hack – Buttcoin Foundation

2015 is the year of Bitcoin!

Buttcoin — Tue, 13 Jan 2015 20:27:54 +0000

Have you not been following up on Bitcoin lately? Been in a bit of a haze from the holidays? Or perhaps you’re a heavy alcoholic, unable to function in a normal society and slowly drinking yourself to death? What ever the case for the New Years Blues, it’s important to remember that ~~2014~~ 2015 is the year of Bitcoin! And to let you know how amazing Bitcoin has been for the past two weeks, /r/Buttcoin reddit user Zotamedu�has broken down the happenings as of late.

Bitstamp got robbed of 19 000 butts. Their response was to close down everything and say they would be back in~~24 hours48 hours48-336 hours~~ soonish^TM. They came back after a couple of days.

Paycoin is apparently still a scam according to all bitcoiners. The failure to see the irony is total.

Roger “Bitcoin Jesus” Ver got his visa application denied when he wanted to come back to the US. He got upset that they denined him even though he had paid the his taxes. Apparently, tax is not a codeword for bribing the Embassy. Normal people laugh at him for being an idiot. Bitcoiners cry corruption and tyranny.

CoinTerra went bust and you can now buy their old used miners for only $849 each. They need to get them sold badly because they just got sued for 5 million in unpaid server bills. They are screwed.

Bitpay fired 9 people which was good for bitcoin because reasons.

Cloud miner CEX.io have halted mining because they couldn’t make any money on it any more. That was when the price was still at $270. So there’s no money to be made by cloudmining at $270. The current price of $230 will surely be great for bitcoin and miners.

It seems like Bitstamp has halted all payouts again. Totally not a scam.

The Canadian exchange Vault of Satoshi closed down citing low profitability. They will instead focus on their Netflix VPN service which apparently make much more money.

Overstock goes full Bitcoin and will offer staff to get paid in Butts. They even install a bitcoin ATM at the head office.

A silly iOS game that pays out penny shavings to players managed to use 10 % of all transactions for a couple of days. Quite a few of those seem to have been from a couple of users who quickly figured out how to trick the system to pay out repeatedly without playing. Bitcoiners were euphoric and demanded that more games “gave something back to the gamers”. How that business model was supposed to work remains a mystery. I assume it has something to do with maths and the fundamentals.

The gold dealer Amagi Metals that brings the wonderful world of goldbugs and bitcoiners together revealed plans on going full bitcoin. They plan on only accepting butts as payment by 2016 or 2017. The staff will also be paid in butts. Bitcoiners later freak out as all traces of actual bitcoin payment is removed from the site. Something something problems with evil banks.

Nigeria now has their own exchange. Bitcoiners completely fail to see what’s so funny about that.

Paybase got hacked.

Paybase/GAW claim that they have a deal with Amazon so that paycoins will be usable to buy stuff. It seems like they forgot to tell Amazon about that because Amazon are denying any involvement.

Cloudminer ~~Hashprofit~~ Hashie* gets “hacked” and their site is replaced with references to Disney’s Frozen complete with a link to the song “Let it Go”. It later returns and offer users to mine frostcoins or frozencoins or something. Unclear if it was an actual hack. Most people assume the owners just faked it and ran off with the money.

Then there’s the current 40 dollar drop. It’s a new bearwhalepig, hackers, evil banks, the gubment, illuminati, chinese miners or Bitpay who are to blame. Butters are going mad which is hillarious. On top of that, it seems like miners are starting to pull the plug as well. Stay tuned for a metric ton of comedy gold as this mess unravels.

*Edit: I got the names messed up. Thanks tetondon for sorting it out.

The post 2015 is the year of Bitcoin! appeared first on Buttcoin Foundation.

Satoshi Hacked!

killhamster — Mon, 08 Sep 2014 23:15:03 +0000

News from Thermos, king turd of Bitcoin�s various shit mountains:

[email protected] is compromised
Today at 09:06:34 PM

Today I received an email from [email protected] (Satoshi�s old email address), the contents of which make me almost certain that the email account is compromised. The email was not spoofed in any way. It seems very likely that either Satoshi�s email account in particular or gmx.com in general was compromised, and the email account is now under the control of someone else. Perhaps [email protected] expired and then someone else registered it.

Don�t trust any email sent from [email protected] unless it is signed by Satoshi. (Everyone should have done this even without my warning, of course.)

I wonder when the email was compromised, and whether it could have been used to make the post on p2pfoundation.ning.com.

The email said:
�Michael, send me some coins before I hitman you.�

Not exactly Satoshi�s normal style.

Satoshi Nakamoto replied to Satoshi Nakamoto�s discussion Bitcoin open source implementation of P2P currency

�Dear Satoshi. Your dox, passwords and IP addresses are being sold on the darknet. Apparently you didn�t configure Tor properly and your IP leaked when you used your email account sometime in 2010. You are not safe. You need to get out of where��

The post Satoshi Hacked! appeared first on Buttcoin Foundation.

EXCLUSIVE: Interview with barbarianbob of “The Hole Seekers”, hacking group that took down BitcoinTalk forums.

Buttcoin — Mon, 14 Oct 2013 22:56:40 +0000

On the day of October 2nd in the year of our Lord Two Thousand and Thirteen, something amazing happened. In the wake of the shocking news that Silk Road had been shut down�and that it’s fearless leader Sir Captain Dread Pirate Roberts was totally fucked, BitcoinTalk was once again the subject of a full breach of their forums and code was injected into every webpage. This is the exact same hack that happened nearly 2 years ago when Bill Cosby graced our screens inviting us to join the exciting new world of CosbyCoins. The attackers didn’t leave much information about how or why this was done but it’s probably our favorite moment ever on Buttcoin.

Being the serious investigative journalists we are, we decided to track down and find out who was behind the “Hole Seekers” hack this time. We got our hands on the source code (all 7000 lines of it!) and followed the rabbit hole as far as we could go until we finally got in contact with someone who called themselves barbarianbob. barbarianbob is the leader of the “Hole Seekers” hacking crew and agreed to meet us in a dark parking garage outside of the Mt. Gox headquarters and grant us a brief QA session.

This is the story of the BitcoinTalk Hole Seekers hack, told from the man who made it happen.

Who are “The Hole Seekers”?

Psy-do code.

A team of like-minded security-savvyists who enjoy finding security holes and exploiting them. We seek out and penetrate any holes we can find, no matter how tight the security, and we won�t stop until we�ve filled them with the long-arm of thick-headed justice.

What motivated you do this?

Have you read the forums? Why wouldn�t you want to fuck with them? The Hole Seekers are always looking to plant a pole into whatever cracks we can find, and if we can have some fun doing it then why not? The Hole Seekers will be a bigger name than Kirk Johnson someday.

Did you do the Cosbycoin thing too?

Due to pending litigation, I cannot comment on such matters.

How did you do it?

In 2011, Bitcointalk was taken down by the CosbyCoin Crew. They found a blind sql injection to get the password hash for a forums administrator by the name of ‘satoshi’. This allowed the CosbyCoin Crew to log into that account. Since SMF is such a piece of shit, admins have the power to edit the php code. Using this fact, a backdoor was placed onto the site that allowed basic run of the site. A dump was made of mod/admin hashes. That�s when CosbyCoin was unleashed on the site via some basic javascript. After thermos took the site down, he put it back up 3 times before he finally found and deleted the backdoor. The admins were all told to change their passwords but some of them never did. For whatever reason, back then you only needed the hash to login as someone. We just made a quick script to supply the one cookie, the username, and password hash, and it would output the data to put in hackbar to login as that user. We used method to re-add the backdoor which has been there ever since.

After the site was moved from the Mt. Gox. servers to a new server with nginx+phpfpm, the backdoor was still there.

Did you or thermos bring the site down?

Either he realized what happened and brought the site down or his server couldn�t handle it. We didn�t bring the site down ourselves, we worked too damn hard on it. Use Cloudflare next time!

Did you steal any personal info?

No, what would we do with any of that crap? Renew their subscriptions to Reason magazine?

How long did it take to make those amazing graphics?

I slaved away in front of a hot mining rigs for weeks making those. My undying love for buttcoin is never truly recognized.

