Author

Topic: [NOTICE] [HACKED] mcxNOW had a 3rd party leaked database run (Read 1097 times)

newbie
Activity: 27
Merit: 0
Alex you must be one of those brilliant people who hear something and then it is INSTANTLY true in your twisted head. You should at least try to keep some of your dignity and CHANGE THE NAME OF THIS THREAD so you don't lead people on to believe the lies that you are spreading. These threads are starting to really make me laugh, but at the same time I just feel bad for you  Sad

Quote from Alex P: "Don't put your coins in the safest exhange on the internet because I heard from my brothers uncles sisters cousin that they got hacked!"
legendary
Activity: 1008
Merit: 1007
interesting. so why aren't more people running websites written entirely in C? is mcxNow the first to have thought of this?

Because c++ is extraordinarily badly suited to create a web-site with. You have to do everything manually that you would normally get for free in php, particularly the code for working with sockets and handing HTTP requests and responses.

In addition, most web developers don't know the language in the first place, as its usually used for very low-level systems which are not the remit of the lowly web-developer normally.

It must have taken RealSolid a very, very long time to create all the systems involved in mcNow - I've been developing my own exchange completely from scratch in C# (which is better suited to web-stuff) and so far it's taken me over 6 months of full-time work.

Cheers, Paul.
sr. member
Activity: 350
Merit: 250
The only way to attack C++ is normally Buffer Overflow, then inject code. But this have to be done locally on the actually server physically in front of you. Therefore no hacker on the Internet should be able to do this vulnerability and exploit it.
Dragonkid

interesting. so why aren't more people running websites written entirely in C? is mcxNow the first to have thought of this?
member
Activity: 84
Merit: 10
What you described is not hacking. It is simple dictionary attack using known username and password.

As far as I know from reading about mcxNow, they are pretty good in security. I am an Information Security Specialist worked in this field for over 25 years (Penetration Testing (Hacking) is one of my main skillset), my clients includes all the big banks, government and other blue chip company listed in stock market around the world. Not to mention, I designed the security for Google Data Centre in 2 different location in the globe.

Most site are attack by SQL injection, Code injection, and open ports which have Admin privilege. They are not using SQL, Java, PHP, ASP, and other potential vulnerable code. From how they described their Web Application operation. It is very good in security. That is why I also use mcxNow, to put my BTC in their system.

The only way to attack C++ is normally Buffer Overflow, then inject code. But this have to be done locally on the actually server physically in front of you. Therefore no hacker on the Internet should be able to do this vulnerability and exploit it.

Anyway good day. I said my piece.  Cool

Dragonkid
aa
hero member
Activity: 544
Merit: 500
Litecoin is right coin
So some dumbshits were using the same passwords on multiple sites. One random site got hacked and the database dumped. The passwords were likely in plain text and so they are all listed. Some dumbshits, who not only used the same passwords, but they used same usernames as well, had a few coins transfered out of their accounts.

This isn't mcxnow getting hacked, you dipshit, it's some douchenozzles getting what they asked for.

What kind of a retard uses the same password more than once? Even worse, using the same password with the same username on multiple sites.

This has nothing to do with mcxnow, it has to do with dipshits who have absolutely no sense of what Internet security is. These are the same morons who keep their cash money in their wallets, which they keep in their back pockets.

Edit: the fact that it was an email address used as the account login method changes nothing. You should be using a different email address as well, especially when email hosts like Gmail allow you to use email aliases.
full member
Activity: 244
Merit: 101
Such a great coder??  I thought your system was smart and wouldn't allow hackers the ability to try to hack your users accounts? 

Wouldn't it make sense to code some protection against a large scale attack on user accounts?  Doesn't it make sense that something is wrong when 1000s of accounts are being attacked at the same time? or in close proximity?

You talk a lot about security and stuff but your system seems very unsafe. 


Still upset because you got your feeshares returned I see.  HAHA!  Get over it already!
sr. member
Activity: 392
Merit: 250
No Hack??  Then why are there users there screeaming about lost coins..etc?  Some are complaining they lost all their MCXfee shares and over 50 Bitcoins.

How do you explain that??



It's not an hack if someone enter in your account with a password he stole on a 3rd party website...
Oh and only 4Btc lost.
Those users didn't have an unique password, and two-Factor-Authentification (2FA) was not activated.
legendary
Activity: 1064
Merit: 1002
As I heard it was 4 BTC where did this Fee share 50 BTC nonsense come from.

Even I think these threads are getting silly
member
Activity: 97
Merit: 10
No Hack??  Then why are there users there screeaming about lost coins..etc?  Some are complaining they lost all their MCXfee shares and over 50 Bitcoins.

How do you explain that??


Would you please stop with your multiple nonsense thread.

There is no "Hack" on mcxNOW.
An unknow 3rd party website have is database leaked, and the password are probably tried on many site and exchange.

There is anti brutforce protection, but that doesn't work when your password is already know. Just use an unique one everywhere and you're totally safe.
sr. member
Activity: 392
Merit: 250
Would you please stop with your multiple nonsense thread.

There is no "Hack" on mcxNOW.
An unknow 3rd party website have is database leaked, and the password are probably tried on many site and exchange.

There is anti brutforce protection, but that doesn't work when your password is already know. Just use an unique one everywhere and you're totally safe.
member
Activity: 97
Merit: 10
Such a great coder??  I thought your system was smart and wouldn't allow hackers the ability to try to hack your users accounts? 

Wouldn't it make sense to code some protection against a large scale attack on user accounts?  Doesn't it make sense that something is wrong when 1000s of accounts are being attacked at the same time? or in close proximity?

You talk a lot about security and stuff but your system seems very unsafe. 
Jump to: