injection as opper says.
2) Hacker with direct access to the database (data injection does not require direct access). This occurs when one or more of the software stack has been successfully attacked and the hacker can gain full control. Probably inserted control panel code into the admin section of the web site so he/she can do what ever he/she likes when he/she likes until it is removed. Given the software stack has probably not been upgraded for 2 years this is quite a likely scenario.
3) defaulting of the addresses by admin (deliberate or not)
For 1 and 2 Payment has to stop until the hack is removed. If Chris is working from a snap shot of the accounts then he can still payout this week but next week he has to fix the hack.
The hack is quite likely since the hacker has not been paid for his work yet. Lets hope its option 3, though, and its accidental.
I have an account I created and never used, it has no share, never received any payment (so totally unknown from the outside), but still the btc address was changed (I had put a btc address) the ltc address which I left blank was left blank after the changed.
(As I didn't access this account last week, the account went into lock down when I logged in. )
So, unless the hacker have accessed to the full database, they wouldn't have any way of knowing and altering this account.
(unless I am mistaken on how they would proceed)
That's why I think it is Chris who reset somehow the accounts.
Thanks for sharing, that is good to know.
December 23, 2014, 07:33:46 PM
The mass changing of the addresses, combined with no lockdown on the accounts point towards a direct database injection (also known as SQL Injection). Chris mentioned that he will be doing some migrating on the website, that of course includes databases migrating. I highly doubt this was malicious database injection and most likely the actuall reason is an error during the migration or some wrong command executed.
Yes the scale of the 'attack' suggests 3 options
1) Hacker using data injection as opper says.
2) Hacker with direct access to the database (data injection does not require direct access). This occurs when one or more of the software stack has been successfully attacked and the hacker can gain full control. Probably inserted control panel code into the admin section of the web site so he/she can do what ever he/she likes when he/she likes until it is removed. Given the software stack has probably not been upgraded for 2 years this is quite a likely scenario.
3) defaulting of the addresses by admin (deliberate or not)
For 1 and 2 Payment has to stop until the hack is removed. If Chris is working from a snap shot of the accounts then he can still payout this week but next week he has to fix the hack.
The hack is quite likely since the hacker has not been paid for his work yet. Lets hope its option 3, though, and its accidental.
I have an account I created and never used, it has no share, never received any payment (so totally unknown from the outside), but still the btc address was changed (I had put a btc address) the ltc address which I left blank was left blank after the changed.
(As I didn't access this account last week, the account went into lock down when I logged in. )
So, unless the hacker have accessed to the full database, they wouldn't have any way of knowing and altering this account.
(unless I am mistaken on how they would proceed)
That's why I think it is Chris who reset somehow the accounts.
December 23, 2014, 06:34:14 PM
The mass changing of the addresses, combined with no lockdown on the accounts point towards a direct database injection (also known as SQL Injection). Chris mentioned that he will be doing some migrating on the website, that of course includes databases migrating. I highly doubt this was malicious database injection and most likely the actuall reason is an error during the migration or some wrong command executed.
Yes the scale of the 'attack' suggests 3 options
1) Hacker using data injection as opper says.
2) Hacker with direct access to the database (data injection does not require direct access). This occurs when one or more of the software stack has been successfully attacked and the hacker can gain full control. Probably inserted control panel code into the admin section of the web site so he/she can do what ever he/she likes when he/she likes until it is removed. Given the software stack has probably not been upgraded for 2 years this is quite a likely scenario.
3) defaulting of the addresses by admin (deliberate or not)
For 1 and 2 Payment has to stop until the hack is removed. If Chris is working from a snap shot of the accounts then he can still payout this week but next week he has to fix the hack.
The hack is quite likely since the hacker has not been paid for his work yet. Lets hope its option 3, though, and its accidental.
December 23, 2014, 05:49:41 PM
i propose
login only with Https protocol !
https://ltcgear.com/
change login password and put something difficult
use a password generator or something
and of course change your btc and ltc wallet adreess lockdown will start
STATUS: Payment lockdown in action for another 22 hour(s)
monitor your shares if missing
and your btc and ltc address time to time for any changes
also consider mail password change (login only with Https protocol !)
dont open strange mails
and scan your pc with an antivirus for keyloggers or something suspicious
also consider second antivirus for extra security like HitmanPro , Panda Cloud Cleaner and Malwarebytes Anti-Malware
also we will wait for Chris announcement about this
login only with Https protocol !
https://ltcgear.com/
change login password and put something difficult
use a password generator or something
and of course change your btc and ltc wallet adreess lockdown will start
STATUS: Payment lockdown in action for another 22 hour(s)
monitor your shares if missing
and your btc and ltc address time to time for any changes
also consider mail password change (login only with Https protocol !)
