Bitcointalk.org hackad, sidan nere.

Bitcointalk.org hacked, site currently down

Bitcointalk.org hacked, site currently down

Update 1

Theymos has posted on a Reddit thread that he is willing to give 50 BTC as reward to anyone who finds out how Bitcointalk was hacked.

Theymos notes that chances are that attackers may have executed arbitrary PHP code and may have gotten access to the database. Theymos notes, “The forum will be down for a while. Backups exist and are held by several people. At this time I feel that password hashes were probably not compromised, but I can’t say for sure. If you used the same password on bitcointalk.org as on other sites, you may want to change your passwords.”

The administrator has revealed that passwords on Bitcointalk are “hashed using sha256crypt with 7500 rounds.” He also notes that the injected JavaScript into the avatars directory “seems harmless.”

Theymos goes on to add details about the hack from what he has understood through the analysis. Head on here to read more on that.

“Figuring out the specifics is probably beyond my skills, so 50 BTC to the first person who tells me how this was done”, concludes Theymos.

Original Story

According to reports and videos making rounds online, Bitcointalk.org has been hacked and as it stands the site is currently unreachable.

According to various status websites, Bitcointalk has been down since nearly 6 hours. The forums have been allegedly hacked by “The Hole Seekers” according to a video (below).

“Hello friend, Bitcoin has been seized by the FBI for being illegal. Thanks, bye” reads one the message in the video. This is obviously a joke and it seems that it has been directed towards recent arrest of Ross Ulbricht and shuttering of Silk Road.

There is no further information available currently, but according to post by Bitcointalk’s administrator “Theymos” on a a Reddit thread the source code of Bitcointalk andJavaScript payload have been made available online for anyone to download. Further Theymos claims that on analysis of the payload nothing suspicious has been found.

Developing….

2 reaktioner på ”Bitcointalk.org hackad, sidan nere.

  1. E-mail from the admin of Bitcointalk.org

    ”Unfortunately, it was recently discovered that the Bitcoin Forum’s server was compromised. It is currently believed that the attacker(s) *could* have accessed the database, but at this time it is unknown whether they actually did so. If they accessed the database, they would have had access to all personal messages, emails, and password hashes. To be safe, it is recommended that all Bitcoin Forum users consider any password used on the Bitcoin Forum in 2013 to be insecure: if you used this password on a different site, change it. When the Bitcoin Forum returns, change your password.

    Passwords on the Bitcoin Forum are hashed with 7500 rounds of sha256crypt. This is very strong. It may take years for reasonably-strong passwords to be cracked. Even so, it is best to assume that the attacker will be able to crack your passwords.

    The Bitcoin Forum will return within the next several days after a full investigation has been conducted and we are sure that this problem cannot recur.

    Check Bitcoin and #bitcoin on Freenode for more info as it develops.

    We apologize for the inconvenience.”

    Gilla

Kommentera

Fyll i dina uppgifter nedan eller klicka på en ikon för att logga in:

WordPress.com Logo

Du kommenterar med ditt WordPress.com-konto. Logga ut /  Ändra )

Google+-foto

Du kommenterar med ditt Google+-konto. Logga ut /  Ändra )

Twitter-bild

Du kommenterar med ditt Twitter-konto. Logga ut /  Ändra )

Facebook-foto

Du kommenterar med ditt Facebook-konto. Logga ut /  Ändra )

w

Ansluter till %s