Author Topic: Recent hacking by doris-payne  (Read 9096 times)

0 Members and 1 Guest are viewing this topic.

Offline alt

  • Hero Member
  • *****
  • Posts: 2821
    • View Profile
  • BitShares: baozi
I'm afraid it's not hacked accident.
for the transaction at block 15973155
http://cryptofresh.com/b/15973155
lil-bi.t-of-techs-us sent 80,238 BTCPLUS to doris-payne
the signature is "1f4393f0ca49098a42cdd046bfd213081e005c83f290046d267f19740dc0956d8c40670c299d6488c5421c0605386e8804b79498159bfa826599cd4c05b05d2a17"
it's not signed by key "BTS5XmF1sN8MJAqJfcTqKJJTmZsDnUVXLnYtFVeA9rAsj1XYd3WYP" which belong to lil-bi.t-of-techs-us
it's signed by key "BTS5VRaCZGCVQrPWsFAutV5fDVu8cGePg2cRowvHNdGQywhaQTyM5" which belong to compumatrix1
and you all set account compumatrix1 as your active auth account.

Offline goldeagle

  • Newbie
  • *
  • Posts: 14
    • View Profile
Hi Guys, thanks for your replies.
To date, I know of ten accounts that were hacked. doris-payne, for some unknown reason also sent funds to a few other accounts. A Robin Hood action.
Yes, it does seem that only cni- accounts were hacked.
They have proven a point, that it is possible to hack accounts without the passwords or bin files that are supposedly needed to access our bitshares. A very clever person that could better use their talents elsewhere.
Thanks again
Regards
Rick

Offline desi

  • Newbie
  • *
  • Posts: 15
    • View Profile
So fare i know at least 8 accounts where hacked so fare. This account of doris -payne was created only at the  2017-04-18 .  >:( >:( >:(

Offline renkcub

  • Full Member
  • ***
  • Posts: 143
    • View Profile
How many have been hacked?

How do we secure ourselves?

Offline pc

  • Hero Member
  • *****
  • Posts: 1530
    • View Profile
    • Bitcoin - Perspektive oder Risiko?
  • BitShares: cyrano
cryptofresh.com is only publishing blockchain data that is public anyway. It is a *helpful* service and certainly not the cause of these hacks!

AFAICS (on cryptofresh) only a handful of accounts seem to be affected, and most of them look like compumatrix users (account name is prefixed with "cni-"). It is possible that the hack was executed through an XSS attack on the compumatrix trading interface, or whatever frontend they have over there - I don't know.

(It is of course also possible that such an attack was executed on openledger.info, but I think we would see a lot more affected accounts then.)
Bitcoin - Perspektive oder Risiko? ISBN 978-3-8442-6568-2 http://bitcoin.quisquis.de

Offline goldeagle

  • Newbie
  • *
  • Posts: 14
    • View Profile
Hi All, Not being a techie I would like to ask a question.
As you will be aware doris-payne is hacking many accounts. He/she is some how accessing accounts without any bin file or password. My account was hacked even though I keep nothing pertaining to my account on my mac. Everything is stored on a usb, and all browsing data is deleted.
Is it necessary for our bitshare account details (user name, transfer amounts) to be made public in http://cryptofresh.com?
Bitshares are aware of the problem but to date nothing has been done to prevent hacking of accounts. The problem seemed to start after the recent changes to logging in to bitshares accounts.
Does any one know what is being done to prevent further hacking of bitshares accounts?
Thank you
Regards
Rick