dont open strange mails
and scan your pc with an antivirus for keyloggers or something suspicious
also consider second antivirus for extra security like HitmanPro , Panda Cloud Cleaner and Malwarebytes Anti-Malware
also we will wait for Chris announcement about this
December 23, 2014, 03:42:40 PM
I find it odd that the LTC address used LRPj6HXRsL9YxnsT7xQoy2EYTHwREif5dt isnt even a valid address 
http://ltc.blockr.io/address/info/LRPj6HXRsL9YxnsT7xQoy2EYTHwREif5dtThats odd, it was coming up with 'invalid address' on http://block-explorer.com but now its just saying 'not found'
December 23, 2014, 03:37:46 PM
i advise to wait for an official update from Chris
December 23, 2014, 03:35:08 PM
Ok, since we're all guessing what happened, I'm gona go for Chris has changed all the addresses to his own so that the rogue payments come back to him. That way, everyone will be forced to re enter and hopefully will not use TOR this time.
But them I'm a glass half full kind of bloke.
Just bought a few gen2's to prove it.
Disclaimer:- Make you're own mind up, I'm way past my original stake back in the wallet.....
But them I'm a glass half full kind of bloke.
Just bought a few gen2's to prove it.
Disclaimer:- Make you're own mind up, I'm way past my original stake back in the wallet.....
December 23, 2014, 03:34:03 PM
I find it odd that the LTC address used LRPj6HXRsL9YxnsT7xQoy2EYTHwREif5dt isnt even a valid address
http://ltc.blockr.io/address/info/LRPj6HXRsL9YxnsT7xQoy2EYTHwREif5dt December 23, 2014, 03:33:18 PM
So do we change our btc and ltc back or keep the new one that was changed for us
What a question
Well people are saying Chris did it. So yeah it is a legitimate question di** (censored)
What's wrong with you, nobody gave you a reason to use strong language!
December 23, 2014, 03:31:55 PM
I find it odd that the LTC address used LRPj6HXRsL9YxnsT7xQoy2EYTHwREif5dt isnt even a valid address
I'm starting to lean toward this being some sort of backend screw up related to database migrations Chris is working on atm.
I'm starting to lean toward this being some sort of backend screw up related to database migrations Chris is working on atm.
December 23, 2014, 03:26:59 PM
A total shambles.
I've changed mine back. But now I'm on 24 hour lockdown again.
If this is all about getting new funds in to pay old funds out, they've dropped the ball. Who would put new money into this when it is creaking at the edges?
And I'm still WEEKS off a ROI!
I've changed mine back. But now I'm on 24 hour lockdown again.
If this is all about getting new funds in to pay old funds out, they've dropped the ball. Who would put new money into this when it is creaking at the edges?
And I'm still WEEKS off a ROI!
December 23, 2014, 03:26:42 PM
So do we change our btc and ltc back or keep the new one that was changed for us
What a question
[/quote
Well people are saying Chris did it. So yeah it is a legitimate question dick
December 23, 2014, 03:20:51 PM
So do we change our btc and ltc back or keep the new one that was changed for us
Dude! use yours, change it back!
December 23, 2014, 03:20:35 PM
So do we change our btc and ltc back or keep the new one that was changed for us
What a question
December 23, 2014, 03:19:15 PM
So do we change our btc and ltc back or keep the new one that was changed for us
December 23, 2014, 03:11:24 PM
WARNING: All BTC/LTC/DRK addresses just got changed! Go and check and correct your payout addresses NOW!
DRK addresses were not affected.
December 23, 2014, 03:06:55 PM
The mass changing of the addresses, combined with no lockdown on the accounts point towards a direct database injection (also known as SQL Injection). Chris mentioned that he will be doing some migrating on the website, that of course includes databases migrating. I highly doubt this was malicious database injection and most likely the actuall reason is an error during the migration or some wrong command executed.
December 23, 2014, 03:04:02 PM
Funny thing...ok, it's far away from being funny. I got paid 2 days ago in LTC, using the LTC address I entered.
After reading your posts I just noticed that my LTC address was been changed to the same you all stated and additionally a BTC address has been entered (not by me).
Thanks for heads up guys!!
Chris, get you f*cking system running properly or close your shit down and pay everyone out! Bullshit company or whatever it is.
I think you should chill, it seems obvious that he is running some test (communication is clearly not his strong suit...), After reading your posts I just noticed that my LTC address was been changed to the same you all stated and additionally a BTC address has been entered (not by me).
Thanks for heads up guys!!
Chris, get you f*cking system running properly or close your shit down and pay everyone out! Bullshit company or whatever it is.
and I would just let things as they are until he says to change something.
December 23, 2014, 02:38:00 PM
be carefull with this twitter. Chris doesnt make any communication by Twitter
Yeah, he doesn't make any communication at all (it least it feels so), unless he wants to sell new products.
Jump to: