Topic: SatoshiDICE.com - The World's Most Popular Bitcoin Game - page 13. (Read 495794 times)

The house edge has nothing to do with the site. The reason why its losing profits is because gamblers are moving on to other website.

I still don't know how the situation with these investors will play out, but its looks very fishy for these huge wins coming out of nowhere all at once.

This is whats bad about Bitcoin. All the sites have to do is say "We were hacked- sorry" and our bitcoins are gone and nothing we can do about it.

They do not rob investors to refund them.

I doubt they could be the best dice site with 1,9% house edge, while others offer 0,8% and without robbing, cheating, etc.

They can not avoid legal action, the laws are clear. But they likely will not face legal action, because of the mindset of the victims.

I feel like right now is a real make or break moment for Satoshidice. They could refund the investors that were robbed, add 2FA and maybe work on a more fluid hot wallet, and be up there in contention for best dice site, not to mention the first. Or they could deny any responsibility for the robberies, never address the hot wallet, ignore everyone, get strongly branded as an outright scam, and fizzle out

I know which scenario I'm in favor of  

Did the withdraw actually go thru ? Because it seems the hot wallet has been empty for a while now.

If you can, maybe post the TX ID so we can see when the hot wallet was refilled.

Many of us are having issues accessing the site and withdrawing funds.

I guess whatever small count you took up emptied it i cant even get 0.01 out. it either speaks to the already known small hot wallet. or that they still havent fixed my account saying insufficient funds instead of that the hot wallet is emty. got ahold of the guy here, got 1 reply and never heard back. same happened thorugh email replied to me once or twitce and still havent fixed it. such a mess

Seems to be working fine for me - just made a small withdrawal from my house balance.

Really hope you are getting back soon!

Right now website returns 504 Gateway time-out error,
any updates?

~BitWAB Team~
Be the winner!

Yeah well it was suppose to be added about 6 months ago like promised on this thread. However in reality it should of been added years ago. Maybe this theft (which I am still not certain) could of been avoided.

Really feel bad for the early adopters who still leave their BTC with Satoshidice.

It seems to have been added (in a form of some sorts) withdraw ~9 BTC today and it asked me to "unlock" my withdrawing ability which for that it send your an email. Once you click the link in the email you can withdraw for the next 3mins.

All in all, I think this added feature is sound and solid. Nice work guys!

(also had no worries withdrawing the ~9 BTC in regards to hot wallet balance - First go)

I summed it up here: https://game-protect.com/satoshidice-scam/

If you have something to add, please pm or leave a reply below the article. Thank you.

Probably not the best time to ask, that being said after seeing these recent posts im fair shitting myself. could SD please fill up the hot wallet so i can withdrawal my 1.3 btc thanks or at-least email me directly

150BTC?
That is no joke. How can they not have any security on the site in place to prevent this?
I thought this was the very first dice site that was ever created? I saw this site on a documentary I just watched recently and then saw this thread near the top of the section and wanted to see how it was going 8 years later but then this is the first post that came up on my screen. 
Pretty disconcerting. To say the least.

when 2fa will be added?

So you need weeks to check if your server has been compromised?

Everything what happened on your server (login attempts, successful logins, code added, etc.) is recorded and your server administrator can easily check this within a few days.

If you were not compromised and if it was not an inside job, you could simply put the server logs on the table.

There are several indications that your server was compromised and you try to cover it up:

1) Shortly after your issues (account balances disappeared, hot wallet regularly empty, etc.) 2 players coincidentally win 500+ bitcoins with Satoshi Slots, would perfectly explain that your server was compromised and covered your loss with the 500+ Bitcoins won and reduced this amount from investor account balances.

2) Allow players to win more than the maximum profit on a bet of 1,9% of the bankroll and this contradictory to your "Bet on the house" terms and conditions.

3) The Satoshi Slot winners can withdraw their illegal winnings of 500+ Bitcoins instantly, while "normal" customers have issues to even withdraw 1 Bitcoin.

4) Player account transactions are not secured with email account confirmations, strongly suggest that the security of your server is also not sufficient.

5) Illegaly reduce Satoshi Slot losses from investor account balances, even though they only invested in Satoshi Dice, according to your "Bet on the house" terms and conditions.

You know whats crazy? These days the biggest and crappiest exchanges have 2FA and these exchanges probably have less than 100 BTC of customer funds but one of the oldest and largest Bitcoin gambling sites doesn't even have 2FA.

If you guys had 2FA this could of easily been avoided probably.

I'm glad there is finally some communication/information posted, thanks for that.

Was my account targeted by password guessing? My password wasn't anything common like the examples you gave, nor is it the same password as I have elsewhere. I also use different emails for this and Satishidice. And my email has 2FA.

Any comment on the hotwallet stuff? It seems pretty inconceivable that all this money was withdrawn in the 12/27 to 1/4 window while people on here were complaining about the inability to cash out small amounts.

We have time stamp of a login with the correct password that made a successful withdrawal on both accounts, that we looked up in a few minutes.
One of the things we are looking into is if there are one or several phishing attempts, what they look like, how many accounts could have been affected, tricked by the phishing. Is it even a phishing or did someone get hold of all passwords, or some passwords, or is it a list of user accounts from other websites and so on - its not exactly a one day thing.

Whats time consuming is:
What we are trying to figure out is if the fault is ours OR If the user simply did not have a secure password or used the same password as they did on other websites, ect ect.
If the site or servers have been compromised, we will refund the user accounts in question.
OR
If the user got his password typed in by inputting the password in the password field as intended we will not refund.

A 2 factor authentication system would have eliminated this problem and should probably have been implemented a long time ago. As much as we are now rushing to develop this feature, At this moment the site is as provided without 2 factor authentication. 

If the user wants to tell us all publicly, he or she may choose to do so.

You can see within one day what happened on your gaming server in regards to a certain account.


Which bitcointalk user name was it?

We are continuously working to figure out what has happened regarding the reports of the missing bitcoins.

This is what has been found so far:
* As of yet, there is no evidence of the servers being compromised. Part of the work is to exclude that the accounts in question simply made a withdrawal and then stated that they didn't make the withdrawal.

* We got one report of a user who clicked a Bitcointalk phishing link, entered his information and then got his balance stolen on Satoshidice.

* We have seen attempts of password guessing on what appears to be big lists of emails. We do not store password in clear text in the database but we looked at real-time password attempts and there are several login attempts made with passwords such as "password" "sun" "god" "1234" ect. All those IP addresses are blocked and stored for future evidence.

* Please never use a simple or common password, or any password that you use on other websites.

* Please do not use the same email (and/or password) you use on Bitcointalk.
https://bitcointalksearch.org/topic/bitcointalk-hacked-and-data-for-sale-on-dark-web-1611117

* Satoshidice will never ask for your user email or password in an email.

Whaaat? If there are no confirmation emails, how can you prove that your account was not compromised? O.k., you could request the server logins in Curacao, as the gaming server is in Curacao and they have to store everything by law.