Pages:
Author

Topic: mmpool.org - 1.5% fee DGM/PPS - tx fees/vardiff/merge mine/tor - page 2. (Read 361606 times)

member
Activity: 297
Merit: 30

In case anyone was thinking about mining at mmpool.org:  Do not mine at mmpool.org

admin@mmpool has not replied to any of the several emails sent to him since 28 December 2022. 

[email protected] does not visit this forum (BTF) to read posts.  If he did, we might see an email reply to a post or a news reply to a post that originated on BTF.
Since he does not read this, and does not reply to email, we don't have any dialogue regarding pool operations. 
We only have vague posts with missing facts on the mmpool.org news web page after a HUGE ROBBERY BY AN UNKNOWN THIEF.

By the way, I might have accepted the missing block scenario he describes in his news post. 
It might have been a way to move forward if this wasn't already full of lies and fraud.
It might have resulted in a large payout to me.
It is a shame that I wasn't asked if that was ok despite being owed so much and despite my several attempts by email to continue the conversation.
If he had posted that here on BTF back at 16 December 2022, then we might still be mining right into his next fraud.

Instead, I have found his location and let him know that location via email. 
Then he posted the latest news entry with more facts for you all.
I'll hire an investigator and a lawyer in his english-speaking home country (far from Sweden!) to follow up on my behalf.
He doesn't want to engage directly, so I now have to invest more to continue the conversation in person.

In the best-case scenario, the admin is negligent and he has allowed a thief to steal the reward of the last round while also neglecting his community of miners.
In the worst-case scenario, the admin is the thief.

I won't mine at mmpool.org and you shouldn't either.





member
Activity: 297
Merit: 30

I am sorry for the loss you suffered.

Even if it is not fraud by the pool owner he still is liable for not securing the mining address correctly.

You certainly would have a civil case against him if you find him.

your loss is 6 x 16.8k = 100.8k or more I hope you can find him out and get restitution from him.

Thank you phillpma1957.
I very much appreciate it.
legendary
Activity: 2405
Merit: 1459
-> morgen, ist heute, schon gestern <-
There are NEWS on mmpool.org:
Quote
2023-01-07

    On 2022-12-27 the pool received the following email:


    From: Woon Jin woonjin81 at proton dot me
    To: [email protected] admin at mmpool dot org
    Subject: mmpool info mined block this month
    Hi my friend
    My name is Woon Jin - Im security and pentesting enginer and I contact you to explain more about mmpool problems that appear this month
    First of all keep all your private keys in safe places!.
    First step for me was to give all credentials to conect to your btc server.
    The btc server was accesed first with user main, I checked that wallet that was stored local and I see 0 transactions.
    I copied that wallet and go away for months.
    I keeped an eye on that public addreses from pool and I see no transactionas from 2016 or 2017 and I go away.
    after some time I come back and check again that address and I see some coinbase transactions from some block mined.
    I come back to that btc server and I tried to modified the pool config file but no admin privilege and I tried to got admin privilege with a linux kernel expl.
    but was a btc server crash first time and then the root privilege escalation was succesful.
    I put a new mining address and keep waiting months.
    after a lot of time in a day I received a mining pool notification and bang the block mined.
    all founds are keeped in safe place. for more details mail me back
    I attached her the old privat key for your user main. don't forget to check all your devices about security issues and don't forget about ckpool secutiry issues.
    -----BEGIN OPENSSH PRIVATE KEY-----
    [redacted]
    -----END OPENSSH PRIVATE KEY-----
    Sent with [Proton Mail](https://proton.me/) secure email.

    I confirmed that the private key was the key to SSH to the server. I replied requesting more information and return of the funds. On 2022-12-28 I received the following:

    Hi friend admin
    Hard time here in Shangqui no job no salary and covid pandemic low money level for people here
    No more details I have keep you credentials in safe place update software
    Old software and webs have more bugs
    Firewall is good to be install update ckpool software netcat works well.
    Happy year admin
    Sent with Proton Mail secure email.

    I didn't reply to this email but received another on 2023-01-01:

    Hi admin
    No waste time audit source code
    https://bitbucket.org/ckolivas/ckpool/src/master/
    old scripts expl no public avaiable
    solo.ckpool.or no firewall ssh open exp no work source no bug
    solo.ckpool.org has address 51.81.56.15
    solo.ckpool.org has IPv6 address 2604:2dc0:100:240f::1
    scan hostname: 51.81.56.15
    51.81.56.15 : 22 : TXT : SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.5
    51.81.56.15 : 80 : TXT : 51.81.56.15 : 22 : TXT : SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.5
    51.81.56.15 : 80 : TXT : 51.81.56.15 : 443 : TXT : 51.81.56.15 : 443 : TXT : 51.81.56.15 : 3333 : TXT : 51.81.56.15 : 3333 : TXT : 51.81.56.15 : 4334 : TXT : 51.81.56.15 : 4334 : TXT : 51.81.56.15 : 8333 : TXT : 51.81.56.15 : 8333 : TXT : Sent with Proton Mail secure email.

I have heard nothing from them since. I am updating the pool software to remove vulernabilities. Once that is done, the pool will be resumed. The bitcoins stolen by the attacker are not retrievable, if you have resources to track them down from the emails that would be useful. As a pool that shares the distribution of mined bitcoins to the users, so is the loss of mined bitcoins through attacks like this distributed. The block will be treated as unfound and the DGM reward system will treat it as if it had not been mined. This will mean the rewards will continue to be funded to miners in future blocks as the DGM system "catches up" for what looks like an unlucky mining period.

On 2022-01-07 I received an email from a pool user with an attempt to obtain information about the pool operator embedded in the email. I am doing my best at keeping the pool operational, and while I've been running it have been responsible for the distribution of many bitcoins. I appreciate all your patience and use of the pool. I hope we can continue to operate in a fair manner following this.



to sad. I liked the payout sceme for the blockfinding miner. But now it's over!
legendary
Activity: 4032
Merit: 7391
'The right to privacy matters'

I have emailed [email protected] several times since 27 December 2022 and I have received no reply since then.

The admin assured me in 2021 that the pool would remain operational and encouraged more mining.  I rented mining rigs and found the majority of the blocks in 2021.
Those rewards were paid out as promised.  The admin encouraged more mining

This year, I mined more and doubled down in the last quarter to try to find a block before the end of the year for this pool.
It was a long and difficult round with low luck.  It seemed to go on forever.  I went in deeper.
A block was found and I was elated to get some of the year-long investment back... or so I thought.

We were robbed before the payout happened.
The admin put the pool on hold for an audit and then dropped communications.

I have been patient, but this is fraud.
I don't have any other course of action: I will find the admin in person and continue the conversation.    
I emailed the admin to say exactly that message today.  Still no reply.  

So, backing up to last year...
On 27 December, I received this final message for 2022.  At the time I agreed to keep it confidential while the admin worked out the details.  But since I have had no reply, here are all the details of that final message.  The typos and removed information was exactly as I received it.  The facts don't match what actually happened since the alleged perpetrator talks about 2016 and 2017 and this all went down between December 2021 and December 2022.  But anyway, here it is.

Quote
I have been contacted by the person who took the pool funds today. They have provided proof that they accessed the server. They apparently gained access a long time ago, and waited for the opportunity to obtain the funds. Here's part of their communication:

===
The btc server was accesed first with user [removed}, I checked that wallet that was stored local and I see 0 transactions.
I copied that wallet and go away for months.
I keeped an eye on that public addreses from pool and I see no transactionas from 2016 or 2017 and I go away.
after some time I come back and check again that address and I see some coinbase transactions from some block mined.
I come back to that btc server and I tried to modified the pool config file but no admin privilege and I tried to got admin privilege with a linux kernel expl.
but was a btc server crash first time and then the root privilege escalation was succesful.
I put a new mining address and keep waiting months.
after a lot of time in a day I received a mining pool notification and bang the block mined.
==

They say the funds are "in a safe place" and asked my to email them back for details which I have done today. Please keep the specific details above confidential for now while I communicate with them. I'll let you know as soon as they reply, or within 24 hours if I haven't heard back.

Somebody please quote this post for me.  
I will apologize if I am so lucky to be wrong about this fraud ... or I will find the admin and discuss it in person.


        ctya
(Calmer Than You Are )






I am sorry for the loss you suffered.

Even if it is not fraud by the pool owner he still is liable for not securing the mining address correctly.

You certainly would have a civil case against him if you find him.

your loss is 6 x 16.8k = 100.8k or more I hope you can find him out and get restitution from him.
hero member
Activity: 2604
Merit: 550
If you study frauds, there are often more than one person involved.
legendary
Activity: 3528
Merit: 2414
Evil beware: We have waffles!
Did better than a quote: archived this page along with screenshot at Archive.org  https://web.archive.org/web/20230106012819/https://bitcointalk.org/index.php?topic=559011.2000
member
Activity: 297
Merit: 30

I have emailed [email protected] several times since 27 December 2022 and I have received no reply since then.

