Pages:
Author

Topic: OpenEx to be shut down[Hacked] - page 2. (Read 14908 times)

hero member
Activity: 616
Merit: 500
Crypto Knight
March 27, 2014, 02:22:12 AM
r3wt your a incompetent scamming fucking imbocile. Mark Karpeles 2.0
newbie
Activity: 47
Merit: 0
March 27, 2014, 12:05:38 AM
Do not trade your coins in the small exchange like OpenEx.  Smiley

The problem is not the fact that the exchange is small (they all have to start somewhere, right ?) but don't trade your coins on exchanges where it's clear the owner/dev doesn't know what he's really doing. The twitter feed provides and provided enough clues that indeed he doesn't.
legendary
Activity: 980
Merit: 1000
March 26, 2014, 09:49:26 PM
Doubtful, you can not Sue a 15 y/o. I think these messages point to how old he really is 18 +

Justin is also 15 years old.

The story just gets better and better, doesn't it?
He's 15. r3wt and him had a falling out not too long ago and he posted full dox on him.
newbie
Activity: 24
Merit: 0
March 26, 2014, 09:31:29 PM
Doubtful, you can not Sue a 15 y/o. I think these messages point to how old he really is 18 +

Justin is also 15 years old.

The story just gets better and better, doesn't it?
legendary
Activity: 980
Merit: 1000
March 26, 2014, 09:04:19 PM
Justin is also 15 years old.

The story just gets better and better, doesn't it?
newbie
Activity: 24
Merit: 0
March 26, 2014, 08:59:58 PM

Would love to see how you defend this?

I went to login Openex.pw today and found this Disturbing conversation in chat. I am still Loz.. OOops looks like some one forgot to clear logs...

1: R3wt openly admits to working with former NSA on the new exchange.. WTF if he beleives this hes a moron. Worse yet he would work with a FED!


2: R3wt  Begs Justin to build him a trade engine because he doesn't know how to.... It looks like R3wt is trying to hide Justin under the name mBlanchard.

Please refresh my memory isn't Justin the same (Cat) R3wt tried to pin the bad code and hack on ?  Yes it is, WTFF !


3: R3wt  Openly admits hes going to build another half ass trade engine Using python he knows nothing about.

Doing more searching  haha https://twitter.com/_LuaPod_ Rewt wants Justins code. Looks like a internal dispute going on.
You know its bad when Justin doesn't even want anything to do with R3wt.
Theres some real f%CKED uped stuff going on here maybe one of you guys can figure it out.....

Make sure you guys spread this on other forums so no one else get screwed on this new pos he cooking up.

Ohhh wait there is more I copied the full conversation to a .txt file just encase they try to wipe the log.   http://snk.to/f-cdhfbilj

here are links to the full screen caps  http://imgur.com/iDV9jHL    http://imgur.com/WLTeWzz    http://imgur.com/l7oHqxQ


https://i.imgur.com/kNKxGXE.jpg
https://i.imgur.com/mtYwgFv.jpg
https://i.imgur.com/mbbea02.jpg
member
Activity: 70
Merit: 10
March 26, 2014, 07:33:25 PM
If you got your coins back they must have come out of the owners pocket. I have dealt with worse exchanges.
hero member
Activity: 763
Merit: 534
March 26, 2014, 06:26:20 PM
null
member
Activity: 91
Merit: 10
March 25, 2014, 11:47:44 AM
Do not trade your coins in the small exchange like OpenEx.  Smiley
hero member
Activity: 686
Merit: 504
always the student, never the master.
March 25, 2014, 10:51:12 AM
THIS IS  A FINAL NOTICE WITHDRAW YOUR COINS IMMEDIATELY(BEFORE 3/27/14 11pm UTC) OR YOU WILL FORFEIT THEM. Take note of any debt repayment codes credited to you in the "funds owed" tab of your account page. These will be redeemable when the new exchange is launched.

Thanks,
         Garrett
legendary
Activity: 924
Merit: 1000
March 23, 2014, 12:20:44 PM
If you didnt insured your business...

As far as I know, there's no-one offering insurance for cyber exchanges.

But now that you mention it...any security whizzes here are looking at a real business opportunity. Long-term, of course, because the real money won't be made unless the mega-exchanges sign on for "Good Housekeeping Seal Of Approval" PR purposes...
newbie
Activity: 45
Merit: 0
March 23, 2014, 11:00:49 AM
Wanted to mention here that my withdrawls have gone through and I haven't lost anything.

Mine too. My ATC ( therealaltcoin.org ) withdrawal went through quickly back when we were first told to withdraw funds. My BTC withdrawal, made at the same time, at first didn't go through. It eventually showed up on the 18th -- I just noticed it today.

I don't think r3wt is a scammer, and I appreciate getting my money out, but I would not trust funds to this site or his future sites because of the way this one was compromised. For ATC-BTC trading (and Litecoin and Namecoin), I've switched to and recommend x-bt.com which has been solid so far and seems to have better technology/skills behind it. Discussion on IRC at #altcoin and #x-bt.
legendary
Activity: 1274
Merit: 1000
March 21, 2014, 09:31:29 PM
I thought this was funny too: 

Someone tried to warn r3wt 4 days before it was hacked.  r3wt acted like his normal self:

newbie
Activity: 32
Merit: 0
March 21, 2014, 02:51:07 PM
Wasn't the code just the UI, not the trade engine?

The injection query was entered in the UI form. A form is a form.

The problem happened because the backend php code just took that malicious query and ran it.

The database code was written unsafely, the door was left wide open,  I'm suprised it didn't get taken sooner.

It should have been coded using PDO prepared statements.

If they used old school straight sql queries then I would think that many other doors and windows were open. I'll bet the sessions weren't safe from fixation etc.

Live and learn.

Yes and in a way it was a relatively cheap lesson, this dev WILL produce a harder system next time.

My condolences to the dev. don't be disuaded, come back harder, what you've learned is worth more than your loss.

And my hat off to you for trying to make all accounts as whole as possible. A true gentleman!

Isn't this at least the second time? If so, please don't open it again, you're only putting more people's coins at risk.
g4c
member
Activity: 98
Merit: 10
March 21, 2014, 01:42:08 PM
...This guy is the most incompetent scammer I've ever seen.  Can't even make his thefts look believable.  Everyone please give him a negative trust review on here.

IMHO I think you made an incorrect call here.

If it were a scam then you wouldn't be in discourse with him, the line would be dead. Scammers don't hang around expending energy to placate their marks.

We have seen (since your post) that @sumantso has withdrawn and regained his coin.
g4c
member
Activity: 98
Merit: 10
March 21, 2014, 01:27:19 PM
Wasn't the code just the UI, not the trade engine?

The injection query was entered in the UI form. A form is a form.

The problem happened because the backend php code just took that malicious query and ran it.

The database code was written unsafely, the door was left wide open,  I'm suprised it didn't get taken sooner.

It should have been coded using PDO prepared statements.

If they used old school straight sql queries then I would think that many other doors and windows were open. I'll bet the sessions weren't safe from fixation etc.

Live and learn.

Yes and in a way it was a relatively cheap lesson, this dev WILL produce a harder system next time.

My condolences to the dev. don't be disuaded, come back harder, what you've learned is worth more than your loss.

And my hat off to you for trying to make all accounts as whole as possible. A true gentleman!
legendary
Activity: 1050
Merit: 1000
March 21, 2014, 11:22:49 AM

This is the worst time for you to try and sell those shares. I think the exchange is finished anyway. Even if they come back I doubt anybody will trust it.
legendary
Activity: 1632
Merit: 1010
March 21, 2014, 11:22:12 AM
Wasn't the code just the UI, not the trade engine?

The injection query was entered in the UI form. A form is a form.

The problem happened because the backend php code just took that malicious query and ran it.

The database code was written unsafely, the door was left wide open,  I'm suprised it didn't get taken sooner.

It should have been coded using PDO prepared statements.

If they used old school straight sql queries then I would think that many other doors and windows were open. I'll bet the sessions weren't safe from fixation etc.

Live and learn.
legendary
Activity: 1050
Merit: 1000
March 21, 2014, 11:21:17 AM
Wanted to mention here that my withdrawls have gone through and I haven't lost anything.
g4c
member
Activity: 98
Merit: 10
March 21, 2014, 11:10:27 AM
Wasn't the code just the UI, not the trade engine?

The injection query was entered in the UI form. A form is a form.

The problem happened because the backend php code just took that malicious query and ran it.

The database code was written unsafely, the door was left wide open,  I'm suprised it didn't get taken sooner.

It should have been coded using PDO prepared statements.

If they used old school straight sql queries then I would think that many other doors and windows were open. I'll bet the sessions weren't safe from fixation etc.
Pages:
Jump to: