API tools faq
paste
Guest User

Untitled

a guest
May 8th, 2014
362
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 12.70 KB | None | 0 0
raw download clone embed print report
  1. email from poolowners@ http://pool.mn/ -- regarding false or missing withdraws
  2.  
  3. Another IP used is this one: 78.8.23.163
  4. Both of the above addresses are in Poland. I don't know if we have a Polish pool. Could be that these IPs are used as proxies.
  5.  
  6.  
  7.  
  8. It seems that we have figured out how this happened. Affected miners apparently used the same username/password/pin on another pool, the pool owner didn't hash these and then used them to withdraw coins from our pool. I am afraid that this could happen with other pools as well. Maybe you should warn them. Here is the log, almost all of the action yesterday was done from a single IP 78.8.84.48, however other IPs were used as well.
  9.  
  10.  
  11. 2014-05-07 18:50:30 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 4.49 ] : gloop has logged in with a different IP, saved is [79.81.193.203]
  12. 2014-05-07 18:51:25 - INFO --> [ 78.8.84.48 ] [ account | edit ] [ 9.74 ] : gloop updated their account details
  13. 2014-05-07 18:51:39 - INFO --> [ 78.8.84.48 ] [ account | edit ] [ 3.81 ] : gloop requesting manual payout
  14. 2014-05-07 18:53:09 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 5.05 ] : frazazel has logged in with a different IP, saved is [81.207.17.53]
  15. 2014-05-07 19:00:56 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 4.10 ] : cinek366 has logged in with a different IP, saved is [89.68.102.46]
  16. 2014-05-07 19:02:19 - INFO --> [ 78.8.84.48 ] [ account | edit ] [ 9.77 ] : cinek366 updated their account details
  17. 2014-05-07 19:02:29 - INFO --> [ 78.8.84.48 ] [ account | edit ] [ 3.82 ] : cinek366 requesting manual payout
  18. 2014-05-07 19:10:54 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 4.24 ] : conzlab has logged in with a different IP, saved is [114.79.2.128]
  19. 2014-05-07 19:12:58 - ERROR --> [ 78.8.84.48 ] [ login | none ] [ 3.47 ] : Authentication failed for evilmuffinman
  20. 2014-05-07 19:13:30 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 4.16 ] : ManDZiO has logged in with a different IP, saved is [83.10.97.16]
  21. 2014-05-07 19:14:48 - INFO --> [ 78.8.84.48 ] [ account | edit ] [ 6.50 ] : ManDZiO updated their account details
  22. 2014-05-07 19:15:04 - INFO --> [ 78.8.84.48 ] [ account | edit ] [ 3.84 ] : ManDZiO requesting manual payout
  23. 2014-05-07 19:18:08 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 6.12 ] : mkminers has logged in with a different IP, saved is [178.223.78.3]
  24. 2014-05-07 19:18:53 - WARN --> [ 178.223.78.3 ] [ login | none ] [ 4.14 ] : mkminers has logged in with a different IP, saved is [78.8.84.48]
  25. 2014-05-07 19:18:58 - WARN --> [ 78.8.84.48 ] [ statistics | pool ] [ 6.34 ] : Forcing logout, user is locked or IP changed mid session [hijack attempt?]
  26. 2014-05-07 19:19:16 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 5.24 ] : mkminers has logged in with a different IP, saved is [178.223.78.3]
  27. 2014-05-07 19:20:06 - INFO --> [ 78.8.84.48 ] [ account | edit ] [ 5.60 ] : mkminers updated their account details
  28. 2014-05-07 19:20:26 - INFO --> [ 78.8.84.48 ] [ account | edit ] [ 3.71 ] : mkminers requesting manual payout
  29. 2014-05-07 19:20:52 - INFO --> [ 78.8.84.48 ] [ account | edit ] [ 4.63 ] : mkminers updated their account details
  30. 2014-05-07 19:24:43 - WARN --> [ 178.223.78.3 ] [ login | none ] [ 5.45 ] : mkminers has logged in with a different IP, saved is [78.8.84.48]
  31. 2014-05-07 19:25:32 - WARN --> [ 78.8.84.48 ] [ dashboard | none ] [ 2.59 ] : Forcing logout, user is locked or IP changed mid session [hijack attempt?]