The admin assured me in 2021 that the pool would remain operational and encouraged more mining.  I rented mining rigs and found the majority of the blocks in 2021.
Those rewards were paid out as promised.  The admin encouraged more mining

This year, I mined more and doubled down in the last quarter to try to find a block before the end of the year for this pool.
It was a long and difficult round with low luck.  It seemed to go on forever.  I went in deeper.
A block was found and I was elated to get some of the year-long investment back... or so I thought.

We were robbed before the payout happened.
The admin put the pool on hold for an audit and then dropped communications.

I have been patient, but this is fraud.
I don't have any other course of action: I will find the admin in person and continue the conversation.   
I emailed the admin to say exactly that message today.  Still no reply.   

So, backing up to last year...
On 27 December, I received this final message for 2022.  At the time I agreed to keep it confidential while the admin worked out the details.  But since I have had no reply, here are all the details of that final message.  The typos and removed information was exactly as I received it.  The facts don't match what actually happened since the alleged perpetrator talks about 2016 and 2017 and this all went down between December 2021 and December 2022.  But anyway, here it is.

Quote
I have been contacted by the person who took the pool funds today. They have provided proof that they accessed the server. They apparently gained access a long time ago, and waited for the opportunity to obtain the funds. Here's part of their communication:

===
The btc server was accesed first with user [removed}, I checked that wallet that was stored local and I see 0 transactions.
I copied that wallet and go away for months.
I keeped an eye on that public addreses from pool and I see no transactionas from 2016 or 2017 and I go away.
after some time I come back and check again that address and I see some coinbase transactions from some block mined.
I come back to that btc server and I tried to modified the pool config file but no admin privilege and I tried to got admin privilege with a linux kernel expl.
but was a btc server crash first time and then the root privilege escalation was succesful.
I put a new mining address and keep waiting months.
after a lot of time in a day I received a mining pool notification and bang the block mined.
==

They say the funds are "in a safe place" and asked my to email them back for details which I have done today. Please keep the specific details above confidential for now while I communicate with them. I'll let you know as soon as they reply, or within 24 hours if I haven't heard back.

Somebody please quote this post for me. 
I will apologize if I am so lucky to be wrong about this fraud ... or I will find the admin and discuss it in person.


        ctya
(Calmer Than You Are )




legendary
Activity: 2405
Merit: 1459
-> morgen, ist heute, schon gestern <-
It is very unlikley a hacker would return the coins after sending them through a mixer, what cost them also some amount of the coins.
If they realy intend to return the btc, they had just contacted the pool owner and let the btc sit where they are.
I think this swedish pool is nuts and the money is gone.
I never understand why the op refused to post on BCT any longer.
legendary
Activity: 4032
Merit: 7391
'The right to privacy matters'
maybe he can do something to fix what happened.

Personally, I can't find a scenario where the hacker would find it beneficial to return the funds.

On my end, I still doubt the administrator's good faith. It seems completely insane to not check the address associated with the coinbase after a random server reboot.

I'm waiting to see, but I'm not optimistic.

Ultimately the pool op is responsible. One miner lost just over 6 coins and maybe the reward of 0.18 also belongs to him.

Its close to $100,000 loss for that miner. The rest of us lost maybe 1 or 2k split between us.

My loss is 0.011 just under 200 usd and I was not on the pool when the block was hit so I did not get the reward.

As for the hacker giving the coin back you never know. Stranger things have happened.

My s17 is pointed to the pool but is rolling over at the moment to the secondary pool.
hero member
Activity: 504
Merit: 1065
Crypto Swap Exchange
maybe he can do something to fix what happened.

Personally, I can't find a scenario where the hacker would find it beneficial to return the funds.

On my end, I still doubt the administrator's good faith. It seems completely insane to not check the address associated with the coinbase after a random server reboot.

I'm waiting to see, but I'm not optimistic.
hero member
Activity: 2604
Merit: 550
I wonder how much time and study the admin put into cybersecurity. 
legendary
Activity: 4032
Merit: 7391
'The right to privacy matters'
maybe he can do something to fix what happened.
member
Activity: 297
Merit: 30

http://mmpool.org/news

Quote

2022-12-28
I've received an email from someone claiming responsibility for stealing the coins, with proof that they obtained access to the server through an exploit. I'll post an update here about the correspondence with them soon. The pool server is currently down while the software and setup is audited.

member
Activity: 297
Merit: 30
Well I am still pointing a s17 and while it would not save the lost block if it hit it would help out a bit.

I will keep it pointed til 2023


I think it's possible for mmpool to pay out all pending rewards over the next several hit blocks.

