在线钱包有风险,使用需谨慎,Input.io不久前被攻击了
各位使用在线钱包的童鞋们当心了,一家名为inputs.io的在线钱包网站遭到攻击,损失约为4100BTC。
所以大家以后使用钱包可要悠着点,最好使用一个比较可靠的存储方式,本地钱包,脑钱包或者纸质钱包。
下面贴出黑客在攻击后贴在该钱包主页的全文,大家自己看吧:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Two hacks totalling about 4100 BTC have left Inputs.io unable to pay all user balances. The attacker compromised the hosting account through compromising email accounts (some very old, and without phone numbers attached, so it was easy to reset). The attacker was able to bypass 2FA due to a flaw on the server host side.
Database access was also obtained, however passwords are securely stored and are hashed on the client. Bitcoin backend code were transferred to 10;15Hd@mastersearching.com:mercedes49@69.85.88.31 (most likely another compromised server).
What about my coins there? If you stored more than 1 BTC, send an email to support@inputs.io with a Bitcoin address (preferably, an offline, open source light/SPV wallet like Multibit or Electrum). Use the same email you're using on Inputs. Please don't store Bitcoins on an internet connected device, regardless of it is your own or a service's.
I know this doesn't mean much, but I'm sorry, and saying that I'm very sad that this happened is an understatement.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQEcBAEBAgAGBQJSeuZ9AAoJEB7FawRj3T8Th5QH/iapt2DUuyy1j7t51y1N1LOk
+Gu5fdIAV8molXnv+InMQvxtfxWfc7zKiROSP6Zv1cXdvMrCyzKP+SnTEFshIa+0
j2FYOgLeMNmsPSw8yeR1O8vJieYlK+7imEZL4nRKA+O+mjqCT1nTCtBUAVcYQ8Uu
O6BoNLkgT8z/1ZTfw+OK4t2kw9KcC317JOv3yVugfA3xCn4HbKPRP2yFIKR49C7L
w7C2h3L1jHqLerQNjbowcyKH83BFJ2IB0cFZFFCLBI+8NQcUIcIFymxrxUV73Rqa
xlMPX2rPFcIj6yz0ABl1t2rwY2DGOvc33MYCzX82CumLx/qAXCd2uF/jG6fzQ5M=
=Ip/9
-----END PGP SIGNATURE-----
Access inputs.io if you want to verify your balance, look up your transactions, etc. Don't add coins.
文章来源:https://inputs.io/
微信掃描關注公眾號,及時掌握新動向
2.本文版權歸屬原作所有,僅代表作者本人觀點,不代表比特範的觀點或立場
2.本文版權歸屬原作所有,僅代表作者本人觀點,不代表比特範的觀點或立場