Hackers Hijack DNS For Lumens Cryptocurrency Site 'BlackWallet', Steal $400,000

An anonymous reader quotes BleepingComputer: Unknown hackers (or hacker) have hijacked the DNS server for BlackWallet.co, a web-based wallet application for the Stellar Lumen cryptocurrency (XLM), and have stolen over $400,000 from users' accounts. The attack happened late Saturday afternoon (UTC timezone), January 13, when the attackers hijacked the DNS entry of the BlackWallet.co domain and redirected it to their own server. "The DNS hijack of Blackwallet injected code," said Kevin Beaumont, a security researcher who analyzed the code before the BlackWallet team regained access over their domain and took down the site. "If you had over 20 Lumens it pushes them to a different wallet," Beaumont added...

According to Bleeping Computer's calculations, as of writing, the attacker collected 669,920 Lumens, which is about $400,192 at the current XML/USD exchange rate. The BlackWallet team and other XLM owners have tried to warn users via alerts on Reddit, Twitter, GitHub, the Stellar Community and GalacticTalk forums, but to no avail, as users continued to log into the rogue BlackWallet.co domain, enter their credentials, and then see funds mysteriously vanish from their wallets.

XML

"at the current XML/USD exchange rate"

Microsoft's going to be happy with their XML (ab)use!

A fool and his tulip is soon separated

Unless he finds a bigger fool to sell it too before the bubble bursts.

Yes I am sad I didn't get in on this bubble at the beginning but not that sad. Let's face it: Bitcoin is no longer behaving like a currency. It's now a speculative game like tulips.

Alas I am late to this game and you should never enter a market when it looks like the bubble is about to burst.

Not that sad anyway because it's a gamble. If you're kicking yourself for missing the Bitcoin bubble why not invest in some other cryptocurrency now? Yeah. I thought so.

Re: A fool and his tulip is soon separated

I'd say you still have almost a year before it bursts...

Re: A fool and his tulip is soon separated

I'd say you still have almost a year before it bursts...

But it is now deflated!

Re: A fool and his tulip is soon separated

[Highdude702]

Ethereum is rising, slowly.. but rising.

Re: A fool and his tulip is soon separated

Because itâ(TM)s the only way to buy alts... wait until FairX

Re:A fool and his tulip is soon separated

[godel_56]

Unless he finds a bigger fool to sell it too before the bubble bursts.

Yes I am sad I didn't get in on this bubble at the beginning but not that sad. Let's face it: Bitcoin is no longer behaving like a currency. It's now a speculative game like tulips.

Alas I am late to this game and you should never enter a market when it looks like the bubble is about to burst. Not that sad anyway because it's a gamble. If you're kicking yourself for missing the Bitcoin bubble why not invest in some other cryptocurrency now? Yeah. I thought so.

And the best time to buy into real estate was always 20 years ago.

Which OS(es) was/were involved with this breach?

Which operating system(s) was/were being used on the system(s) affected by this incident? Was it Linux?

Whither HTTPS?

This is exactly the sort of thing HTTPS/SSL is supposed to prevent.

Did all the users who lost money ignore the scary browser warnings, or what?

Re:Whither HTTPS?

[sodul]

I'm actually wondering.With https://letsencrypt.org/ letting you automagically get a SSL cert that is trusted by the browsers without warnings wouldn't anyone with control over your domain be able to look good for most browsers?

Re:Whither HTTPS?

DNSSEC is supposed to handle this. DNSSEC would mean as long as the domain name registration (and thereby key registration with the parent domain) was safe, they wouldn't have been able to generate new DNS entries without signing them, so they couldn't have done anything with the dns server they hijacked.
Of course if they managed to get control of the DNS registration then that's another issue.

What's the problem?

The value of all cryptocurrencies is derived from the hacking, robbery, and scams in connection with it, so the thief is just adding some value where previously there was none. Had all your coin stolen from you? Great! You can rest assured that you'd have become a billionaire ten times over with those "coins"!

Any bets?

[cold+fjord]

Any bets this is who is behind it?

Kim Digs for Cybercrime Coin Sanctions Can’t Snatch

And is that leading to this?

South Korea plans to ban cryptocurrency trading, rattles market

Re:Any bets?

Don Jr. wants to be an actual Billionaire, not just a paperdick tigerlilly like his treasonous father?

Re:Any bets?

[bloodhawk]

the payoff for this is just too small to be worth their effort. personally I would hazard a bet at either an inside job or a lone individual. The risks vs payoff are just to small for the more significant parties to be involved.

Re:Any bets?

Damn me for agreeing with you, but this actually is an interesting reading of the Sth Korean stance.

From that Reuters article:

“There are great concerns regarding virtual currencies and the justice ministry is basically preparing a bill to ban cryptocurrency trading through [domestic] exchanges,” [Sth Korean Justice Minister] Park told a news conference, according to the ministry’s press office. [Emphasis added]

Re:Any bets?

[cold+fjord]

Oh, I don't know about that. $400,000 isn't exactly chump change. Besides . . .

U.S. blames North Korea for 'WannaCry' cyber attack

Re:Any bets?

[rtb61]

Let's be honest, it is all about dishonesty. What is the nature of the current cryptocurrency market, it's dishonesty, about cheating taxes, about ponzi scheme, it's about funding criminal operations, not all of it but well and truly sufficient of it to attract criminals to it in droves. That means criminal investors, criminal business and criminal employees. With regard to fraud in that environment, look not further than it's own members. First suspect in all cryptocurrency frauds, have to be it's employees and business operators, they have to prove their innocence, not requiring them, 100% enables them to cheat the system, they designed and control, the required inside knowledge, to exploit the system internally and externally. Shit wages, not a problem, just fill your pockets, owners, managers, tech staff, even janitors (people leave passwords all over). It is the nature of that business, that they must prove their innocence, otherwise you schmucks are going to get ripped of again and again and again.

Re:Any bets?

[gravewax]

WannaCry was hugely disruptive, this by comparison is a blip that affected almost nobody. It also is only 400k PRIOR to laundering, the process of laundering and extracting that money will take a huge chunk out of it.

Re:Any bets?

[cold+fjord]

The point of both was to obtain money. $400,000 is a pretty good haul for limited work. What do you think the average take was for wannacry? I doubt it was $400,000. I doubt laundering it will be a big challenge for North Korea, North Korea is a criminal enterprise in itself. It is possible they won't have to do much if they plug it back into criminal activity on the dark web.

Re:Any bets?

for an individual it is "ok", barely. Remember after laundering which he will need to do quickly he will probably end up with 20-50k. I think the point was for a any organisation of significance this sort of once of hit doesn't make much sense (unless they expected to get much more). wanncry funnelled exponentially more through to the one account, one lot of laundering for a much much bigger pay day.

Re:Any bets?

[Agripa]

All of the things you name also apply to cash.

I can't believe I didn't know about this

[PopeRatzo]

The BlackWallet team and other XLM owners have tried to warn users via alerts on Reddit, Twitter, GitHub, the Stellar Community and GalacticTalk forums

Reddit, Twitter, GitHub and the GalacticTalk forums? OMG, how did I miss this important information?

No worries...

[supremebob]

You can just call their bank and ask them to refund the fraudulent transfer... no?

Ok, how about filing an FDIC insurance cla... nope?

Ok, how about calling the police and having them start an invest... wait, they laughed at you over the phone? Well, that's just mean.

Maybe they can contact their local attorney and... they don't want to take the case because they can't even find the correct plantiff? Damn.

Well. fuck. Maybe this cryptocurrency fad isn't as great as they made it sound on Reddit.

Re:No worries...

Sounds like Trump bank.

Re:No worries...

[CaptainDork]

Or ... Twitter, GitHub, the Stellar Community and GalacticTalk forums ...

Re:No worries...

Don't keep your cryptos in a web wallet. Don't keep them in exchange.

Keep enough copies that you won't lose them.

You'll be fine.

Re:No worries...

They should have emailed their users the warning instead of posting on social media. WTF were they thinking? When did random accounts on random platforms become more important than the actual business itself? You shouldn't need a DNS entry to access your own equipment. If they didn't have physical access to their own data, they should have had the IP address.

Anywhere, where's this exchange which converts XML into USD? I've got tons of vintage XML files I'd like to sell. If anyone's interested, I can email you them for one third the going rate if you want to take care of converting them into cash. I don't have the time to do it myself and one third is better than nothing. It's a win-win for you and me.

Re:No worries...

[euxneks]

This is exactly like if you stored cash at somebody else's house and they got robbed. Do they have insurance? Did they say they would cover any theft of your money? If not, you're probably SOL.

Who the fuck modded up the parent?!

Who the fuck modded up the parent comment?! It's a perfect example of how dumbed-down Slashdot has become lately, and how this dumbing down results in fucking idiotic comments, like the parent comment, getting incorrectly modded up.

DNS and TLS are separate, independent technologies.

One or more DNS requests will be made prior to a HTTP connection, encrypted or not, being made to a web server.

HTTPS certificates and encrypted HTTP connections can't do a damn thing about a DNS server returning an incorrect result, regardless of whether this is done maliciously or not.

In fact, some certificate authorities treat control over the DNS records for a web site as being sufficient proof of ownership to grant a certificate for that web site.

So an attacker who controls the DNS records of a web site could potentially obtain a certificate that browsers would treat as valid.

You clearly have no idea what you're talking about, so please refrain from subjecting us to your utter bullshit.

Re:Who the fuck modded up the parent?!

You clearly have no idea what you're talking about, so please refrain from subjecting us to your utter bullshit.

Neither do you, professor. Strict transport security combined with public key pinning would have mitigated the attack, for the most part at least.

Re:Who the fuck modded up the parent?!

> HTTPS certificates and encrypted HTTP connections can't do a damn thing

It's a perfect example of how dumbed-down Slashdot has become lately.

You can add a HSTS header to your HTTPS website to prevent later hijacking, provide the user has previously accessed to the website. And you can always preload the HSTS policy of your website to the SOURCE CODE of common web browsers (If you have a mission-critical website and haven't done this yet, apply it at https://hstspreload.org/). In addition, Firefox (since 59) and Chrome will mark every single HTTP website as "insecure", and it can also be a stop-gap to warn a proportion of users.

Sure, the protection is still limited to new browsers, and HSTS preloading has a delay of 3 to 4 months, but the HTTPS is still far from best practice. Stop being overreacting and claiming it "can't do a damn thing".

And don't put CRLF to every single sentence you are starting, it makes people believe you are coming from Reddit.

Re: Who the fuck modded up the parent?!

You are the one who is wrong. DNS and TLS are the same thing since the fags at let's decrypt manager to get publicly trusted by all browsers. I control the DNS servers, I control the TLS with the let's decrypt acme. There is 0 reason to trust let's decrypt.

Re: Who the fuck modded up the parent?!

Public key pinning has been deprecated due to being better as a DDOS vector than as a protection method and will be gone from future Chrome. What's left is HSTS which is so negligable for these cases (why are you even listening to port 80?) that parent is right.

Re: Who the fuck modded up the parent?!

Ha Ha Ha!
I dub thee Shephard Scale discussion idiocy!
It can go on forever without true progression in the result.

Each person calls the previous an idiot while advancing the argument in a slightly forward but more lateral way.
It's a perfect logic Shephard scale!

Re:Lindsay Graham should be honored as non-liar

He at least is man enough to report truly what he heard, unlike other Republicunts.

But he's not man enough to own up to his own sexuality.

The ledger and crypto currency thefts

[caseih]

So with most crypto currencies having a public, distributed ledger, how do thieves expect to pass off their stolen crypto coins? The ledger would clearly show any transfers to other wallets, would it not? So theoretically could the thieves be "id'd" in some fashion when they try to sell the coins to other users? I realize the ids are just hashes, but still if the exchanges have backups, they should be able to at least identify the stolen wallet ids, wouldn't they? While it might not be able to prevent the network from processing transactions from these stolen wallets, there should be at least a trace or indication that these stolen coins are moving.

Every time I hear about a theft I wonder about this.

Re:The ledger and crypto currency thefts

[mentil]

It's completely possible to:
a) steal cryptocurrency
b) sit on it
c) wait for statute of limitations for relevant crimes to run out
d) then transfer it safely, knowing noone is paying attention any more or can do anything. if you stole enough, it's POSSIBLE the blockchain would get forked just to spite you... but probably not

I wonder how many thieves have made a fortune doing this, by virtue of the cryptocurrency exploding in value after the theft

Re:The ledger and crypto currency thefts

[pcr_teacher]

Trading in stolen goods is an on-going crime, so the statute of limitations does not apply:
https://www.quora.com/If-a-cer...

Re:The ledger and crypto currency thefts

You launder it just like any other currency, you put it through tumblers and exchanges and convert to other currencies before pulling it out in a country with very lax or non existent financial regulation enforcement. Other methods if you can find a vendor that accepts bitcoin is you buy easily sold virtual goods like gift cards, game or software keys etc which then then hock to a one of the dodgy resellers like those on reddit. sure you lose a large chunk of what you stole but you get the money clean with a very long and difficult trail to track down.

Re:The ledger and crypto currency thefts

[bloodhawk]

Other methods if you can find a vendor that accepts bitcoin is you buy easily sold virtual goods like gift cards, game or software keys etc which then then hock to a one of the dodgy resellers like those on reddit. sure you lose a large chunk of what you stole but you get the money clean with a very long and difficult trail to track down.

The truly amusing part, if they decide to take the software key disposal method, is that some of those that got robbed may actually be funding the criminals that robbed them.

Re:The ledger and crypto currency thefts

You send it to an exchange (either one that doesn't care---read: most--or just do it fast enough that details of the bad coins hasn't been published).

Once it is in the exchange, you convert it to a different cryptocurrency, and then send it to your wallet. Exchanges batch payments, so effectively break the traceable chain. Technically the exchange will have records, but these are not publicly available, and most exchanges don't care (or don't want to think too hard about what they are helping facilitate on a day-to-day basis).

Re:The ledger and crypto currency thefts

Mixer services.

People Really Trust This? Or Seek Great Fools?

"BlackWallet.co, a web-based wallet application for the Stellar Lumen cryptocurrency (XLM)" blurb alone is comical. Do people really pay for this? -or did most get in early at little cost (ie. mining rig and electricity)? It's just amazing that so many will spend real $USD, Euro, Yen, etc for a so-called crypto-currency that someone created with a computer. Where did the value come from?

In the view of many, this is simply the greater fool theory in action. Many putting money in with hopes other greater fools will drive the price up. For those who got in early, congrats. However, at some point, it's near certain, crypto-currencies are going to crash hard. In the meantime, for those who lose money due to hacks like this, that's part of the crypto-currency experience.

Regulation and all that is often touted as bad, unnecessary, etc. Well, until it isn't. For those who lost their coins, no FDIC insurance for you.

As this incident illustrates, even if a service has iron-clad website security, that alone isn't sufficient protection for a site with a high reward value to criminals. The cost of effective security is often far more than many of these wallet services are worth. It's going to take a miracle for most of the crypto-currency wallet / transfer services to get security anywhere near the level of most financial services, which themselves struggle to get security right all of the time.

Cheese

[Frosty+Piss]

the payoff for this is just too small to be worth their effort.

$400,000 buys a lot of cheese.

Re:Cheese

After you launder it (losing significantly in fees and exchanges) etc I think you will find it buys very little cheese. So it might start as 400k, by the time it has been cleaned you could be looking at well under half of that.

Re:Cheese

[Frosty+Piss]

After you launder it (losing significantly in fees and exchanges) etc I think you will find it buys very little cheese.

$200,000 isn't a lot of cheese of one guy?

Re:Lindsay Graham should be honored as non-liar

Neither is kendall.

how do the hackers get their USD out?

I'm not meaning to troll. How easy is it to get $400,000 out?

I'm scared of BTC, so have no clue how if I *had* a half a million in BTC, how would I get that into â £ or $? You know, a currency I can use to buy stuff.

Related, say you were smart, bought BTC years ago. And you live in the USA. How do you report capital gains when you cash out? Is this just like a trade on etrade ?

Re:Which OS(es) was/were involved with this breach

Which operating system(s) was/were being used on the system(s) affected by this incident? Was it Linux?

What does OS have to do with JavaScript injection?

Hey retard APK, you posted that already

Hey retard Alexander Peter Kowalski, you posted that already.
As others have already spanked you like an ugly redheaded step-child I won't point out additional failing of your work which are legion.
Actually I will point out some because you can't defend your work but it is fun watching your flail around trying to.
Your work is easily circumvented, and by easy I mean a small child could figure it out.
It is as effective as an AV scanner that matches only based on file name.
You say it stops inbound connections but that is an outright lie.
Also it requires a recompile when TLDs change, sounds like some right shit design there.
So there we have it folks APK is a retarded spammer, so remember to post as AC otherwise he will stalk you and try to figure out who you are in real life to make it hell for you there too.

Hardcoded favorites in hosts stop it

See subject & APK Hosts File Engine 10++ SR-1 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/

Avoids DNSChangers in routers/IP settings & dns redirect (99++% of ISP DNS != patched vs. it) + DNS tracking & lighten DNS load & resolve faster via local RAM!

Hosts add speed & security (via hardcodes/adblocks, vs. bad sites/malware/poisoned dns), reliability (vs. dns down), & anonymity (vs. dns requestlogs/trackers).

Ads/script/malware rob speed/security/privacy/bandwidth.

Less power/cpu/ram + IO use vs. DNS/routers/addons/antivir + less security bugs/complexity & faster vs. av/addons/routers/remote dns!

* Via what u NATIVELY have in a FASTER kernelmode IP stack (does more w/ less).

APK

P.S. - The problem here = DNS or redirected DNS - hosts hardcodes circumvent DNS thus preventing this issue protecting you... apk

Poor retarded spammer APK

Poor retarded spammer Alexander Peter Kowalski.
When he can't defend his work he just dials the spamming up to 11.
He has never been able to offer any actual proof of his claims so instead he just keeps repeating them in hopes that someone will believe him.

TLD/in-out & /.ers + security pros disagree

TLD's get removed (e.g. .an creating useless BULK to parse on load into RAM so removal = good http://www.theregister.co.uk/2015/03/04/east_timor_was_officially_removed_from_the_internet_yesterday/ & NEW gTLD's get periodically added too!

I account for them in filters thus too, & IF I don't, I can miss them + the protection vs. malcode possibly on them!

This also removes useless bulk if a bogus one is inserted in hosts ala readthisand.fuckoffyoutroll !

(There's no ".fuckoffyoutroll" gTLD)

See subject - /.ers disagree who like + use my work https://developers.slashdot.org/comments.pl?sid=11552701&cid=55852599/ & security pros say hosts = good security https://developers.slashdot.org/comments.pl?sid=11549257&cid=55839269/

Block malware or botnet C&C no in/out talk occurs!

APK

P.S.=> Only HELL is going to be for libel of myself if NOT REMOVED https://news.slashdot.org/comments.pl?sid=11610309&cid=55931109/ - I'm NO pedo & I won't be publicly libeled... apk

Wallet on Tails

These hacks take advantage of exchanges holding wallets for their members.

I setup and mailed Tails USB memory sticks to a couple of relatives who wanted to play with crypto currencies. Showed them how to maintain the bulk of their coins on the persistent volume with that operating system.

Re:Hardcoded favorites in hosts stop it

APK is peddling malware. Beware.

https://www.virustotal.com/en/...

Another "notch on my belt" vs. you (tld) & /.

See subject & I dust you on tld/gTLD https://news.slashdot.org/comments.pl?sid=11610309&cid=55931493/

* HOWEVER: THANKS for sticking up for me today here vs. an unidentifiable anonymous troll who publicly libeled me on /. calling me "baby raper" & "pedophile"

(You in particular HELP ME MORE THAN YOU KNOW this time & w/ your constant FAILS vs. myself on a tech level - double thank you, lol)

APK

P.S.=> Whipslash DID THE RIGHT THING removing libelous posts directed @ myself by a TRULY imo LUNATIC psycho troll that stalks & libels me! Albeit imo he only did that out of FEAR I'd sue him for allowing PUBLIC LIBEL of myself DEFAMING MY CHARACTER & win his "$"...

(Whipslash/Logan Abbott makes iirc 26++ million annually off ads on sourceforge alone & he's NOT in business to LOSE money + he KNOWS he would've been complicit in a CRIME of libeling me if he left it there after I emailed /., called BIZx (& my attorney who said let's do it IF he doesn't remove the libel he'd then be an accomplice to via negligence after my due diligence attempting to resolve it out of court)

How the "mighty have fallen" BENDING KNEE to apk!

Re:Another "notch on my belt" vs. you (tld) &

APK:

I had no fear of you suing me.

In fact, I've been thinking about it, and I absolutely, truly and authentically, WANT YOU TO SUE ME.

I am dead serious. I will give you my email so we can exchange information if you wish. Please, sue me.

1) I have a damn good defense.
2) You will have to come to my jurisdiction. If not, I don't mind.
3) And this is the best part: I, and the rest of the world, will get to see you. Face. To. Face. Even if I lose the lawsuit, I think the end will be worth it.

So, all in all, I AM CALLING YOUR BLUFF. Sue me, Apk.

P.S> Whiplash isn't scared of SHIT from you. He wouldn't lose money from you. He's fully protected, as is Slashdot. Your 'lawyer' didn't say anything, either.

Let me know if you want my info. I will see you in court. Literally. :)

Antivirus heuristics false positives minority

7/67 = false positives (new ones except Sophos & McAfee - both retracted false positive accusation before vs. me + S. Burn of Malwarebytes' hpHosts w/ 6 others in Comodo, ArcaVir, EmsiSoft, NOD32, Norton & Qihoo)!

MAJORITY = clean!

NO "1st"! I'll beat 'em AGAIN on it!

* EVERYONE KNOWS AV HEURISTICS FAIL via false positives(like on NirSoft too)!

you LOSE & EVERYONE KNOWS AV PROGRAMS = FULL OF SECURITY ISSUES (Tavis Ormandy anyone?) + slow you (hosts speed you up 2 ways)

(I never lose vs. FALSE ACCUSATIONS by unidentifiable anonymous trolls like you proven in your MISTAKES in a p.s. link below & especially vs. FALSE POSITIVES!)

On a guess?

NEW ones will say "anything altering hosts = bad" BULLSHIT!

FACT : Hosts hardcodes protect vs. THIS ARTICLE's PROBLEM

APK

P.S.=> FACT: You lost on ROUTERS https://news.slashdot.org/comments.pl?sid=11610309&cid=55930587/ (hilarious - you = DUMB as a box of rocks on resolution order - hosts resolve 1st)

LOL! Questions 4U unidentifiable pusscake

See subject & answer these: Are you the one that called me pedophile & baby-raper (I've got screenshots)? Are YOU Logan Abbott/whipslash?? How can I sue an UNIDENTIFIABLE trolling little stalking psycho like YOU when I don't KNOW WHO YOU ARE? Lmao - your brain is "touched", dimwit! Your "jurisdiction"? Of nowhereville?? I don't KNOW WHERE YOU ARE STUPID!

* Folks here KNOW what I look like & have seen my photo (I look good & am NOT afraid to show myself (unlike a runt DWEEB unidentifiable COWARD like you, lol)).