  32. 2014-05-07 19:25:56 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 4.42 ] : mkminers has logged in with a different IP, saved is [178.223.78.3]
  33. 2014-05-07 19:28:01 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 4.21 ] : xaitienle has logged in with a different IP, saved is [1.52.237.223]
  34. 2014-05-07 19:30:02 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 7.13 ] : kevondo has logged in with a different IP, saved is [71.235.2.237]
  35. 2014-05-07 19:31:02 - INFO --> [ 78.8.84.48 ] [ account | edit ] [ 21.81 ] : kevondo updated their account details
  36. 2014-05-07 19:31:13 - INFO --> [ 78.8.84.48 ] [ account | edit ] [ 3.79 ] : kevondo requesting manual payout
  37. 2014-05-07 19:31:32 - INFO --> [ 78.8.84.48 ] [ account | edit ] [ 9.43 ] : kevondo updated their account details
  38. 2014-05-07 19:32:46 - WARN --> [ 79.81.193.203 ] [ login | none ] [ 4.66 ] : gloop has logged in with a different IP, saved is [78.8.84.48]
  39. 2014-05-07 19:33:39 - WARN --> [ 71.235.2.237 ] [ login | none ] [ 5.78 ] : kevondo has logged in with a different IP, saved is [78.8.84.48]
  40. 2014-05-07 19:40:20 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 5.38 ] : 13599336230 has logged in with a different IP, saved is [218.55.13.100]
  41. 2014-05-07 19:44:19 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 5.17 ] : western has logged in with a different IP, saved is [46.98.39.184]
  42. 2014-05-07 19:45:30 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 5.51 ] : doolocsta has logged in with a different IP, saved is [174.141.12.138]
  43. 2014-05-07 19:46:25 - INFO --> [ 78.8.84.48 ] [ account | edit ] [ 9.93 ] : doolocsta updated their account details
  44. 2014-05-07 19:48:27 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 3.99 ] : aqva has logged in with a different IP, saved is [77.105.31.15]
  45. 2014-05-07 19:49:14 - ERROR --> [ 78.8.84.48 ] [ login | none ] [ 3.64 ] : Authentication failed for littletinymonkey
  46. 2014-05-07 19:50:18 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 16.66 ] : tgwb has logged in with a different IP, saved is [112.169.223.16]
  47. 2014-05-07 19:50:54 - INFO --> [ 78.8.84.48 ] [ account | edit ] [ 5.08 ] : tgwb updated their account details
  48. 2014-05-07 19:51:00 - INFO --> [ 78.8.84.48 ] [ account | edit ] [ 3.82 ] : tgwb requesting manual payout
  49. 2014-05-07 19:52:38 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 4.76 ] : woolok has logged in with a different IP, saved is [107.6.9.68]
  50. 2014-05-07 19:57:09 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 104.62 ] : playah has logged in with a different IP, saved is [71.205.209.72]
  51. 2014-05-07 20:00:41 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 4.30 ] : hongshizi888 has logged in with a different IP, saved is [204.45.6.45]
  52. 2014-05-07 20:02:52 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 4.34 ] : hoaivu1992 has logged in with a different IP, saved is [115.76.1.112]
  53. 2014-05-07 20:06:32 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 34.89 ] : hczjazj has logged in with a different IP, saved is [180.152.248.121]
  54. 2014-05-07 20:30:50 - WARN --> [ 174.141.12.138 ] [ login | none ] [ 4.36 ] : doolocsta has logged in with a different IP, saved is [78.8.84.48]
  55. 2014-05-07 20:40:44 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 4.78 ] : burner2014 has logged in with a different IP, saved is [124.122.87.110]
  56. 2014-05-07 20:42:31 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 5.12 ] : TrollBoxChampion has logged in with a different IP, saved is [174.62.205.212]
  57. 2014-05-07 20:43:47 - INFO --> [ 78.8.84.48 ] [ account | edit ] [ 5.97 ] : TrollBoxChampion updated their account details
  58. 2014-05-07 20:43:57 - INFO --> [ 78.8.84.48 ] [ account | edit ] [ 3.71 ] : TrollBoxChampion requesting manual payout
  59. 2014-05-07 20:44:40 - INFO --> [ 78.8.84.48 ] [ account | edit ] [ 5.08 ] : TrollBoxChampion updated their account details
  60. 2014-05-07 21:06:31 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 4.85 ] : ynbcjrl has logged in with a different IP, saved is [182.241.38.71]
  61. 2014-05-07 21:07:41 - INFO --> [ 78.8.84.48 ] [ account | edit ] [ 101.20 ] : ynbcjrl updated their account details
  62. 2014-05-07 21:07:49 - INFO --> [ 78.8.84.48 ] [ account | edit ] [ 3.84 ] : ynbcjrl requesting manual payout
  63. 2014-05-07 21:08:45 - WARN --> [ 178.223.78.3 ] [ login | none ] [ 5.24 ] : mkminers has logged in with a different IP, saved is [78.8.84.48]
