Under Attack Again
-
Tallking with mullick on cryptsy chat I got this in regards to it’s pull from the market…
mullick: @jeremiel: In fact looking through our conversation He said the system auto suspended the market.
Which means there is an internal rule within cryptsy to get something delisted. Either the attacker tripped it or something happening within the ftc network tripped it.
-
[quote name=“jeremiel” post=“22068” timestamp=“1374174439”]
Tallking with mullick on cryptsy chat I got this in regards to it’s pull from the market…mullick: @jeremiel: In fact looking through our conversation He said the system auto suspended the market.
Which means there is an internal rule within cryptsy to get something delisted. Either the attacker tripped it or something happening within the ftc network tripped it.
[/quote]I can confirm this. I am a moderator for Cryptsy, and this morning our software detected multiple deposit reversals and auto suspended trading accordingly. The wallets however remained accessible until Vern disabled them to investigate the problem.
-
[quote name=“JesstersDead” post=“22083” timestamp=“1374175318”]
[quote author=jeremiel link=topic=2847.msg22068#msg22068 date=1374174439]
Tallking with mullick on cryptsy chat I got this in regards to it’s pull from the market…mullick: @jeremiel: In fact looking through our conversation He said the system auto suspended the market.
Which means there is an internal rule within cryptsy to get something delisted. Either the attacker tripped it or something happening within the ftc network tripped it.
[/quote]I can confirm this. I am a moderator for Cryptsy, and this morning our software detected multiple deposit reversals and auto suspended trading accordingly. The wallets however remained accessible until Vern disabled them to investigate the problem.
[/quote]That’s what I want to hear. So, there’s a rule for controlling double-spending based off so many sec lead time for withdrawls probably created because the powercoin problem.
-
[quote name=“JesstersDead” post=“22083” timestamp=“1374175318”]
I can confirm this. I am a moderator for Cryptsy, and this morning our software detected multiple deposit reversals and auto suspended trading accordingly. The wallets however remained accessible until Vern disabled them to investigate the problem.
[/quote]Thanks Jesster, sharing this kind of information allows us to combat the scaremongers. Thank Vern for being his usual efficient self too.
-
[quote name=“spynappels” post=“22102” timestamp=“1374179191”]
[quote author=JesstersDead link=topic=2847.msg22083#msg22083 date=1374175318]
I can confirm this. I am a moderator for Cryptsy, and this morning our software detected multiple deposit reversals and auto suspended trading accordingly. The wallets however remained accessible until Vern disabled them to investigate the problem.
[/quote]Thanks Jesster, sharing this kind of information allows us to combat the scaremongers. Thank Vern for being his usual efficient self too.
[/quote]+1
-
[quote name=“ghostlander” post=“21977” timestamp=“1374160498”]
The attack purpose is to damage network operations and to discourage miners.
[/quote]Running on 449,218 KHash/s they definetly succeed their intent for the moment :o
-
[quote]Running on 449,218 KHash/s they definetly succeed their intent for the moment [/quote]
the calculation is wrong as he play with the time we make 15 blocks in 30 minutes at diff 74 since retarget so we are about 2Gh/s and growing rapidly.as he made another fork at 51838 until retarget at 51912:
the next retarget will use 10H instead of 21H25 of july 18 as start of the retarget window so it add 11h25 to the real window if we make that in 6-7 hours we should retarget nearly as expected. if we takes longer we will retarget at similar diff if we go over 10h we retarget at a lower diff.
-
Being new to mining I really freaked out when I awoke to see all the orphan blocks. After a lot of reading I have to say I am more confident in FTC Than before. This attack makes me want to contribute to the community more than ever.
-
I’m a little confused. My pool network hashrate says near 2.9gh where as the site says the network hashrate is near 500mh.
-
[quote name=“wesphily” post=“22130” timestamp=“1374188599”]
[quote author=990fox link=topic=2847.msg22123#msg22123 date=1374185761]
Being new to mining I really freaked out when I awoke to see all the orphan blocks. After a lot of reading I have to say I am more confident in FTC Than before. This attack makes me want to contribute to the community more than ever.
[/quote]Thank you for your support. I can assure you that the only thing this attack has done is sped up the development of our new security features. Bush is working as hard as he can so we should see the results soon.
Thank you all for your patience.
[/quote]Awesome news. Thanks for all you guys are doing. :)
-
[quote]I’m a little confused. My pool network hashrate says near 2.9gh where as the site says the network hashrate is near 500mh.[/quote]
d2(your pool I know) takes 30 blocks here is 60. As the attacker stop the time on the chain for >11h the 60 block here takes the 60 blocks/13h at diff 74 to calculate the hash rate. The reality it’s 60/2h. More then 30 blocks have been found since the end of the attack (the retarget block) d2 is calculating a correct value. The stat page here is now ok also as we are now over the 60 block since retarget. -
[quote name=“groll” post=“22138” timestamp=“1374190231”]
[quote]I’m a little confused. My pool network hashrate says near 2.9gh where as the site says the network hashrate is near 500mh.[/quote]
d2(your pool I know) takes 30 blocks here is 60. As the attacker stop the time on the chain for >11h the 60 block here takes the 60 blocks/13h at diff 74 to calculate the hash rate. The reality it’s 60/2h. More then 30 blocks have been found since the end of the attack (the retarget block) d2 is calculating a correct value. The stat page here is now ok also as we are now over the 60 block since retarget.
[/quote]i appreciate the response. I noticed the correction then the post.
-
[quote name=“jeremiel” post=“22068” timestamp=“1374174439”]
Tallking with mullick on cryptsy chat I got this in regards to it’s pull from the market…mullick: @jeremiel: In fact looking through our conversation He said the system auto suspended the market.
Which means there is an internal rule within cryptsy to get something delisted. Either the attacker tripped it or something happening within the ftc network tripped it.
[/quote]Sorry I couldn’t respond earlier. It’s been a busy day. I am only a chat moderator at cryptsy but have contact with vern in case of any issues.
That post was in response to a concern a member had. He was concerned vern had not made an announcement as to why FTC trading had been suspended.
Vern notified me that something odd was going on with FTC. He had received several notifications for deposit reversals… He stated the system had detected it and suspended all trading for the FTC/BTC pair.
This implied to me that vern was not currently at the server but his security measures had done their job.
I did not want to cause panic. So i kept the information quite at first until I was able to confirmed. I investigated the blockchain and saw the evidence in blocks 51801 and 51802. I was then linked to this topic. At this time I felt confident to inform the users of what was happening. Further investigation by myself found more evidence listed in the OP
I will encourage vern to reply here. I will update you when I have more information
But yes the security measures are a result of the recent spree of attacks on extremely low hashrate blockchains. I do not believe the attacks are related due to the fact that all others were below 10Mh at the time. Any bored miner with a decent hashrate could have been responsible. But to pull of something of this magnitude is quite a challenge.
But that is just speculation.
-
look at the time of block 52178 compare to other 2h diff in the future, this the max allowed. he is testing all the limit he test the median on his last long fork as he had kept blocks and change the time just over those 6 block 51833-51836 inclusively.I’m a bit surprise he can do with 6 as median would be the 6th one of the 11. i need to check that code correctly as the specification don’t fit. (edit: ok he found 51835 with the low time so 5 blocks each side as expected and means is his block with changed time so he can continue use low time)
attacker actual address is 6kStRVT25dG9sRPvGoHZ4izHA6qKJ4E1R9
let me guess: will use to retarget lower at retarget time(i see other used, but will not disclose except to dev team as I don’t want to give idea)
I see that when at low diff the attacker mines with the network(this address mine legitimately since retarget), when diff goes up he disapear(possibly mining other coin) or attack us. he seems to have sometimes more then 2.5Gh/s but most of the time a lot less). from the last low diff when he still had more then 50% with network at 5.x Gh/s. at that time his address was 6wyj1e7A8E4VpEqAHje3bNREQASpLVeNqA. he found 28 block between 51206 and 51249 (28/43) stats page sow at some point 6Gh/s around that time, but few blocks later when I found this and check back was at 5.2Gh/s.
-
at 52236: network is time DOS for 2 hours a head for means of the last 11 blocks, so attacker has control unless he generate less then 6 block per 2 hours or everyone change time to 2 hours ahead.
the attacker was able to generate 6 blocks 2 hour ahead in 11 blocks so no block with current time enter the chain, only blocks ahead of current time can enter.
-
[quote name=“groll” post=“22167” timestamp=“1374210374”]
at 52236: network is time DOS for 2 hours a head for means of the last 11 blocks, so attacker has control unless he generate less then 6 block per 2 hours or everyone change time to 2 hours ahead.the attacker was able to generate 6 blocks 2 hour ahead in 11 blocks so no block with current time enter the chain, only blocks ahead of current time can enter.
[/quote]Explains a lot. Been mining on D2’s pool and just noticed every share over the past 130 minutes has been a reject…
-
[quote name=“raptorak” post=“22169” timestamp=“1374215103”]
[quote author=groll link=topic=2847.msg22167#msg22167 date=1374210374]
at 52236: network is time DOS for 2 hours a head for means of the last 11 blocks, so attacker has control unless he generate less then 6 block per 2 hours or everyone change time to 2 hours ahead.the attacker was able to generate 6 blocks 2 hour ahead in 11 blocks so no block with current time enter the chain, only blocks ahead of current time can enter.
[/quote]Explains a lot. Been mining on D2’s pool and just noticed every share over the past 130 minutes has been a reject…
[/quote]You still having the issues?
What needs to be done to fix?
-
jamestown on the trollbox was a former miner and believer in Feathercoin. He is now lost to us because of the “5th attack” again a few hours ago. He is saying that he is about to dump a lot of Feathercoin on to the BTC-e exchange and this makes me sad.
If he was just a troll I wouldn’t care but he seems smart and heart broken. That was another attack after the one yesterday?
-
What doesn’t kill us makes us stronger :).
I believe in our dev’s that they will come with a clever solution!
-
I will continue mining feathercoin forever. No matter even after 100000000th attack. For me it is this awesome community that makes me continue my belief in feathercoin. Whatever you want to do now, keep your dev team and we will support you.
