Ответ: FloatingFastProfit - Floatingfastprofit.com
Цитата:
Сообщение от drveb
Подскажите как вывести денежки! Извините,если не в тему,просто я недавно тут. Загнал 10 $, а как вывести не знаю.
|
забудь по чирик!
вот что пишут
Added on Friday, March 8, 2009 8:44am
---
I'm still waiting reply from LibertyReserve Abuse dept.
If you can help me, please visit this thred on TG forum
---
Added on Friday, March 7, 2009 10:00am
---
Dear members,
Here is a bit of technical information about hack:
1. I can easy login into main account without any problems. Be informed what after last downtime, LibertyReserve has implemented a new security options such as IP security. So, anyone, except me, can't access to main account and options of XML API interface.
2. All security options for XML API interface has been properly configured. I mean, the "IP filtering" has been set for our server IP address. So, anyone can't use the XML API interface from another IP address. No new added XML API's was not found.
3. Our script which process the payouts via XML API have serious restrictions: the payout amount can't be send to the script, the payee account number can't be send to script, max. amount for payout is $200 per transaction.
4. Security word for script always sends via HTTPS secured connection.
5. I have checked our server security and all folders where scripts are located - no new files or changes. Of course, I'll send request to the hosting provider regarding additional information.
Only one transaction has been made via XML API, but for ALL amount. Hacker must know the account balance before. How? I think, via XML API also.
I continue investigate the situation. Also still waiting reply from LibertyReserve Abuse dept.
---
Added on Friday, March 7, 2009 12:33am
---
More proofs here
Original source link:
https://www.libertyreserve.com/en/se...fer/index.aspx
---
Added on Friday, March 6, 2009 10:07pm
---
I just sent detailed report to LibertyReserve again.
Here is the message:
---
Hi,
Somebody stolen a main part of funds from my LR account via XML API.
Here is hack transaction:
XML API
Date: 3/6/2009 18:03
Batch#: 12750129
Account: U5375926 (account)
Amount: $4037.76
Fee: $0.00
Balance: $10.00
Be informed:
1. XML API Security word can't be stolen - 100% true.
2. To do this dirty job hacker must know the amount of the funds to stole the funds. How?
3. IP filtering is always ON for XML API! ONLY requests from our server can be processed!!!
4. Our server and scripts is fully secured, tested more then 1 year.
5. The amount for transactions via XML API is always get from the internal MySQL database and NEVER send to XML API directly.
6. Our PHP scripts have restriction: $200 per XML API transaction.
Please, if you need additional information I can send immediately.
---
PLEASE, SEND REQUEST TO LIBERTYRESERVE THEY MUST BLOCK U5375926 (account) ACCOUNT!
---
Added on Friday, March 6, 2009 1:55pm
---
Dear members,
It's a shock! Fast security check ...
I checked all scripts on the FloatingFastProfit server - no changes, no new files, no security warnings.
I checked LibertyReserve U6001669 (FloatingFastProfit.com), sections XML API - in progress ...
Scam transaction was done via LibertyReserve XML API interface, but I can't understand how!?!?!
All security options in LibertyReserve account is ON. Of course, the IP filtering for XML API interface is ON!
All API transactions can be done only from FloatingFastProfit server IP, because the IP filtering for XML API interface is ON!
Here is screen of U6001669 (FloatingFastProfit.com) account
I continue investigating the situation ...
---
First message
---
Dear members,
Very bad news.
ATTENTION: Our main LibrtyReserve account: U6001669 (FloatingFastProfit.com) was hacked via LibertyReserve XML API interface! I already sent complaint to LibertyReserve Abuse department.
Information about scam transaction:
API
Date: 3/6/2009 18:03
Batch#: 12750129
Account: U5375926 (account)
Amount: $4037.76
Fee: $0.00
Balance: $10.00
Please, contact LibertyReserve also to block U5375926 (account) account immediately!
Give me 1 hour, I'll prepare detailed report.