Popcorn.
*beer* 
Topic: NXT :: descendant of Bitcoin - Updated Information - page 1928. (Read 2761645 times)
WHAT TIME (GMT) WILL THE SOURCE CODE BE RELEASED?....ITS ALREADY JAN 3rd IN JAPAN/AUSTRALIA......CHINA IS COMING UP IN 10 MINUTES.
no information about itsalsacz, u are a detective;)
Didn't someone say a transaction involved dgex also? (The account had already posted to dgex in the past). If so, simply contact dgex and ask him to check the email address associated with that account.
http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=4747512364439223888
Why this account was created blocks so fast?
Why this account was created blocks so fast?
He's decided to keep the money and post his defense publicly.
When a client transfers NXT from one account to another, is there any record of the IP Address that is broadcasting this transfer?
Popcorn.
So to paraphrase EpicThomas:
U admit that u modifed and uploaded the client, but then some bad people took it over and stole the money.
Forgive me for not believing u very much.
U admit that u modifed and uploaded the client, but then some bad people took it over and stole the money.
Forgive me for not believing u very much.
Quote
http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=9433259657262176905
http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=10105875265190846103
http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=10105875265190846103
Shit...! Why are these account balance is negative?
It's ok.
http://localhost:7874/nxt?requestType=getBalance&account=9433259657262176905
returns:
{"balance":2592169000,"effectiveBalance":2592169000,"unconfirmedBalance":2592169000}
http://localhost:7874/nxt?requestType=getBalance&account=10105875265190846103
returns:
{"balance":543252400,"effectiveBalance":543252400,"unconfirmedBalance":543252400}
Just a little bug in the explorer. It'll be fine in a while.
Thomas, suggest you return back what don't belong to you and shut up!
So you admit to stealing account information, but not taking the funds. You admit to creating a hacked client, and poisoning a link from a developer. But coincidentally also say your VPS account was hacked into and someone else used your account to actually do the stealing? So they had about an hour to figure out you poisoned a link, hack your VPS, and replace your hacked client with their hacked client? Just admit it, you stole the NXT, return it before you dig yourself in deeper. I have in my history the time and path to your VPS server, which "hour" did you have your hacked client on your VPS?
I do not claim I got hacked. The only thing I know is that digitalocean asked me if I knew about this because there are different ip logins on my digitalocean account.
Your story sounds ridiculous because it is! I hope you believe your story is enough to keep you safe. I have a timestamp to your VPS along with the file that does the stealing. It should be easy enough to verify which IP put that zip file there. Just do yourself a favor and start sending the NXT back.
Quote
http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=9433259657262176905
http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=10105875265190846103
http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=10105875265190846103
Shit...! Why are these account balance is negative?
Quote
Why this account was created blocks so fast?
So you admit to stealing account information, but not taking the funds. You admit to creating a hacked client, and poisoning a link from a developer. But coincidentally also say your VPS account was hacked into and someone else used your account to actually do the stealing? So they had about an hour to figure out you poisoned a link, hack your VPS, and replace your hacked client with their hacked client? Just admit it, you stole the NXT, return it before you dig yourself in deeper. I have in my history the time and path to your VPS server, which "hour" did you have your hacked client on your VPS?
I do not claim I got hacked. The only thing I know is that digitalocean asked me if I knew about this because there are different ip logins on my digitalocean account.
I realize my story sounds rediculous but it is what it is.
After the dropbox shutdown and the ddos issues a lot of mirrors were created on different sites I am trying to find out if any of these links still exist and if they could have also been infected.
That moment of chaos would have been a perfect time to circulate a client without people noticing it.
After the dropbox shutdown and the ddos issues a lot of mirrors were created on different sites I am trying to find out if any of these links still exist and if they could have also been infected.
That moment of chaos would have been a perfect time to circulate a client without people noticing it.
WHAT TIME (GMT) WILL THE SOURCE CODE BE RELEASED?....ITS ALREADY JAN 3rd IN JAPAN/AUSTRALIA......CHINA IS COMING UP IN 10 MINUTES.
I have just read the last 50 pages of this topic and wow this is crazy.
First of all yes the client was posted by me and I added some code that would send the secrets to my server.
A week ago there were all the ddos issues and billions created which led to a lot of client updates.
During these updates I noticed a lot of those clients had different hashes which made me wondering how easy it would be to modify the client and get it circulated.
So that is what I did. I quoted the official post made by jean-luc on 31/12 and changed the url. Setting this all up took less then an hour.
The server was only online for about an hour and I decided to shut it down after I had gotten access to about 10 accounts.
Now here is what is odd. Yes I got access to some accounts but not those people here who are claiming they got hacked.
The accounts that I got access to never had more then 1000 nxt in them and I never had the intention of taking it.
To the people who got hacked before 0.4.8 I can say that it was definetly not me who could have stolen your coins.
Normally at this point I was going to post details about how easy it is to steal nxt and how people have to be aware about where they download their client instead if only focussing only on their pass strength.
That point has been made very clear now in an unfortunate way.
To be honest if I had found an account containing a 50 million next I would have probably taken it and diseappeared but that was not the case. I am human after all.
I know there are other modified clients around whether they use the same type of attack I don't know.
Digitalocean has also contacted me that people here have sent complaints and that different IP's have logged in on my account.
Whether someone else had access to my vps, people downloaded a different infected client or someone is playing it smart letting me take the blame I do not know.