Will thermos actually fix the exploit or is he an idiot?

Sounds like he actually found everything, but who knows. SMF is full of bugs and holes, it�s what you expect from a free forum software. What ever happened to that $600k thermos collected for a new forum software?

Are you going to turn yourself in for the 50 BTC bounty?

Turns out thermos is so smart he claimed he found the exploit so he�s paying himself, way to go buddy

Thermos being smart as hell.

Why do you hate bitcoins?

I don�t, but man the community is fucked up.
YOSPOS, bithc

Missed the hack the first time around? Click here to see what it was like!

The post EXCLUSIVE: Interview with barbarianbob of “The Hole Seekers”, hacking group that took down BitcoinTalk forums. appeared first on Buttcoin Foundation.

BitcoinTalk hacked again by “The Hole Seekers”, forums down. (video)

Buttcoin — Thu, 03 Oct 2013 01:42:56 +0000

It’s happened again. BitcoinTalk was hacked once again, this time by a group purporting to be “The Hole Seekers”.

Someone embedded the “1812 Overture” song into the background with a dazzling animated picture show. This reviewer gives it 2 thumbs up!

Unfortunately within a few moments the whole site came down. It’s unlikely it’s due to this attack, and more like the forum is so utter and complete garbage (despite the administrator Theymos accepting over $100k in donations to upgrade it) it probably just simply collapsed from having a several meg file in the header.

See the video below for the whole thing in action.

The post BitcoinTalk hacked again by “The Hole Seekers”, forums down. (video) appeared first on Buttcoin Foundation.

Yet another Bitcoin business is hacked; BitInstant loses $12k in social engineering scam

Buttcoin — Sun, 10 Mar 2013 06:43:31 +0000

You may have heard the news by now, but popular Bitcoin payment provider BitInstant was hacked last week. It wasn’t a massive hack like we’ve seen on MyBitcoin or Mt. Gox so I didn’t see much reason to write on it when I saw it 3 days before Wired’s article, but as I looked at it more I figured I’d point out some interesting points.

First, the hack was a regular social engineering hack. Really simple stuff.

Over the weekend the BitInstant team has been hard at work securing our system from a sophisticated attack on Thursday evening. Overall, due to major choke points and redundancies in our system, the hacker was�only able to walk away with $12,480 USD in BTC, and send them in 3 installments of 333 BTC to bitcoin addresses.

…

The attacker contacted our domain registrar at Site5 posing as me and using a�very similar email address as mine, they did so by proxying through a network owned by a haulage company in the UK whom I suspect are innocent victims the same as ourselves. Armed with knowledge of my place of birth and mother’s maiden name alone (both facts easy to locate on the public record) they convinced Site5 staff to add their email address to the account and make it the primary login (this prevented us from deleting it from the account). We immediately realized what was going on, and logged in to change the information back. After changing this info and locking the attacker out, overnight he was able to revert my changes and point our website somewhere else.

…

After gaining access, they redirected DNS by pointing the nameservers to hetzner.de in germany, they used hetzner’s nameservers to redirect traffic to a hosting provider in ukraine. By doing this, he locked out both my login and Gareths’s login and they used this to hijack our emails and reset the login for one exchange (VirWox), enabling them to gain access and steal $12,480 USD worth of BTC.

BitInstant is shifting the blame totally on the host.�Never mind�the fact that they used real, publicly accessible information on of the owners wide-open Facebook page, this is totally the host’s fault.

Site5 has since responded since the hack.

Security & Social Engineering

This day and age requires us all to be security-conscious

The post Yet another Bitcoin business is hacked; BitInstant loses $12k in social engineering scam appeared first on Buttcoin Foundation.

Wanna see what the Bitcointalk.org forums hack was like?

Buttcoin — Mon, 12 Sep 2011 18:51:29 +0000

Click the giant Cosby below to get an example page (wait 5 seconds).
Refresh the page for different examples.

The post Wanna see what the Bitcointalk.org forums hack was like? appeared first on Buttcoin Foundation.

