Topic: NXT :: descendant of Bitcoin - Updated Information - page 1934. (Read 2761645 times)

The hacker might have tried it for a while, but he hit multiple targets with 0.4.8 versions.

The scary thing about Framewood:

I was using 0.4.4 client.
I'm now on 0.4.7e

HE SAYS HE WAS NOT USING THE 0.4.8 CLIENT

This instance was on December 27. It might be a different issue.

Yes Sparta_cuss also posted during those crazy moments.

Edit: His is by far the biggest yet

There is no official website for NXT. Unlike Bitcoin and Litecoin, Nxt is supposed to be decentralized.

Many people asking wrong questions. This kind of question is not even clear at a conceptual level. Currency inflation has to do with a decreasing purchasing power, not merely about increasing the number of currency. Gold is steady mined over centuries but I never heard anyone complain that gold is inflationary.

Everyone can issue their own tokens  but the fact of issuing does not make them valuable. People can't just issue NXT and get everyone accept it.

Let's keep the historical record straight here.  sparta_cuss reported this before PaulyC, and sparta_cuss was immediately blown off by CfB:

Quote from: sparta_cuss on January 01, 2014, 04:05:58 PM

Hey, looks like I just got robbed, too.
Someone please check this account: 12152013998194592943
They now have 147k+ from me.
Had a 40 char random password, capital, lower, numbers, symbols.
WTF?

Quote from CfB:

Can u prove that ur coins were stolen?
My account passphrase < 40 chars and contains 2M, why did the thief choose ur account instead of mine? Sorry, but ur case looks more like black PR attempt.

There's a clear pattern if you look at all the data:

Time   Victim   Vic Account   Thief Account   NXT
            
01.01.2014 12:56:54   plasticAiredale    8439060069775407509   15182566201738727933   18665
01.01.2014 12:58:03   PaulyC   16821029889165561706   16204974692852323982   7808
01.01.2014 13:01:45   newcn   16886318053889080545   9793828175536096502   18197
01.01.2014 13:05:06   sparta_cuss   11794318797680953099   12152013998194592943   147690

Somebody is manually stealing data at 3-4 minute intervals and Sparta_cuss was by far the most wronged.  We should check the blocks / transactions/ accounts before and after this time period.

Sent 7808 NXT. Thanks for discovering this before too many others were tricked as well!

Well if someone was to reimburse the stolen NXT that would be amazing. they could only help the people whose NXT were in their account say before 12/31/2013. The thief would have had to thought ahead and created a bunch of accounts, and then transferred them to fake the theft for this to even be worried about. But I don't know how you get a 100% verification the NXT were stolen and not someone just trying to take advantage.

what i mean is if i want to download bitcoin official client i simply visit bitcoin.org
and same with litecoin.org and there are many others.

is there any official website for NXT?

easily - look at the times and watch, there will be many other blocks like this.

Because of this reason, I think only PaulyC and newcn are eligible for some type of reimbursement/ bounties for uncovering the bogus client.

People ask why Nxt is not inflationary. Could anyone tell me why it's not inflationary if it's possible to issue other currencies using Asset Exchange? This increases number of "coins" owned by users, right?

It's multisig feature that is scheduled on later date.

this is polemic.

generally there is no benefit to increase the "felt security".
its not possible to shift the responsibility to developers by designing ntx-clients whits increase the felt security.
there are more important tasks to do.

at least, the user will be responsible how secure his account is.
anything else would be a sham and decrease the reliability of the whole nxt thing and the worth at least.

btw. after tomorrow everybody is able to design his own nxt-client...

So I have given security quite a bit of thought and maybe I came up with a good solution:
I think it might be possible to make a 2fa for Nxt and it would be 100% decentralized and within the back chain
We could du it such a way that the account owner can assign a second account to his current account and only when a transaction from his second account happened (within the last x minutes) can he withdraw Nxt from his main account.Otherwise his transaction gets rejected by the network.

