Bitcoin mining company cloudminr.io hacked, database on sale for 1 bitcoin
Mon 13 Jul 2015
Bitcoin cloud-mining service cloudminr.io has reportedly been hacked, with what appears to be its complete plain-text database of user/pass combos offered up for sale for 1 Bitcoin (approx. $28, or £182).
It’s not clear yet whether or not the unencrypted combos – the first 1000 of which were until recently available on the hacked front page of the site as proof of the veracity of the theft – were stored plain-text or decrypted from hashes. Details on how to acquire the stolen information was pasted to anonymous online clip-storage service Pastebin.
The database apparently contained 79,267 entries. Users who were able to visit the site’s hacked front page had a choice of posted details for the sale available at pastebin, codetidy, pasted or codepad, though all these dumps have since been removed. The perpetrators also invited potential purchasers to contact them on decentralised, Tor-style messaging system Jabber, and supplied the contact address firstname.lastname@example.org for the purpose.
Though the company’s completely-empty Twitter feed issues no advisory to customers, many posts have mentioned the logical precaution for customers of changing any repeated user/pass combinations that might have been included in the exfiltrated database, since very little investigation would be required for a malfeasant to try the logins on other services.
The Cloudminr.io service announced its establishment in early November of last year, later posting minimal details of its Bitcoin mining farm in Norway [ Wayback Machine link as site is currently offline ].
A previous announcement by the company stated:
We will have to stop accepting new orders until a new version of CLOUDMINR.IO is made from scratch. Our developers have estimated that it may take 2 – 3 weeks.
What we can tell now is that we have been hacked, and the hackers were able to access our source code and database, as well as editing it. Right now we cannot be sure that the payout addresses are the correct ones, as well as emails and other data. We do have backups but we need to know when exactly when the hackers gained access to our server.
Part of the bitcoins went to hackers addresses instead of our own payment addresses. Currently we are looking for any logs related to the hack and estimating the losses.
We need to create a new website from scratch on new servers as hackers usually leave backdoors for later access.
Stay tuned. The website should appear blank with a similar warning text to this announcement soon. If it’s changed, please do not trust it.
That’s as much as we know. What we hear is that an unusual number of investors in cloudminr.io’s services came to regard the overnight success of the company as evidence of a Ponzi scheme in play – a business with no underlying investment model producing rapid or unusually regular turnaround in an otherwise unpredictable market, due to a cash inflow from convinced early investors.
At Bitcoin talk, many of the numerous contributors to a thread about the company found that its 220% ROI and frequent ‘giveaways’ seemed too good to be true in a Bitcoin-mining market so competitive, with further alarm bells ringing when returns failed to be paid near to the time of the hack.