Bitcointalk forums hacked, Bill Cosby pimping new CosbyCoins to all the members. (Forums DOWN)

Buttcoin — Fri, 09 Sep 2011 20:42:14 +0000

This is by far the mosthilariousthing to happen in the official BitcoinTalk forums, ever.

Someone hacked the forums and injected some code that, among other things, causes a bunch of Bill Cosby popups, simulates uploading of a wallet.dat file, changes all avatars to images of Bill Cosby, and even changes the word Buttcoin to Cosbycoin.

You can see the hilarity yourself by going to the forums and waiting about 5 seconds for the comedy gold to flow.

Here’s a sample of what’s going on.

Better fix this right away!

Forums have been shut down for several hours now.

EDIT: I just got an email from one of the admins “Sirius” that this was mostly likely another Adobe Flash exploit.

We’re looking to the incident right now. We had to take the site offline to protect any further malicious activity.Luckilyit seems like a simple Adobe Flash exploit, and we’ve cleaned up most of the offending code and .swf files.

The exploit he was referring to had this information from Adobe’s site.

This vulnerability (CVE-2018-COZPOP) could cause a crash and potentially allow an attacker to take control of the affected server. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in certain website forum software, delivered as an emoticon or “smilie” in the forum software. At this time, Adobe is not aware of attacks targeting Adobe Reader and Acrobat. Adobe Reader X Protected Mode mitigations would prevent an exploit of this kind from executing.

Make sure to browse safely guys.

The post Bitcointalk forums hacked, Bill Cosby pimping new CosbyCoins to all the members. (Forums DOWN) appeared first on Buttcoin Foundation.

Bruce Wagner ADMITS to the hacking of MyBitcoin.com

Buttcoin — Sun, 04 Sep 2011 19:10:00 +0000

Someone just sent this into my inbox. Apparently this is video that was accidently broadcast 2-3minutes before the beginning of the Bitcoin show. It’s obvious Bruce didn’t know the camera was broadcasting out during this conversation.

The post Bruce Wagner ADMITS to the hacking of MyBitcoin.com appeared first on Buttcoin Foundation.

Lionhat Security takes claim for Mt. Gox hack and user dump, taunts owners and promises next black friday.

Buttcoin — Mon, 20 Jun 2011 03:18:39 +0000

I just received an email from a reliable source (who clued me into the Mt. Gox hack well before the bitcoin forums knew) which points to a security group taking response for the hack and database dump today.

From: David

Subject: mt.gox hack 2day

Message Body:

i know the guys who hacked into mt.gox and dumped the data today. they released about 60k usernames/passes (hashed), but say they are hanging on to the good stuff for now, preparing for another major crash (without correction this time they say)

these guys aren’t lulsec or anon, think bigger picture, esp. in an unreg market like bitcoins

He sent me a link to a manafesto from Lionhat Security, who taunts the lead developer storing US customer info overseas and who’s previous experience includes iPhone applications.

Text version:

Another release from lionhat security

bitcoin sure has come a long way lately? people moving their life savings around, putting it all in mtgox. well you saw what happened the other day what we were able to acquire from them. maybe you shouldn’t have trusted an 18 year old whose credentials include an iphone soundboard app with your offsite servers. also, shouldn’t he have been paying attention to transactions instead of attending anime conventions?

well, good luck with the mining and all, we’re halfway there with the next black fridayQQ
so throw a few coins our way and we’ll give you a little preview of what we have in store next in addition to some more goodies we got from the last hack

1A35CqoJwzsBAa8ytyEQk7592avWKuBeJ
— lionhat security –�in kimshe we trust

They included a bitcoin block link so maybe they’re looking to cash in on the same penny BTC action from today, who knows.

Remember, if you have any tips feel free to contact me

The post Lionhat Security takes claim for Mt. Gox hack and user dump, taunts owners and promises next black friday. appeared first on Buttcoin Foundation.

Today’s sell off was because of Mt. Gox hack

Buttcoin — Sun, 19 Jun 2011 19:25:48 +0000

There’s a database dump of around 60k Mt. Gox users that just got released.

Wanna know where all those sell orders came from?

The post Today’s sell off was because of Mt. Gox hack appeared first on Buttcoin Foundation.