So I hope you hit it!
... and I hope mmpool pays the pending rewards.
legendary
Activity: 4032
Merit: 7391
'The right to privacy matters'
Well I am still pointing a s17 and while it would not save the lost block if it hit it would help out a bit.

I will keep it pointed til 2023


Estimated Payout (top 20 submitters)

Rank   Id   DGM Estimate   Shares   Rate (MHash/s)
1   06ae84f6   4.92036759   1,160,041,864,416   0
2   0d3cd883   0.06904693   257,973,315,451   0
3   3678e892   0.01304011   47,673,450,988   0

4   1b7093a2   0.00657230   7,992,124,585   41,317,059. <<<<<< me



5   b0de62e3   0.00123896   4,534,845,786   0
6   b7b0ebdb   0.00047783   1,748,238,954   0
7   2f20f218   0.00043301   1,580,776,300   0
8   3f064418   0.00042530   1,552,811,302   0
9   6fec3c50   0.00024145   887,449,410   0
10   2d0ba29d   0.00562149   532,162,442   2,230,036
11   9b2d2a54   0.00008433   307,143,363   0
12   cb41c58e   0.00005739   217,874,719   0
13   6dae381a   0.00012783   60,627,806   227,869
14   67076efc   0.00816865   29,758,726   143,438
15   7b0f1bf1   0.00000200   7,281,075   0
16   779e0917   0.00002180   4,803,968   0
17   bae498b0   0.00000118   4,290,371   0
18   12cdc2fb   0.00000050   1,827,525   0
19   203ea097   0.00000577   1,820,928   7,788
20   3b2803f9   0.00000105   609,247   0
hero member
Activity: 504
Merit: 1065
Crypto Swap Exchange
News are not good guys...


Quote
2022-12-23
Unfortunately it looks like the pool backend has been comprimised and the address in the coinbase transaction was changed to one under the attackers control. It looks like they generated an address to be similar to the original pool address. The coins haven been moved from that address, possibly to a coin mixer based on the look of the transactions. The configuration files of the pool were last changed in December 2021, a couple of days after the server experienced a reboot. I'm working on the theory that they were changed by the attacker then. I'm currently analysing the server looking for evidence. There will likely be downtime at some point as I investigate. I'm considering options on how to handle the situation and will post here after discussion with other parties involved in the pool operation and miners. If the attacker is reading this, I implore them to consider returning the funds. This is a small pool operation with a few miners, and the loss of these funds is devastating.
http://mmpool.org/news


 Sad
full member
Activity: 562
Merit: 139
Okay then  Shocked

Let's hope the admin of the site provides an update regardless.
legendary
Activity: 4354
Merit: 1783
Linux since 1997 RedHat 4
LOL - right - depressed - yeah I think that's a load of crap - he'd spent all his time working on translating animated under-aged porn and didn't give a crap about the pool.
The guy had 1000's of BTC made from writing pool code and cgminer.
Personally I'd only given him a bit over 100 BTC.

He paid him 0.057 BTC - not 6.25 BTC that the block was. Worse it was block 629776 so he should have got 12.25 BTC

Payment
https://btc.com/84e2faf3615923c2c5591fd2a91fa62e07effca4c4a277fd45221d0faae03236

Block finder states his address is 1PBchjo22ED1BYdApt6xkyi5vRaiEcpCKn
https://bitcointalksearch.org/topic/m.54410687

Post somehow saying that it was "mostly" his fault - lol - who else is to blame?
https://bitcointalksearch.org/topic/m.54405218

Post about the miner seeing the block that the "pool didn't notice"
https://bitcointalksearch.org/topic/m.54403667
(though the miner said his miner said it was 2 blocks - which is very unlikely but not impossible)
legendary
Activity: 4032
Merit: 7391
'The right to privacy matters'
...
The theft or loss of pool funds is not the miners' responsibility.
Miners pay a 1.5% administration fee in exchange for the administration of the pool and its processes.
...
Interesting ... the last pool to lose a block (which was the administration's fault)
members of the community paid him to continue running the pool when he wanted to quit Smiley

IIRC He paid the guy the coin owed and was depressed did not want to do it again. We encouraged him to stay.

The operation of this pool is not offering to pay the top guy his 6 btc.


It is a bit different set of circumstances.
legendary
Activity: 4354
Merit: 1783
Linux since 1997 RedHat 4
...
The theft or loss of pool funds is not the miners' responsibility.
Miners pay a 1.5% administration fee in exchange for the administration of the pool and its processes.
...
Interesting ... the last pool to lose a block (which was the administration's fault)
members of the community paid him to continue running the pool when he wanted to quit Smiley
Pages:
Jump to: