Bitcoin Forum>Bitcoin>Bitcoin Discussion
Author

Topic: Poll on potentially malicious bitcoin miners. (Read 3180 times)

joepie91
sr. member
Activity: 294
Merit: 250
Poll on potentially malicious bitcoin miners.
June 16, 2011, 02:35:29 PM
#8
Quote from: Waschtel on June 16, 2011, 01:28:06 PM
@mtgox victims: I think mtgox hacks are dictionary attacks: No captcha to prevent them.
I can't see how a randomly generated password is hit by a dictionary attack.

As far as I know, Mt. Gox has a system that locks out an IP after a certain amount of failed login attempts, but NOT a system that freezes an account after a lot of failed attempts from a lot of IPs. This would make it crackable by a botnet (through bruteforce even, provided the botnet is large enough). It wouldn't surprise me if the "DDoS" is actually bots trying to bruteforce accounts - although, this is purely speculation and I have no facts to support it with, except for what it looks like.
Waschtel
newbie
Activity: 18
Merit: 0
Re: Poll on potentially malicious bitcoin miners.
June 16, 2011, 01:28:06 PM
#7
Renormalizing....

@allinvain: I included your installations in the first post.

@mtgox victims: I think mtgox hacks are dictionary attacks: No captcha to prevent them.

Phoenix:03----Guiminer:02----Poclbm:02----CpuMiner:01----Ufasoft:01----SseMiner:01----DiabloMiner:01----Other[please specify]:00
joepie91
sr. member
Activity: 294
Merit: 250
Re: Poll on potentially malicious bitcoin miners.
June 16, 2011, 10:34:16 AM
#6
Quote from: freequant on June 16, 2011, 10:17:19 AM
Quote from: Waschtel on June 15, 2011, 01:21:09 PM
Recently, a large amount of bitcoins was stolen (see http://forum.bitcoin.org/index.php?topic=16457.0)
A mining program is suspected to have been the vector of the malicious code enabling the theft.

Mining applications are opensource.
Just check the code if you have a doubt.
I skimmed through the code of poclbm and phoenix : very clean and standard python without a track of suspicious logic.
When the average mining app is a mere thousand lines of code long, it doesn't make much sense to try to find statistically something that can be found deterministically by checking the code.
Which doesn't exactly go for a miner written in Python that was made into an .exe by py2exe, and used on Windows. If you used a premade .exe it might have had something that is not in the source.
freequant
hero member
Activity: 770
Merit: 500
Re: Poll on potentially malicious bitcoin miners.
June 16, 2011, 10:17:19 AM
#5
Quote from: Waschtel on June 15, 2011, 01:21:09 PM
Recently, a large amount of bitcoins was stolen (see http://forum.bitcoin.org/index.php?topic=16457.0)
A mining program is suspected to have been the vector of the malicious code enabling the theft.

Mining applications are opensource.
Just check the code if you have a doubt.
I skimmed through the code of poclbm and phoenix : very clean and standard python without a track of suspicious logic.
When the average mining app is a mere thousand lines of code long, it doesn't make much sense to try to find statistically something that can be found deterministically by checking the code.
allinvain
legendary
Activity: 3080
Merit: 1080
Re: Poll on potentially malicious bitcoin miners.
June 16, 2011, 08:41:46 AM
#4
Phoenix:02----Guiminer:00----Poclbm:00----CpuMiner:00----Ufasoft:00----SseMiner:00----Other[please specify]:00

Phoenix 1.48 with phatk opencl kernel.
kwukduck
legendary
Activity: 1937
Merit: 1001
Re: Poll on potentially malicious bitcoin miners.
June 16, 2011, 08:02:34 AM
#3
Same here MtGox got hacked only...


Phoenix:03----Guiminer:02----Poclbm:02----CpuMiner:01----Ufasoft:01----SseMiner:01----DiabloMiner:01----Other[please specify]:00
joepie91
sr. member
Activity: 294
Merit: 250
Re: Poll on potentially malicious bitcoin miners.
June 16, 2011, 07:28:05 AM
#2
While it wasn't a mining pool account, my Mt. Gox got broken into. Although I haven't been able to find anything suspicious on my system, I'll post nevertheless.

Phoenix:02----Guiminer:01----Poclbm:02----CpuMiner:01----Ufasoft:01----SseMiner:01----Other[please specify]:00
Waschtel
newbie
Activity: 18
Merit: 0
Re: Poll on potentially malicious bitcoin miners.
June 15, 2011, 01:21:09 PM
#1
Recently, a large amount of bitcoins was stolen (see http://forum.bitcoin.org/index.php?topic=16457.0)

A mining program is suspected to have been the vector of the malicious code enabling the theft.

If any of the following has been the case:


  • You have seen unexplained deductions from your bitcoin client (even small ones).
  • Your mining pool account has been hacked.
  • You have not been receiving your shares for mining work done.


then please participate in this thread poll.

DO NOT PARTICIPATE IF YOU HAVE NOT BEEN A VICTIM.
ONLY PARTICIPATE IF YOU HAVE BEEN A VICTIM.

As the Simple-Machines-Forum only allows for radio-box polls, not check-box polls, this poll is conducted in the following manner:

Copy the miner-list (last line of this post) of the thread post IMMEDIATELY superior to your own into your reply and add +1 to the sum of any miners you have been using while being hacked.

MAKE THE MINER-LIST THE LAST LINE OF YOUR POST.



Phoenix:01----Guiminer:01----Poclbm:01----CpuMiner:01----Ufasoft:01----SseMiner:01----Other[please specify]:00
Bitcoin Forum>Bitcoin>Bitcoin Discussion
Jump to: