* baritus (~baritus@unaffiliated/baritus) has joined #digitalcoin* ChanServ gi

1. * baritus (~baritus@unaffiliated/baritus) has joined #digitalcoin
2. * ChanServ gives channel operator status to baritus
3. * PirateKitteh (PirateKitt@gateway/shell/bnc4free/x-wxybiuzggocxfzpv) has joined #digitalcoin
4. * wesleyh has quit (Ping timeout: 252 seconds)
5. * wesleyh ([email protected]) has joined #digitalcoin
6. <baritus> hey
7. <ThinkThrough> Hey
8. <ThinkThrough> how goes
9. <baritus> through some PHP bug(I'm guessing) or some trojan that's going around, some hacker was able to reset password on c ave
10. <baritus> for a few users
11. <baritus> not sure how it's possible since I already looked at all my code and it doesn't allow for it ever
12. <baritus> and the other odd things is, they were able to get the verification email codes
13. <baritus> from the user's email accounts
14. <baritus> which I am not sure of how they did it either
15. <baritus> good news is, I had detection kick in that locked out those accounts
16. <baritus> so I still have everyone's funds
17. <baritus> but the bad news is, someone has a trojan embedded in a lot of crypto community or some unknown bug in PHP makes it completely insecure
18. <Eli0t> :(
19. * Takuza (803d7964@gateway/web/cgi-irc/kiwiirc.com/ip.128.61.121.100) has joined #digitalcoin
20. <Mikey2011> So what is the plan?
21. <Eli0t> trawl the logs i guess
22. <baritus> well I already did that
23. <baritus> legit requests were sent
24. <baritus> to the actual emails
25. <baritus> and were somehow verified through the code that was sent to the user
26. <delete> !dgc
27. <DGCBot> DGC Prices (Cryptsy) - BTC: 0.000082025 USD: $0.05. Difficulty: 7.167. Hashrate: 367.07 Mh/s
28. <baritus> only high value accounts were targeted
29. <baritus> so someone already had the email, username, pin of the users
30. <Eli0t> thats quite disturbing
31. <Takuza> @ . @
32. <baritus> very easy to create a trojan, embed it into a new "coin", and infect anyone who installs it with full access
33. <Eli0t> implies the abilty to read the database
34. <Eli0t> if they can pick high value targets
35. <baritus> database can't be read
36. <baritus> fully encrypted
37. <baritus> I don't even store usernames just a hash of them
38. * infojunkie ([email protected]) has joined #digitalcoin
39. <baritus> so that's not possible.
40. <samson_> good morning
41. <Eli0t> salted i guess
42. <baritus> I use bcrypt and yeah
43. <baritus> that's not how
44. <baritus> they went through the full recovery process
45. <baritus> including sending the mail and clicking the link in it
46. <Eli0t> wonder what recent coins techbytes and mobgod where mining
47. <delete> maybe they captured the email in some smtp relay?
48. <baritus> I use google servers to directly send mail
49. <samson_> So this is no script kiddie attack - it's someone who wants to take the exchange out
50. <ThinkThrough> then either its a trojan on the user's end
51. <baritus> yeah there are no bugs in the code
52. <ThinkThrough> how can you be sure that they got the verifaction mail
53. <baritus> so there must be in the language
54. <baritus> or the users