Sunday, June 19, 2011

MTGox DB got leaked. . .

The MTGox Database just got leaked.

There was a huge sell-out of bitcoins this afternoon. (6/19/11)
At first it looked like MTGox, one of the biggest "Bitcoin trading markets" found the hacker and closed the specific, compromised account.

At least, that's what they posted at their official blog:
https://support.mtgox.com/entries/20208066-huge-bitcoin-sell-off-due-to-a-compromised-account-rollback

One account with a lot of coins was compromised and whoever stole it (using a HK based IP to login) first sold all the coins in there, to buy those again just after, and then tried to withdraw the coins. The $1000/day withdraw limit was active for this account and the hacker could only get out with $1000 worth of coins.


But, right after that, a post at the Bitcoin.org Board showed some other story:

A .CSV File, containing Usernames, Email addresses and also hashed user passwords.
The DB is over 3MB big and contains over 61.000 names.
I found my testuser, that I created a week ago .

It seems like the hack happened at least 3 days ago.
I found a hash from the accounts file in the Hashkiller DB OpenCrack list from 17.06.2011
http://opencrack.hashkiller.com/20110617-04.html

16. June 2011, he asked to crack hashes from this hack at the Insidepro board
http://forum.insidepro.com/viewtopic.php?p=65015#65015
http://forum.insidepro.com/viewtopic.php?p=65092#65092


Post to DB Dump:
http://forum.bitcoin.org/index.php?topic=19405.0 (Topic got deleted...)




Sad to see, that a page that makes thousands of dollars a week got hacked that fast.






New Statement:

UPDATE REGARDING LEAKED ACCOUNT INFORMATIONS

We will address this issue too and prevent logins from each users. Leaked information includes username, email and hashed password, which does not allow anyone to get to the actual password, should it be complex enough. If you used a simple password you will not be able to login on Mt.Gox until you change your password to something more secure. If you used the same password on different places, it is recommended to change it as soon as possible.


Update:

....as a way of saying we sincerely sorry for the breach of security that lead to the sell-off, we will be reducing trade fees to 0.3% (from 0.65%) for two weeks following Mt.Gox's reopening.

Users whose trades were effectively cancelled during the the sell-off will be able to trade for free for 1 month following the reopening, and will also receive a free subscription to our upcoming 2-Step SMS security authentication feature for as long as they hold their account.


They implemented "multi-iteration, triple salted" SHA512 password storing and SMS authentication.
Posted by at 1 comment:
Labels:

Wednesday, May 25, 2011

Oh Twitter, you're the devil...






After changing to "New Twitter", I thought the torture was over.

My tweets came in as usual and everything went just fine.

But it seems the phrase "Never change a running system" never reached twitter.

I logged in as usual. Then I saw this message, telling me "This is your homepage, HackingHoradrim" and that I should follow someone. (I follow 200+)

Alright. I supposed it's a side-effect from the new Tweetdeck acquisition and I just had to reload.
Nope, nothing. Friends I asked didn't had a problem.

~ One hour later, tada, works fine. Don't know what it was, but sucked hard.
My 2 cents.
Posted by at No comments:

Thursday, May 12, 2011

What a beautiful morning....



From time to time it's a good idea to update && upgrade your system.
In my case, it's Debian Lenny.

So, what did i do ?
Updated && upgraded && dist-upgraded via APT, changed the lenny parts to squeeze in /etc/apt/sources.list
Then updated && upgraded, aptitude install apt dpkg aptitude
cat /etc/debian_version gave me a clear 6.0.1

Everything fine?
No sir.

Rebooted and... my system started beeping every other second + flashed the screen like above.

Solution? I put away that machine and i'm using another right now. No time to fix and to be honest:

Maybe i should reinstall it, after years of just upgrading.

Maybe.


Now i took some time to get that problem fixed.
Reboot, Single user, aptitude update & upgrade.
Took another ~40 minutes but was worth it. System up and fine =)
Posted by at No comments:
Labels:

Thursday, April 29, 2010

Secure / harden your MySQL Server...

Some of you might run a own MySQL Server or are in charge managing some..
This tutorial helped me a lot, keeping em' clean & a little bit more secure ;)
But always keep in mind, there are different attack vectors than "just" SQLi & the MySQLd.

Topics:
Disable or restrict remote access
Disable the use of LOCAL INFILE
Change root username and password
Remove the "test" database
Remove Anonymous and obsolete accounts
Lower system privileges
Lower database privileges
Enable Logging
Remove History
Patch your systems

Tutorials@SSTeam
With another 'paper', regarding industry-style solutions(esp. credit card, bank details storage)

Tutorial@GreenSQL
Posted by at No comments:
Labels:

Sunday, April 11, 2010

WeakNet Linux IV development has started

After the fire @WeakNetLabs, the developers are back on track.

According to the authors, the new linux version will include more tools and support more hardware, esp. WLAN hw.

So far the details I can give are: FluxBox is still the default WM, boot time is around 15 seconds on an 800MHz AMD laptop.


Source:
WeakNet Labs
Posted by at No comments:

Friday, April 9, 2010

Genesis

Hey there.

This isn't a always - up-to-date Blog.
It's not about politics, about specific topics or something.
It's a little place, where i can dump things that may interest some other guys...

So, add it or not..

Watch the LinkDump list, too...
--> LinkDump
Posted by at No comments:
Labels: , , ,
Subscribe to: Comments (Atom)