  64. 2014-05-07 21:08:53 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 4.06 ] : vnp1978 has logged in with a different IP, saved is [113.165.142.68]
  65. 2014-05-07 21:10:20 - INFO --> [ 78.8.84.48 ] [ account | edit ] [ 9.86 ] : vnp1978 updated their account details
  66. 2014-05-07 21:11:07 - ERROR --> [ 78.8.84.48 ] [ login | none ] [ 4.23 ] : Authentication failed for onnz423
  67. 2014-05-07 21:24:40 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 4.19 ] : mkminers has logged in with a different IP, saved is [178.223.78.3]
  68. 2014-05-07 21:25:28 - INFO --> [ 78.8.84.48 ] [ account | edit ] [ 3.78 ] : mkminers requesting manual payout
  69. 2014-05-07 21:36:20 - WARN --> [ 178.223.78.3 ] [ login | none ] [ 6.25 ] : mkminers has logged in with a different IP, saved is [78.8.84.48]
  70. 2014-05-07 21:46:04 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 5.23 ] : foxill1 has logged in with a different IP, saved is []
  71. 2014-05-07 21:50:12 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 4.87 ] : chun2014 has logged in with a different IP, saved is [42.97.178.168]
  72. 2014-05-07 21:51:33 - INFO --> [ 78.8.84.48 ] [ account | edit ] [ 6.00 ] : chun2014 updated their account details
  73. 2014-05-07 21:51:41 - INFO --> [ 78.8.84.48 ] [ account | edit ] [ 3.73 ] : chun2014 requesting manual payout
  74. 2014-05-07 21:52:50 - ERROR --> [ 78.8.84.48 ] [ login | none ] [ 4.20 ] : Authentication failed for htgame
  75. 2014-05-07 21:53:59 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 4.94 ] : wjw1199 has logged in with a different IP, saved is [115.196.131.215]
  76. 2014-05-07 21:58:30 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 4.19 ] : mkminers has logged in with a different IP, saved is [178.223.78.3]
  77. 2014-05-07 21:58:56 - INFO --> [ 78.8.84.48 ] [ account | edit ] [ 3.75 ] : mkminers requesting manual payout
  78. 2014-05-07 22:03:48 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 5.07 ] : vicky68 has logged in with a different IP, saved is [1.53.198.192]
  79. 2014-05-07 22:05:32 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 4.11 ] : yssctl has logged in with a different IP, saved is [115.223.11.133]
  80. 2014-05-07 22:06:19 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 4.93 ] : lishijiang has logged in with a different IP, saved is [61.198.213.250]
  81. 2014-05-07 22:23:25 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 4.79 ] : oyg922 has logged in with a different IP, saved is [223.255.241.133]
  82. 2014-05-07 22:25:42 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 5.83 ] : ytgdq has logged in with a different IP, saved is [106.186.118.190]
  83. 2014-05-07 22:27:18 - ERROR --> [ 78.8.84.48 ] [ login | none ] [ 4.26 ] : Authentication failed for xxxARGUSxxx
  84. 2014-05-07 22:27:51 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 4.16 ] : cheng249146886 has logged in with a different IP, saved is [110.184.252.92]
  85. 2014-05-07 22:44:40 - WARN --> [ 178.223.78.3 ] [ login | none ] [ 4.05 ] : mkminers has logged in with a different IP, saved is [78.8.84.48]
  86. 2014-05-07 22:53:59 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 3.89 ] : tramphuochuy has logged in with a different IP, saved is [113.162.174.124]
  87. 2014-05-07 22:54:46 - INFO --> [ 78.8.84.48 ] [ account | edit ] [ 5.68 ] : tramphuochuy updated their account details
  88. 2014-05-07 22:54:52 - INFO --> [ 78.8.84.48 ] [ account | edit ] [ 3.75 ] : tramphuochuy requesting manual payout
  89. 2014-05-07 22:55:43 - ERROR --> [ 78.8.84.48 ] [ login | none ] [ 3.68 ] : Authentication failed for xmqqlin
  90. 2014-05-07 22:58:08 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 4.88 ] : iskrens has logged in with a different IP, saved is [37.143.220.133]
  91. 2014-05-07 22:58:51 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 4.15 ] : wnyl has logged in with a different IP, saved is [192.155.84.77]
  92. 2014-05-07 23:27:59 - WARN --> [ 78.8.84.48 ] [ statistics | pool ] [ 416.80 ] : Forcing logout, user is locked or IP changed mid session [hijack attempt?]
  93. 2014-05-07 23:31:06 - WARN --> [ 78.8.84.48 ] [ login | none ] [ 5.73 ] : mkminers has logged in with a different IP, saved is [178.223.78.3]
  94. 2014-05-07 23:31:47 - INFO --> [ 78.8.84.48 ] [ account | edit ] [ 3.67 ] : mkminers requesting manual payout
  95. 2014-05-07 23:34:43 - WARN --> [ 83.30.244.85 ] [ login | none ] [ 4.51 ] : ManDZiO has logged in with a different IP, saved is [78.8.84.48]
  96. 2014-05-07 23:46:10 - WARN --> [ 89.68.102.46 ] [ login | none ] [ 6.29 ] : cinek366 has logged in with a different IP, saved is [78.8.84.48]
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!