For example, I have account number12345 and have 1M Nxt on it. Now I have the option to enable 2fa by adding a second account to it. Before doing that I create account 101010 and send some Nxt to it. As soon as they arrive I go to account 12345, enable 2fa and add account 101010 for that purpose. Now when I want to send some coins (from 12345), I first have to send a minimum transaction from account 101010 to 12345. As soon as this transaction has 1 confirm I have x minutes time to send my Nxt from 12345 to where ever I want to send them.
So that would mean that even if some one hacks your account they can do NOTHING. All attempted withdraws would not get accepted by the network as this account had no incoming transaction from the assigned account (101010)!


C-f-B, or any other dev here, could you review this Idea? And let us know your opinion, I am not a coder so maybe my Idea is not possible from a technical point of view.

DO NOT DOWNLOAD THE CLIENT FROM THIS POST. ITS ONLY HERE FOR RESEARCH!!!
It was somewhere in this thread, as its the only place I ever download the client from. According to my history I downloaded it from http://162.243.246.223/nxt-client-0.4.8.zip around 7:30am EDT on 12/31/1213.

I realize I got lazy and got used to not downloading the newest client from the first post, instead I just downloaded the latest from CFB whenever he posted new ones. I must have not noticed that the poster wasn't CFB. Granted I only lost 18K, but it still stings.

Going forward from this moment:

How can we be 100% sure someone coins are actually stolen? the victim could himself open an account and send the funds there....then after a period of time he then transfers the stolen funds to some new account and carries on happily ever after.

MOTIVATION: Those who have there funds stolen may get some sort of funding to compensate for their loss.  A greedy individual may take advantage of this.

 

I'm sorry to hear that. simillar things to me.
check your browser history, maybe some clues could be found

Thief:
https://bitcointalksearch.org/user/epicthomas-172850

Thief posts (originally with a link to the hacked client):

31-12-2013, 14:23:22: https://bitcointalksearch.org/topic/m.4237883
31-12-2013, 12:53:39: https://bitcointalksearch.org/topic/m.4236707
28-12-2013, 13:28:54: https://bitcointalksearch.org/topic/m.4184582

Thefts from block:
http://87.230.14.1/nxt/nxt.cgi?action=1000&blk=17240155162180650056:

01.01.2014 12:56:54 18,665 Nxt from plasticAiredale     http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=15182566201738727933
01.01.2014 12:58:03 7,808 Nxt from PaulyC   http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=16204974692852323982 (more older thefts here) A
01.01.2014 13:01:45   18,197 Nxt from newcn   http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=9793828175536096502
01.01.2014 13:03:39 92 Nxt http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=6164081464868000542 (more older thefts here) B
01.01.2014 13:05:06 147,690 Nxt from sparta_cuss    http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=12152013998194592943

Thefts from block:
http://87.230.14.1/nxt/nxt.cgi?action=1000&blk=11727357463857289892

29.12.2013 08:21:32      99 Nxt   http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=16204974692852323982 A
29.12.2013 08:20:26      55 Nxt   http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=16204974692852323982 A
29.12.2013 08:19:32      502 Nxt   http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=16204974692852323982 A
29.12.2013 08:19:00      499 Nxt   http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=16204974692852323982 A

Single thefts (blocks checked):
27.12.2013 00:03:22      509 Nxt  http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=6164081464868000542 B
26.12.2013 20:26:15      499 Nxt http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=6164081464868000542 B
26.12.2013 18:39:14          500 Nxt http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=6164081464868000542 B
26.12.2013 12:53:07           98 Nxt http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=6164081464868000542 B

block: http://87.230.14.1/nxt/nxt.cgi?action=1000&blk=7058684459482772470
25.12.2013 18:25:25      999   Nxt   http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=6164081464868000542 B
25.12.2013 18:24:54      705   Nxt   http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=6164081464868000542 B

Single thefts (blocks checked):
25.12.2013 14:59:46      499  Nxt    http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=6164081464868000542 B

block: http://87.230.14.1/nxt/nxt.cgi?action=1000&blk=15904983691408191996
23.12.2013 19:06:16      255 Nxt http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=6164081464868000542 B
23.12.2013 19:08:26         1,004 http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=10543042600713097314 (?? - not sure if theft)

23.12.2013 19:05:48  499 Nxt http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=6164081464868000542 B

22.12.2013 09:22:08 999 Nxt http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=6164081464868000542&offset=11&filter=1 B
16.12.2013 15:48:56 3,874 Nxt http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=6164081464868000542&offset=11&filter=1 B