Author Topic: Recent hacking by doris-payne  (Read 4698 times)

0 Members and 1 Guest are viewing this topic.

Offline roelandp

  • Full Member
  • ***
  • Posts: 113
  • Witness, dad, kitesurfer, event organiser
    • View Profile
    • RoelandP.nl
  • BitShares: roelandp
  • GitHub: roelandp
Re: Recent hacking by doris-payne
« Reply #15 on: April 28, 2017, 11:10:49 am »
how do you register via compumatrix? do they offer their own wallet (would explain everything), or do they forward to openledger?

Here is a reg I did through https://computermatrix.co ->
http://cryptofresh.com/u/test-reg-via-compumatrix-co

Offline alt

  • Hero Member
  • *****
  • Posts: 2811
    • View Profile
  • BitShares: baozi
Re: Recent hacking by doris-payne
« Reply #16 on: April 28, 2017, 02:01:36 pm »
I remember saw a post from forum,
to active the account, the CNI member need to change active key, set compumatrix1 as their auth account, sent some COMPUSEEDS & BTS to compumatrix1.
you need to know if you add compumatrix1 as your active auth account, he can control all your funds. now you just need to remove it if you want to make your account safe.

Offline goldeagle

  • Newbie
  • *
  • Posts: 14
    • View Profile
Re: Recent hacking by doris-payne
« Reply #17 on: April 29, 2017, 05:16:28 am »
how do you register via compumatrix? do they offer their own wallet (would explain everything), or do they forward to openledger?
Hi, Thanks to you all for your information and guidance. Members of compumatrix login to bitshares via a link in their own site. I believe there is a backdoor that has been accessed by doris-payne. To this end compumatrix members have been asked to remove permissions for compumatrix1.
Not sure if this will fix the problem, but it is being worked on. Another 4 accounts have been hacked.
Appreciate you guys  advising.
Regards
Rick

Offline yvv

  • Hero Member
  • *****
  • Posts: 1186
    • View Profile
Re: Recent hacking by doris-payne
« Reply #18 on: April 29, 2017, 02:59:35 pm »
This is amazing. People are being scamed by giving away their private keys to a scammer by their good will. And after this we advertise the DEX as being more secure than those evil centralized exchanges, banks etc...

Offline xeroc

  • Board Moderator
  • Hero Member
  • *****
  • Posts: 12914
  • ChainSquad GmbH
    • View Profile
    • ChainSquad GmbH
  • BitShares: xeroc
  • GitHub: xeroc
Re: Recent hacking by doris-payne
« Reply #19 on: April 29, 2017, 05:33:28 pm »
Well, its not the exchange that was hacked, but compumatrix' user base .. clearly their fault .. not the techs fault
Give BitShares a try! Use the http://testnet.bitshares.eu provided by http://bitshares.eu powered by ChainSquad GmbH

Offline Dochas

  • Newbie
  • *
  • Posts: 7
    • View Profile
Re: Recent hacking by doris-payne
« Reply #20 on: April 30, 2017, 02:30:52 am »
Compumatrix1 KNEW way ahead of time  that  there were very un-savvy members who would no doubt LOSE their bin files and their passwords and therefore LOSE their assets. He had them add the permissions so that he would have a way of sending the lost assets to a new account they set up, which of course HAPPENED MANY times and he INDEED sent their assets to the NEW account they made. ....they would have just LOST them if it weren't for him doing that to protect them from themselves....Henry is NO thief and anyone with half a brain would know that!!  THIS hacker, doris-payne, found a crack in the system VIA those permissions and took advantage of it.  That is IT in a nutshell.

HOW would he know this would happen??  can you look up a cow's ass and guess the price of butter in China???  if you can you need to get yourself a new career wearing a turban!!

IT is just pitiful the accusations that some are throwing in here...and it's damn sad that our group has never been made to feel welcome or wanted from the beginning here...

I HOPE there is as much time and energy spent on fixing the obvious fault in the system as there is pointing fingers!! 
« Last Edit: April 30, 2017, 02:43:43 am by Dochas »

Offline Dochas

  • Newbie
  • *
  • Posts: 7
    • View Profile
Re: Recent hacking by doris-payne
« Reply #21 on: April 30, 2017, 04:49:41 am »
I want to thank you xeroc for your help in resolving this .... many kudos to you for that. Hopefully we can all turn this to a positive and grow from it...

it is a darn shame there are thieves who would rather use their talents to steal from others instead of making a contribution in creating a better world for everyone...but that is life I suppose.

Our members who lost won't be forgotten...


« Last Edit: April 30, 2017, 04:51:27 am by Dochas »

Offline fav

  • Administrator
  • Hero Member
  • *****
  • Posts: 4278
  • No Pain, No Gain
    • View Profile
    • Follow Me!
  • BitShares: fav
Re: Recent hacking by doris-payne
« Reply #22 on: April 30, 2017, 06:17:32 am »
Compumatrix1 KNEW way ahead of time  that  there were very un-savvy members who would no doubt LOSE their bin files and their passwords and therefore LOSE their assets. He had them add the permissions so that he would have a way of sending the lost assets to a new account they set up, which of course HAPPENED MANY times and he INDEED sent their assets to the NEW account they made. ....they would have just LOST them if it weren't for him doing that to protect them from themselves....Henry is NO thief and anyone with half a brain would know that!!  THIS hacker, doris-payne, found a crack in the system VIA those permissions and took advantage of it.  That is IT in a nutshell.

