Forum Home
    • Register
    • Login
    • Search
    • Recent
    • Tags
    • Popular

    Under Attack Again

    Attacks and Feathercoin Security
    27
    77
    32090
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jeremiel Regular Member last edited by

      Tallking with mullick on cryptsy chat I got this in regards to it’s pull from the market…

      mullick: @jeremiel: In fact looking through our conversation He said the system auto suspended the market.

      Which means there is an internal rule within cryptsy to get something delisted. Either the attacker tripped it or something happening within the ftc network tripped it.

      1 Reply Last reply Reply Quote 0
      • J
        JesstersDead last edited by

        [quote name=“jeremiel” post=“22068” timestamp=“1374174439”]
        Tallking with mullick on cryptsy chat I got this in regards to it’s pull from the market…

        mullick: @jeremiel: In fact looking through our conversation He said the system auto suspended the market.

        Which means there is an internal rule within cryptsy to get something delisted. Either the attacker tripped it or something happening within the ftc network tripped it.
        [/quote]

        I can confirm this. I am a moderator for Cryptsy, and this morning our software detected multiple deposit reversals and auto suspended trading accordingly. The wallets however remained accessible until Vern disabled them to investigate the problem.

        1 Reply Last reply Reply Quote 0
        • J
          jeremiel Regular Member last edited by

          [quote name=“JesstersDead” post=“22083” timestamp=“1374175318”]
          [quote author=jeremiel link=topic=2847.msg22068#msg22068 date=1374174439]
          Tallking with mullick on cryptsy chat I got this in regards to it’s pull from the market…

          mullick: @jeremiel: In fact looking through our conversation He said the system auto suspended the market.

          Which means there is an internal rule within cryptsy to get something delisted. Either the attacker tripped it or something happening within the ftc network tripped it.
          [/quote]

          I can confirm this. I am a moderator for Cryptsy, and this morning our software detected multiple deposit reversals and auto suspended trading accordingly. The wallets however remained accessible until Vern disabled them to investigate the problem.
          [/quote]

          That’s what I want to hear. So, there’s a rule for controlling double-spending based off so many sec lead time for withdrawls probably created because the powercoin problem.

          1 Reply Last reply Reply Quote 0
          • S
            spynappels last edited by

            [quote name=“JesstersDead” post=“22083” timestamp=“1374175318”]
            I can confirm this. I am a moderator for Cryptsy, and this morning our software detected multiple deposit reversals and auto suspended trading accordingly. The wallets however remained accessible until Vern disabled them to investigate the problem.
            [/quote]

            Thanks Jesster, sharing this kind of information allows us to combat the scaremongers. Thank Vern for being his usual efficient self too.

            1 Reply Last reply Reply Quote 0
            • J
              justabitoftime last edited by

              [quote name=“spynappels” post=“22102” timestamp=“1374179191”]
              [quote author=JesstersDead link=topic=2847.msg22083#msg22083 date=1374175318]
              I can confirm this. I am a moderator for Cryptsy, and this morning our software detected multiple deposit reversals and auto suspended trading accordingly. The wallets however remained accessible until Vern disabled them to investigate the problem.
              [/quote]

              Thanks Jesster, sharing this kind of information allows us to combat the scaremongers. Thank Vern for being his usual efficient self too.
              [/quote]

              +1

              1 Reply Last reply Reply Quote 0
              • 4
                4M8B last edited by

                [quote name=“ghostlander” post=“21977” timestamp=“1374160498”]
                The attack purpose is to damage network operations and to discourage miners.
                [/quote]

                Running on 449,218 KHash/s they definetly succeed their intent for the moment :o

                1 Reply Last reply Reply Quote 0
                • G
                  groll Regular Member last edited by

                  [quote]Running on 449,218 KHash/s they definetly succeed their intent for the moment [/quote]
                  the calculation is wrong as he play with the time we make 15 blocks in 30 minutes at diff 74 since retarget so we are about 2Gh/s and growing rapidly.

                  as he made another fork at 51838 until retarget at 51912:

                  the next retarget will use 10H instead of 21H25 of july 18 as start of the retarget window so it add 11h25 to the real window if we make that in 6-7 hours we should retarget nearly as expected. if we takes longer we will retarget at similar diff if we go over 10h we retarget at a lower diff.

                  1 Reply Last reply Reply Quote 0
                  • 9
                    990fox last edited by

                    Being new to mining I really freaked out when I awoke to see all the orphan blocks. After a lot of reading I have to say I am more confident in FTC Than before. This attack makes me want to contribute to the community more than ever.

                    1 Reply Last reply Reply Quote 0
                    • J
                      jeremiel Regular Member last edited by

                      I’m a little confused. My pool network hashrate says near 2.9gh where as the site says the network hashrate is near 500mh.

                      1 Reply Last reply Reply Quote 0
                      • J
                        JesstersDead last edited by

                        [quote name=“wesphily” post=“22130” timestamp=“1374188599”]
                        [quote author=990fox link=topic=2847.msg22123#msg22123 date=1374185761]
                        Being new to mining I really freaked out when I awoke to see all the orphan blocks. After a lot of reading I have to say I am more confident in FTC Than before. This attack makes me want to contribute to the community more than ever.
                        [/quote]

                        Thank you for your support. I can assure you that the only thing this attack has done is sped up the development of our new security features. Bush is working as hard as he can so we should see the results soon.

                        Thank you all for your patience.
                        [/quote]

                        Awesome news. Thanks for all you guys are doing. :)

                        1 Reply Last reply Reply Quote 0
                        • G
                          groll Regular Member last edited by

                          [quote]I’m a little confused. My pool network hashrate says near 2.9gh where as the site says the network hashrate is near 500mh.[/quote]
                          d2(your pool I know) takes 30 blocks here is 60. As the attacker stop the time on the chain for >11h the 60 block here takes the 60 blocks/13h at diff 74 to calculate the hash rate. The reality it’s 60/2h. More then 30 blocks have been found since the end of the attack (the retarget block) d2 is calculating a correct value. The stat page here is now ok also as we are now over the 60 block since retarget.

                          1 Reply Last reply Reply Quote 0
                          • J
                            jeremiel Regular Member last edited by

                            [quote name=“groll” post=“22138” timestamp=“1374190231”]
                            [quote]I’m a little confused. My pool network hashrate says near 2.9gh where as the site says the network hashrate is near 500mh.[/quote]
                            d2(your pool I know) takes 30 blocks here is 60. As the attacker stop the time on the chain for >11h the 60 block here takes the 60 blocks/13h at diff 74 to calculate the hash rate. The reality it’s 60/2h. More then 30 blocks have been found since the end of the attack (the retarget block) d2 is calculating a correct value. The stat page here is now ok also as we are now over the 60 block since retarget.
                            [/quote]

                            i appreciate the response. I noticed the correction then the post.

                            1 Reply Last reply Reply Quote 0
                            • ?
                              A Former User last edited by

                              [quote name=“jeremiel” post=“22068” timestamp=“1374174439”]
                              Tallking with mullick on cryptsy chat I got this in regards to it’s pull from the market…

                              mullick: @jeremiel: In fact looking through our conversation He said the system auto suspended the market.

                              Which means there is an internal rule within cryptsy to get something delisted. Either the attacker tripped it or something happening within the ftc network tripped it.
                              [/quote]

                              Sorry I couldn’t respond earlier. It’s been a busy day. I am only a chat moderator at cryptsy but have contact with vern in case of any issues.

                              That post was in response to a concern a member had. He was concerned vern had not made an announcement as to why FTC trading had been suspended.

                              Vern notified me that something odd was going on with FTC. He had received several notifications for deposit reversals… He stated the system had detected it and suspended all trading for the FTC/BTC pair.

                              This implied to me that vern was not currently at the server but his security measures had done their job.

                              I did not want to cause panic. So i kept the information quite at first until I was able to confirmed. I investigated the blockchain and saw the evidence in blocks 51801 and 51802. I was then linked to this topic. At this time I felt confident to inform the users of what was happening. Further investigation by myself found more evidence listed in the OP

                              I will encourage vern to reply here. I will update you when I have more information

                              But yes the security measures are a result of the recent spree of attacks on extremely low hashrate blockchains. I do not believe the attacks are related due to the fact that all others were below 10Mh at the time. Any bored miner with a decent hashrate could have been responsible. But to pull of something of this magnitude is quite a challenge.

                              But that is just speculation.

                              1 Reply Last reply Reply Quote 0
                              • G
                                groll Regular Member last edited by

                                look at the time of block 52178 compare to other 2h diff in the future, this the max allowed. he is testing all the limit he test the median on his last long fork as he had kept blocks and change the time just over those 6 block 51833-51836 inclusively.I’m a bit surprise he can do with 6 as median would be the 6th one of the 11. i need to check that code correctly as the specification don’t fit. (edit: ok he found 51835 with the low time so 5 blocks each side as expected and means is his block with changed time so he can continue use low time)

                                attacker actual address is 6kStRVT25dG9sRPvGoHZ4izHA6qKJ4E1R9

                                let me guess: will use to retarget lower at retarget time(i see other used, but will not disclose except to dev team as I don’t want to give idea)

                                I see that when at low diff the attacker mines with the network(this address mine legitimately since retarget), when diff goes up he disapear(possibly mining other coin) or attack us. he seems to have sometimes more then 2.5Gh/s but most of the time a lot less). from the last low diff when he still had more then 50% with network at 5.x Gh/s. at that time his address was 6wyj1e7A8E4VpEqAHje3bNREQASpLVeNqA. he found 28 block between 51206 and 51249 (28/43) stats page sow at some point 6Gh/s around that time, but few blocks later when I found this and check back was at 5.2Gh/s.

                                1 Reply Last reply Reply Quote 0
                                • G
                                  groll Regular Member last edited by

                                  at 52236: network is time DOS for 2 hours a head for means of the last 11 blocks, so attacker has control unless he generate less then 6 block per 2 hours or everyone change time to 2 hours ahead.

                                  the attacker was able to generate 6 blocks 2 hour ahead in 11 blocks so no block with current time enter the chain, only blocks ahead of current time can enter.

                                  1 Reply Last reply Reply Quote 0
                                  • R
                                    raptorak last edited by

                                    [quote name=“groll” post=“22167” timestamp=“1374210374”]
                                    at 52236: network is time DOS for 2 hours a head for means of the last 11 blocks, so attacker has control unless he generate less then 6 block per 2 hours or everyone change time to 2 hours ahead.

                                    the attacker was able to generate 6 blocks 2 hour ahead in 11 blocks so no block with current time enter the chain, only blocks ahead of current time can enter.
                                    [/quote]

                                    Explains a lot. Been mining on D2’s pool and just noticed every share over the past 130 minutes has been a reject…

                                    1 Reply Last reply Reply Quote 0
                                    • N
                                      Nutnut Regular Member last edited by

                                      [quote name=“raptorak” post=“22169” timestamp=“1374215103”]
                                      [quote author=groll link=topic=2847.msg22167#msg22167 date=1374210374]
                                      at 52236: network is time DOS for 2 hours a head for means of the last 11 blocks, so attacker has control unless he generate less then 6 block per 2 hours or everyone change time to 2 hours ahead.

                                      the attacker was able to generate 6 blocks 2 hour ahead in 11 blocks so no block with current time enter the chain, only blocks ahead of current time can enter.
                                      [/quote]

                                      Explains a lot. Been mining on D2’s pool and just noticed every share over the past 130 minutes has been a reject…
                                      [/quote]

                                      You still having the issues?

                                      What needs to be done to fix?

                                      1 Reply Last reply Reply Quote 0
                                      • C
                                        chrisj Regular Member last edited by

                                        jamestown on the trollbox was a former miner and believer in Feathercoin. He is now lost to us because of the “5th attack” again a few hours ago. He is saying that he is about to dump a lot of Feathercoin on to the BTC-e exchange and this makes me sad.

                                        If he was just a troll I wouldn’t care but he seems smart and heart broken. That was another attack after the one yesterday?

                                        1 Reply Last reply Reply Quote 0
                                        • S
                                          sheepson Regular Member last edited by

                                          What doesn’t kill us makes us stronger :).

                                          I believe in our dev’s that they will come with a clever solution!

                                          1 Reply Last reply Reply Quote 0
                                          • ketetefid
                                            ketetefid Regular Member last edited by

                                            I will continue mining feathercoin forever. No matter even after 100000000th attack. For me it is this awesome community that makes me continue my belief in feathercoin. Whatever you want to do now, keep your dev team and we will support you.

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post