Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Announcements (Altcoins)
Re: [ANN][JPC]JackpotCoin#Unique JHA Algo#Ultra Fast Trans#1st True PoW/PoS Hybrid
by
bee7
on 17/08/2014, 12:47:16 UTC
Quote from: Spoetnik on August 17, 2014, 05:57:34 AM
Quote from: bee7 on August 16, 2014, 11:05:01 PM
Quote from: TheCoinFinder on August 16, 2014, 11:00:51 PM
Quote from: bee7 on August 16, 2014, 10:55:57 PM

Quote from: Spoetnik on August 15, 2014, 03:57:34 PM
JPC was hacked months ago for some many millions of coins via users (not exchanges) (it was an RPC exploit vulnerable on lots of coins)
and the hacker dumped them all on exchanges tanking the price and it never recovered !

Could you please elaborate what you meant. I am asking as an another coin dev to take countermeasures if this issue actually has place.

Apparently a lot of people had their rpclisten set to a publically accessible IP address (rather than the standard and default 127.0.0.1) - further, this address was not behind any sort of NAT or firewall - and had a guessable password (presumably some default one).

I can't really call it an exploit.


Thank you
I was told already the same version of story, I just want to make sure that Spoetnik does not know something different Wink


ya what he said Wink
and i am not sure a firewall would help ..that should be looked into !
you see we're going to be exempting the miner to go online on the internet inbound and outbound right ?

also some other guy posted a way for you to check if your vulnerable by using your browser..
you you check out this topic further pages back so we don't have to repeat it all from memory Wink

and call it what you want but it must have been a big problem for so many coins to have been stolen. (i heard this affects other coins too)


Then this is not a vulnerability of a wallet software (the assumption I did as you mentioned "lots of coins"), but a question of a misconfiguration. With all due respect, could you please be more precise in the future.

Thank you.