HOW would he know this would happen??  can you look up a cow's ass and guess the price of butter in China???  if you can you need to get yourself a new career wearing a turban!!

IT is just pitiful the accusations that some are throwing in here...and it's damn sad that our group has never been made to feel welcome or wanted from the beginning here...

I HOPE there is as much time and energy spent on fixing the obvious fault in the system as there is pointing fingers!! 


Prevention is better than cure. Should've educated your user base on passwords instead of baby sit them. This is entirely based on incompetency

Offline btswildpig

  • Hero Member
  • *****
  • Posts: 1424
    • View Profile
Re: Recent hacking by doris-payne
« Reply #23 on: April 30, 2017, 06:58:33 am »
to sum up :

register via a bad guy's website can lead to money being stolen.

but what about importing ur existing secure wallet bin file to a bad guy's website? Can it be stolen as well ?

这个是私人账号,表达的一切言论均不代表任何团队和任何人。This is my personal account , anything I said with this account will be my opinion alone and has nothing to do with any group.

Offline fav

  • Administrator
  • Hero Member
  • *****
  • Posts: 4278
  • No Pain, No Gain
    • View Profile
    • Follow Me!
  • BitShares: fav
Re: Recent hacking by doris-payne
« Reply #24 on: April 30, 2017, 07:51:17 am »
to sum up :

register via a bad guy's website can lead to money being stolen.

but what about importing ur existing secure wallet bin file to a bad guy's website? Can it be stolen as well ?

sure, why not? they could just change the way how you import your account and catch everything.

Offline pc

  • Hero Member
  • *****
  • Posts: 1530
    • View Profile
    • Bitcoin - Perspektive oder Risiko?
  • BitShares: cyrano
Re: Recent hacking by doris-payne
« Reply #25 on: April 30, 2017, 08:57:20 am »
I HOPE there is as much time and energy spent on fixing the obvious fault in the system as there is pointing fingers!!  [/size]

Please stop shouting.

And please explain what the "obvious fault in the system is".

Like alt said,
for the transaction at block 15973155
http://cryptofresh.com/b/15973155
lil-bi.t-of-techs-us sent 80,238 BTCPLUS to doris-payne
the signature is "1f4393f0ca49098a42cdd046bfd213081e005c83f290046d267f19740dc0956d8c40670c299d6488c5421c0605386e8804b79498159bfa826599cd4c05b05d2a17"
it's signed by key "BTS5VRaCZGCVQrPWsFAutV5fDVu8cGePg2cRowvHNdGQywhaQTyM5" which belong to compumatrix1
and you all set account compumatrix1 as your active auth account.

Cryptography doesn't lie. The transaction was authorized by someone with access to compumatrix1's private key. So either it was them, or someone stole their keys. In either case I don't see how this is a "fault in the system".
Bitcoin - Perspektive oder Risiko? ISBN 978-3-8442-6568-2 http://bitcoin.quisquis.de

Offline btswildpig

  • Hero Member
  • *****
  • Posts: 1424
    • View Profile
Re: Recent hacking by doris-payne
« Reply #26 on: April 30, 2017, 11:26:50 am »
so for these  reasons, web wallet is  not 100%  secure unless u fully trust the web wallet provider.

the better bet is lightwallet .

we could never know if the web wallet provider turned bad because websites are not open sourced
这个是私人账号,表达的一切言论均不代表任何团队和任何人。This is my personal account , anything I said with this account will be my opinion alone and has nothing to do with any group.

Offline Dochas

  • Newbie
  • *
  • Posts: 7
    • View Profile
Re: Recent hacking by doris-payne
« Reply #27 on: April 30, 2017, 01:08:22 pm »
This didn't happen till the new update came out with the ability to use password and username to get into accounts...I'm not a programmer but this is obviously connected (in my mind anyway) as we had NO problems like this since the time we joined over a year ago....I'm not debating and I still love the Bitshares DAX.  I prefer this site over others I have been on hands down.

pc we DID see that transaction while investigating, hence, we began to figure out what happened. the hacker DID obviously exploit the permissions of compumatrix1.  and as I said, setting permissions was done to help protect the members from the beginning and turned out to be not a good idea..hindsight again proves to be clearer than foresight....they have all been removed now. A lesson well learned BUT blaming and insinuating compumatrix1 to be a "scammer or a thief" is not fair.

I think we can agree we want this ecosystem to grow and prosper...THAT is good for all of us. and it would be great if we could all be supportive of each other .....

It appears the issue has been fixed and for that we are very grateful...we are ready to move on and put this behind us...
« Last Edit: April 30, 2017, 01:10:15 pm by Dochas »

Offline nmywn

  • Sr. Member
  • ****
  • Posts: 266
    • View Profile
Re: Recent hacking by doris-payne
« Reply #28 on: April 30, 2017, 01:23:45 pm »
The only things exploited here is Compumatrix's users minds. It's a scam.

Offline Dochas

  • Newbie
  • *
  • Posts: 7
    • View Profile
Re: Recent hacking by doris-payne
« Reply #29 on: April 30, 2017, 01:47:54 pm »
you statement is hollow and ignorant....but carry on thinking that way....just intensifies our resolve to prove you wrong.....