Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

hack !!! https://altmarkets.cc/announce #207

Open
diakas opened this issue Nov 18, 2018 · 22 comments
Open

hack !!! https://altmarkets.cc/announce #207

diakas opened this issue Nov 18, 2018 · 22 comments

Comments

@diakas
Copy link

diakas commented Nov 18, 2018
edited
Loading

https://altmarkets.cc/announce

After investigating all of the logs and balances here is what the hacker has taken:

864878 doge

2.785 BTC

61924 x42

What happened?
They have the old version?
@ghost
Copy link

ghost commented Nov 18, 2018

I have been in some chats when them and they were up to date on the git

@juanmantelli
Copy link

Is important for all of us to know what happend. We have to improve the security of the code together

@cryptobot123
Copy link

inside job

@IMPERIUM-main-dev
Copy link

......

@IMPERIUM-main-dev
Copy link

Either they got hacked or it was an exit scam.

@IMPERIUM-main-dev
Copy link

Or they just did not use the latest opentrade code or they added bad code.

@IMPERIUM-main-dev
Copy link

Starving this month because I got listed 10 days for 0.01 BTC and I'm poor.....

@ExchangeTime
Copy link

They deleted everything, destroyed and left their discord.
No posts on twitter and other social medias.
Talking about SQL injection on balance. Isnt it grabbing the account from RPC wallet before any withdraws meaning even if you change the values on website you cant go > userID / wallet account.

Looks like a 100% exitscam from their side as i even got banned from their discord when i came with facts.

@jonn4y
Copy link
Contributor

jonn4y commented Nov 19, 2018

normally i wouldn't waste my time responding to shit like this but ok.
1:
" Isnt it grabbing the account from RPC wallet before any withdraws meaning even if you change the values on website you cant go > userID / wallet account."

you clearly do not know how OpenTrade works, all balances from the wallet account go to a root account and everything is then handled via database.

2:
you prob got banned for being a dick / troll

3:
if it was an exit scam, we wouldn't be refunding everyone, we would have taken all the balances and dumped them on other exchanges. you would see the proof of our refunds going out but, you are banned so yeah

@huuhait
Copy link

huuhait commented Nov 19, 2018
edited
Loading

change to peatio :))
image

@Latinex
Copy link

Latinex commented Nov 19, 2018

is a problem of opensource, should be updated much more, there is only one person working on the base code while there should be people reviewing several points, a part would need a much wider readme

@Latinex
Copy link

Latinex commented Nov 19, 2018

change to peatio :))
image

Peatio is built in ruby5, it is quite difficult to edit, it also needs many more resources and is much less scalable

@huuhait
Copy link

huuhait commented Nov 19, 2018

Of course it's not for noob

@ExchangeTime
Copy link

@Latinex @Thedabest What layouts on peatio is that?

@Latinex
Copy link

Latinex commented Nov 19, 2018

@Latinex @Thedabest What layouts on peatio is that?

https://rubykube.io/

@huuhait
Copy link

huuhait commented Nov 19, 2018
edited
Loading

my custom layouts
rubykube use default peatio layouts

@diakas
Copy link
Author

diakas commented Nov 19, 2018

Opentrade the author stops posting updates to github
https://bitcointalk.org/index.php?topic=2509833.msg48033457#msg48033457

Most likely they had an old version of the engine. Or one of two...
By the way I decided to stop to upload a new version to github. So who will forcat - looking for programmer which will be finished to your wishlist.

@diakas
Copy link
Author

diakas commented Nov 20, 2018
edited
Loading

I think this project is early to bury the opposite test a sign of interest and they are perfecting the skill!

As an option of protection I think that it is necessary for each user to give a unique hash when entering and to carry out all operations in encrypted form - to exclude addition manually in request of a malicious injection.

Who will be able to realize it?

https://bitcointalk.org/index.php?topic=2509833.msg48081990#msg48081990

@kokucrypto
Copy link

I'm sorry for altmarkets,
it was a very good exchange with gently devs,always active and present.

Let's work all togheter to find bugs and make opentrade more secure.

@jonn4y
Copy link
Contributor

jonn4y commented Jan 22, 2019

Are you for real? You are like a kid that just found out Santa isn’t real.
You are commenting on a old thread with inaccurate information we’re not even using that shit script check the source code and back your claims before you post incorrect facts.

Show me where I mentioned these 13 exploits it’s a very specific number

I have fixed and changes for opentrade that I will push once I have finished on the new AltMarkets

@knkrth
Copy link
Contributor

knkrth commented Jun 25, 2019

@jonn4y Does the latest https://altmarkets.io/ run's open trade Or peatio Or any other exchange framework?

@cryptobot123
Copy link

cryptobot123 commented Jun 25, 2019 via email

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
10 participants
@jonn4y @juanmantelli @knkrth @cryptobot123 @diakas @huuhait @kokucrypto @Latinex @ExchangeTime @IMPERIUM-main-dev