BitCoins!

Anything About Anything...
User avatar
delinquent
Match Winner
Posts: 760
Joined: Sat Jul 07, 2012 3:07 am

Re: BitCoins!

Post by delinquent »

Is that all he had? I'm somewhat surprised he wasn't holding on to a lot more.

Luke posted a bit more about it that didn't seem to make it into the article, seems he's pointing a finger or two at ColoCrossing for... not investigating a breach on the 17th November? Whole thing seems a bit convoluted, but from what I can tell there was a breach in November, Luke thought he had patched it up, and it looks like he hadn't.

Word of warning: Server compromised? Nuke and reinstall. Validate backups before implementing from them. Never assume a machine is safe because you think you've caught everything.

Of course I'm making a huge assumption here. I saw something about someone apparently gaining physical, or at least boot, access to a machine(s) of his.
User avatar
Z-Man
God & Project Admin
Posts: 11585
Joined: Sun Jan 23, 2005 6:01 pm
Location: Cologne
Contact:

Re: BitCoins!

Post by Z-Man »

delinquent wrote: Thu Jan 05, 2023 6:00 amServer compromised? Nuke and reinstall.
That bears repeating one more time:
delinquent wrote: Thu Jan 05, 2023 6:00 amServer compromised? Nuke and reinstall.
Yeah, he was looking for a more trustworthy hoster after his previous server was accessed. I assume that means it was either a direct physical access or over some management console, not a remote exploit... which would be a big yikes. Of course it could also just mean the previous company handled the event poorly.

He was until recently on our IRC channel, but vanished around the time of the theft. Probably because he is now rebuilding all his stuff. It sucks. I hope he is going to be all right.
Word
Reverse Adjust Outside Corner Grinder
Posts: 4258
Joined: Wed Jan 07, 2009 6:13 pm

Re: BitCoins!

Post by Word »

sinewav wrote: Wed Jan 04, 2023 10:14 pm Sad news:

Key bitcoin developer calls on FBI to recover $3.6M in digital coin

"On New Year's Day, Dashjr took to Twitter to report that his entire bitcoin holdings—worth roughly $3.6 million—were “basically all gone.” He said the hack stemmed from the compromise of a PGP (Pretty Good Privacy) key that he used to ensure that his downloads of Bitcoin Core and a smaller app known as Bitcoin Knots weren’t laced with malware. He said all his computers were compromised and urged people to hold off downloading new versions for the time being."

https://arstechnica.com/information-tec ... ital-coin/
I'm truly sorry, but at the same time like, phew, good we didn't invest and then experience this, haha. I don't know a lot about finances but I do know that it's good to diversify your investments so that something like this won't happen. Pretty sure Luke-Jr does, too. The other day I read an article about how lots of finance students are being scammed on Tinder by some fake accounts who lure them into some shadowy investment scheme and I felt pretty good about myself, honestly. And Luke is probably important within the Bitcoin community/world economics now so he'll easily recover and find an employer if he's looking for one, I'm sure. The article is a little cruel in its schadenfreude, but I also think there's some irony when you create your own monetary system explicitly to bypass the traditional system/authorities and then ask that system for help. I'd put a bounty on piratebay, lol.
User avatar
kyle
Reverse Outside Corner Grinder
Posts: 1876
Joined: Thu Jun 08, 2006 3:33 pm
Location: Indiana, USA, Earth, Milky Way Galaxy, Universe, Multiverse
Contact:

Re: BitCoins!

Post by kyle »

Ya, there are a some people that put money is a super small company, then get followers to buy into it, the followers make the price move up big while they cash out.

BTC is too risky IMO for putting a lot of funds into it, I may have lost some with BlockFi :/

I just stick to the stocks, well Tesla :) I don't care that it was down 69% last year, It was way oversold IMO for the income they are generating, you can't let big falls derail what you see, Market does crazy shit. Just don't be caucht with margin, as it's no fun to be in that kind of position
Image
User avatar
delinquent
Match Winner
Posts: 760
Joined: Sat Jul 07, 2012 3:07 am

Re: BitCoins!

Post by delinquent »

Z-Man wrote: Thu Jan 05, 2023 8:50 pmI assume that means it was either a direct physical access or over some management console, not a remote exploit...
More likely the provider cheaped out on IPMI security, and allowed their IPMI host to be compromised. I've seen that before, more times than I care to admit. A hosting provider can have all the fancy firewalls in the world between the internet and their machines, but if they stick their IPMI host on port 80 and forget to secure it properly against injection and scripting attacks, its absolutely useless. It doesn't help that a hell of a lot of providers have some form of configuration access via web browser, used to restart machines or regenerate administrator passwords, and it's all homebrew. I've yet to see a proper security standard for web-based IPMI configuration.
User avatar
Z-Man
God & Project Admin
Posts: 11585
Joined: Sun Jan 23, 2005 6:01 pm
Location: Cologne
Contact:

Re: BitCoins!

Post by Z-Man »

You're right, the admin interfaces tend to be shoddy.
Post Reply