fbpx

#Security

Bitcointalk.org hacked, site currently down

By  | 

Update 1

Theymos has posted on a Reddit thread that he is willing to give 50 BTC as reward to anyone who finds out how Bitcointalk was hacked.

Theymos notes that chances are that attackers may have executed arbitrary PHP code and may have gotten access to the database. Theymos notes, “The forum will be down for a while. Backups exist and are held by several people. At this time I feel that password hashes were probably not compromised, but I can’t say for sure. If you used the same password on bitcointalk.org as on other sites, you may want to change your passwords.”

The administrator has revealed that passwords on Bitcointalk are “hashed using sha256crypt with 7500 rounds.” He also notes that the injected JavaScript into the avatars directory “seems harmless.”

Theymos goes on to add details about the hack from what he has understood through the analysis. Head on here to read more on that.

“Figuring out the specifics is probably beyond my skills, so 50 BTC to the first person who tells me how this was done”, concludes Theymos.

Original Story

According to reports and videos making rounds online, Bitcointalk.org has been hacked and as it stands the site is currently unreachable.

According to various status websites, Bitcointalk has been down since nearly 6 hours. The forums have been allegedly hacked by “The Hole Seekers” according to a video (below).

“Hello friend, Bitcoin has been seized by the FBI for being illegal. Thanks, bye” reads one the message in the video. This is obviously a joke and it seems that it has been directed towards recent arrest of Ross Ulbricht and shuttering of Silk Road.

There is no further information available currently, but according to post by Bitcointalk’s administrator “Theymos” on a a Reddit thread the source code of Bitcointalk and JavaScript payload have been made available online for anyone to download. Further Theymos claims that on analysis of the payload nothing suspicious has been found.

Developing….