People are angry and ofcourse I can understand that but the only thing I can do is tell my story and hope a correct explanation for these thefts will appear.
First of all yes the client was posted by me and I added some code that would send the secrets to my server.
A week ago there were all the ddos issues and billions created which led to a lot of client updates.
During these updates I noticed a lot of those clients had different hashes which made me wondering how easy it would be to modify the client and get it circulated.
So that is what I did. I quoted the official post made by jean-luc on 31/12 and changed the url. Setting this all up took less then an hour.
The server was only online for about an hour and I decided to shut it down after I had gotten access to about 10 accounts.
Now here is what is odd. Yes I got access to some accounts but not those people here who are claiming they got hacked.
The accounts that I got access to never had more then 1000 nxt in them and I never had the intention of taking it.
To the people who got hacked before 0.4.8 I can say that it was definetly not me who could have stolen your coins.
Normally at this point I was going to post details about how easy it is to steal nxt and how people have to be aware about where they download their client instead if only focussing only on their pass strength.
That point has been made very clear now in an unfortunate way.
To be honest if I had found an account containing a 50 million next I would have probably taken it and diseappeared but that was not the case. I am human after all.
I know there are other modified clients around whether they use the same type of attack I don't know.
Digitalocean has also contacted me that people here have sent complaints and that different IP's have logged in on my account.
Whether someone else had access to my vps, people downloaded a different infected client or someone is playing it smart letting me take the blame I do not know.
People are angry and ofcourse I can understand that but the only thing I can do is tell my story and hope a correct explanation for these thefts will appear.
So you admit to stealing account information, but not taking the funds. You admit to creating a hacked client, and poisoning a link from a developer. But coincidentally also say your VPS account was hacked into and someone else used your account to actually do the stealing? So they had about an hour to figure out you poisoned a link, hack your VPS, and replace your hacked client with their hacked client? Just admit it, you stole the NXT, return it before you dig yourself in deeper. I have in my history the time and path to your VPS server, which "hour" did you have your hacked client on your VPS?
First identified Nxt hacker
Robbed announcements:
PaulyC
01-01-2014, 14:03:40
https://bitcointalksearch.org/topic/m.4253372
sparta_cuss
01-01-2014, 17:05:58
https://bitcointalksearch.org/topic/m.4255475
newcn
01:40:33 AM (CET)
https://bitcointalksearch.org/topic/m.4262475
plasticAiredale on Today at 13:31:39
https://bitcointalksearch.org/topic/m.4269412
Hacker was still posting to the Nxt topic:
Patel: 01-01-2014, 20:48:22
+ then I pointed out other posts where could be modified links
---
I am glad so we could find the wrong client and now we exactly know how it happened and how many people got robbed:
https://bitcointalksearch.org/topic/m.4271189
- We can still check some other blocks during the time of the hacks, but it looks like we can relax now
Robbed announcements:
PaulyC
01-01-2014, 14:03:40
https://bitcointalksearch.org/topic/m.4253372
sparta_cuss
01-01-2014, 17:05:58
https://bitcointalksearch.org/topic/m.4255475
newcn
01:40:33 AM (CET)
https://bitcointalksearch.org/topic/m.4262475
plasticAiredale on Today at 13:31:39
https://bitcointalksearch.org/topic/m.4269412
Hacker was still posting to the Nxt topic:
- Someone cracked SHA256 and Curve25519 (why then multi-million accounts not hacked?)
- Someone distributes modified NRS (someone should decompile PaulyC's software)
- Keylogger
- He used online node that records entered passphrases
- Someone distributes modified NRS (someone should decompile PaulyC's software)
- Keylogger
- He used online node that records entered passphrases
Patel: 01-01-2014, 20:48:22
Thanks for the additional info, seems to point again to EpicThomas
He quoted the original message, but modified the link! And later modified it back!
Check:
https://bitcointalksearch.org/topic/m.4237883
BUT in Google cache (Do not use the link found in cache!):
http://webcache.googleusercontent.com/search?q=
He quoted the original message, but modified the link! And later modified it back!
Check:
https://bitcointalksearch.org/topic/m.4237883
BUT in Google cache (Do not use the link found in cache!):
http://webcache.googleusercontent.com/search?q=
+ then I pointed out other posts where could be modified links
---
I am glad so we could find the wrong client and now we exactly know how it happened and how many people got robbed:
https://bitcointalksearch.org/topic/m.4271189
- We can still check some other blocks during the time of the hacks, but it looks like we can relax now
Thus, is it happy end with the theft story?
EpicThomas, that was a very stupid move of yours
If anyone else wants to contribute anything to helping reimburse those who were affected my account is: 7692313866255280204
I just received 35K NXT from neer.g. Once we get some confirmations on that I will begin sending it out.
I just received 35K NXT from neer.g. Once we get some confirmations on that I will begin sending it out.
I think this is a great effort but I urge you to hold off for a day or two and see if we can get EpicThomas to rethink the wisdom of keeping his ill-gotten gains and put the money back that he stole.
Worth a shot. And I am 99.99% sure I will have the law on his tail if he doesn't. I am a persistent fellow once I take up a cause.
You keep up work on that side. I will give this a couple of hours and then distribute what I have. If by some chance we get those coins back we can worry about that then.
Thanks, xyzzyx, for the 1K contribution!
Jump to: