Ninjastic
Search content
Sort by
Showing 7 of 7 results by broc93
Post
Topic
Board Service Announcements
Re: [ANN] CLOUDMINR
by
broc93
on 12/07/2015, 21:32:45 UTC
Quote from: olibertinho on July 12, 2015, 08:09:33 PM
Quote from: shivamchawla on July 12, 2015, 07:41:51 PM
Just reported the website to their web hosting provider.
Even if the website was hacked, the cloudminr team could take down the homepage with the database but they didnt.

has someone else contacted the hoster for investigation? maybe we can get some infos. i hadnt loose anything here but im still confused, that everyone calms down with: invest not more you can not afford to lose... shit happens.
really strange...

I wrote to abuse@arxive.com, I'm awaiting for their reply
Post
Topic
Board Service Announcements
Re: [ANN] CLOUDMINR
by
broc93
on 12/07/2015, 19:40:39 UTC
Quote from: Aefan on July 12, 2015, 07:17:45 PM
normal developers will encrypt or hash passwords. a lot of websites don't do that. not because they want to make bad things with it but only they are not prepared for vulnerabilities on their site.
but in this case there was a plan behind that. i'm sure.

I have a website. It has 800 users but still, their passwords are hashed. You're dealing with cryptocurrencies and you don't encrypt the passwords of your users? You're a scammer and you want to use those passwords for other purposes, obviously.
Post
Topic
Board Service Announcements
Re: [ANN] CLOUDMINR
by
broc93
on 12/07/2015, 18:00:51 UTC
Quote from: n2004al on July 12, 2015, 05:56:09 PM
Quote from: broc93 on July 12, 2015, 05:50:22 PM
Quote from: n2004al on July 12, 2015, 05:46:19 PM
So you think that clodminr that sent every week 200-300 btc to its users it is selling their usernames and emails for only 1 btc. All this to have this big amount of 1 btc and to make the story seems real?

Nobody would keep passwords in plain text in their database if they have good intentions.

I don't see problems here. They can enter in every account even without the passwords. The passwords maybe serve for various verifications with the users. You are telling that they have planed the story of the hacking and the selling of passwords since the beginning?

Of course they can access all the accounts without using a password. So why should you keep passwords visible? Everybody would encrypt them because why on Earth would you need them in plain text?
Post
Topic
Board Service Announcements
Re: [ANN] CLOUDMINR
by
broc93
on 12/07/2015, 17:50:22 UTC
Quote from: n2004al on July 12, 2015, 05:46:19 PM
So you think that clodminr that sent every week 200-300 btc to its users it is selling their usernames and emails for only 1 btc. All this to have this big amount of 1 btc and to make the story seems real?

Nobody would keep passwords in plain text in their database if they have good intentions.
Post
Topic
Board Service Announcements
Re: [ANN] CLOUDMINR
by
broc93
on 12/07/2015, 17:41:19 UTC
Quote from: nodes on July 12, 2015, 05:38:51 PM
my email or ID is not there.

That's only part of the list, they're selling the complete list for 1BTC.
Post
Topic
Board Service Announcements
Re: [ANN] CLOUDMINR
by
broc93
on 12/07/2015, 17:31:43 UTC
Quote from: n2004al on July 12, 2015, 05:24:00 PM
Quote from: broc93 on July 12, 2015, 05:19:40 PM
Has anybody seen this?

They published all the emails and passwords of their users on the website

And also here: http://pastebin.com/cZ7sy3Gr

Must be a proof that the site was hacked and the hackers want to damage as much as they can cloudminr.

Maybe, or maybe they just want to earn more money from the scam by selling the data of their customers (should I say, victims?). They published 1k addresses and they sell all the database for 1BTC.
Post
Topic
Board Service Announcements
Re: [ANN] CLOUDMINR
by
broc93
on 12/07/2015, 17:19:40 UTC
Has anybody seen this?

They published all the emails and passwords of their users on the website

And also here: http://pastebin.com/cZ7sy3Gr