Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Service Announcements (Altcoins)
Re: [ANN][EXCHANGE] Poloniex - Crypto Exchange with BTC/NXT
by
Lethn
on 03/05/2014, 00:02:22 UTC
Quote from: altcoinherald on May 02, 2014, 10:59:27 PM
Quote from: leewilson on May 02, 2014, 10:55:04 PM
Quote from: busoni on May 02, 2014, 10:44:03 PM
All funds are safe. Poloniex does use cold wallets.

What happened was an attacker used social engineering to gain root access to a wallet server. This was made possible by absolutely jaw-dropping negligence on the part of the hosting provider. Fortunately, I caught the attempt in time and was able to shut down the server before anything was taken. All BTC has been moved into cold storage, and then next step is to set up a new server with a different provider.

Please stop sending BTC to your old BTC deposit addresses. The funds will not be lost, but all new addresses must be generated, as I must assume the old wallet is compromised. It is very unlikely that it was, but "unlikely" is not good enough.

I appreciate everyone's patience while I take proper security measures before bringing the exchange back online.

Once you get everything switched over, would you, please name the hosting provider so many of us here can also protect ourselves by making sure not to use them in the future and/or cease using them currently.
Thank you.

If he did I imagine they would have one hell of a hissy fit over it. Imagine a hosting company just giving out root access so easily? That's a pretty severe breach, especially if they knew their client was in the exchange business.

Many more details are needed, though. Another major breach like this so quickly after the last one is a very real issue.

Considering I've been on the receiving end of an incompetent and argumentative webhost that caused problems and dragged things on for weeks ( I can say what I like now since I'm free of them *cough* SYNWEBHOST *cough* ) I don't see why we should spare the feelings of a webhost who refuse to get their fucking act together since it's an annoyingly common thing in the webhost industry these days, I know their pain if this is the case. We can only hope this kind of thing doesn't just become a recurring problem.

Good luck, nice to see you're still talking and haven't fucked off with our money.