APK

P.S.=> Speaking for whipslash are you? Let him just tell me to leave (he knows it's 'bending knee' to me again, in "martyring me" as I have SO MANY LIKE YOU on tech & especially vs. me on hosts where I ANNIHILATE "your kind" easily hiding or using multiple sockpuppet FAKE NAMES for your FAKE do-nothing "ne'er-do-well" LIVES, lol))... apk

Re:LOL! Questions 4U unidentifiable pusscake

No sock puppets. No Vpns, no nothing.

I am not Whiplash. I am, yes, the one who called your pedophile for raping a minor under the age of 13.

My Jurisdiction is Alabama and my name is Mike. Want to keep going? Are you going to sue me, or not? Scared?

Re: Which OS(es) was/were involved with this breac

But I've been told Macs don't get viruses!

OMG - RoTfLmAo @ U "Mike Alabama"

See subject (you can't PAY for this kind of amusement @ your expense). I mean I KNOW education's poor in the south vs. the north but "big help" there, lol, "Mike Alabamy" hahahahaha! CLUE - that's not telling me anything useful - figures, you're not useful & trolling UNIDENTIFIABLY off-topic all butthurt as you are stalking me like the NO BALLS COWARD you are punk!

* I lived & worked in Alabama (Mobile/Fairhope - love the place right on the Gulf & the folks there (older mostly & boaters/crabbers/fishermen/sportsmen) but you give me every reason to NOT like you, no balls.

NewsFlash/NEW News: IIRC, /. isn't in Alabama either, I am NOT IN YOUR "JURISDICTION" & IF I SUED YOU? You'd have to come to MINE stupid... how f'ing DUMB can someone be (you top the list, lol).

APK

P.S.=> Classic & priceless humor - "your kind"? You hurt the IMAGE of the deep south fool, you're so DAMN STUPID lol... apk

Re:OMG - RoTfLmAo @ U "Mike Alabama"

How am I shaking and scared when I am ASKING YOU to sue me? Jesus. You really -are- an autistic little man.

And no, if you sue ME, you have to come to ME for that. It's on the accuser, not the accused. Idiot.

I asked you if you wanted my information. I want you to sue me, you autistic fuck. Do it, or piss off like the little bitch you are.

I hurt the image of the deep south? no, I just showed you that we don't put up with autistic men who spam. And I assure you -- My balls are much larger than yours. SUE ME.

Jesus. You can't threaten someone then back out when they call your bluff.

only idiots use online wallets

[slashmydots]

The title says it all. My Siacoins are in my local wallet and it's like 4GB of data to hold the entire blockchain. Stop being lazy, people!

No balls libeler "Mike Alabamy" you're trash

See subject & ONLINE southern TRASH I can't bring suit on "Mike Alabamy" who has no balls & libeled me calling me pedo etc. as you post UNIDENTIFIABLE off-topic & Mike from Alabama, lol isn't info I need (there must be 1,000's of MIKE's there dumbass) w/ you stalking me constantly & THEN LOSING on tech too!

HOWEVER: I have all the "info" I need on a punk like YOU projecting you have NO BALLS in anonymous unidentifiable libel!

NO, you're a do-nothing "ne'er-do-well" psycho loon stalker proving it all the more who libels me projecting your butthurt (how bad did I mess you up taking you down on tech that you've gone LOON like you have?).

Civil WAR anyone? LOL! You just LOST it again, lmao! Yup, I "hear them thar banjos a playin' " lol!

Suing you = Waste of time most likely. You're doubtless a penniless fool living in mama's basement or in a tarpaper shack on the 'bayou', lol...

You've shown EVERYONE what "Mahk Alabamy" (you) is all about (nothing/zero/loser).

APK

P.S.=> "Big man" stalking me by off-topic UNIDENTIFIABLE anonymous posts there "Mike Alabamy"! BEST PART? Your LIBEL of myself calling me pedo & babyraper is "gone w/ the dawn" pussy - you lose, lol! It's what "your kind" does vs. me *chortle*/*snicker*... apk

Re: No balls libeler "Mike Alabamy" you're trash

Again, sue me. You made a claim to sue me now do it. Quit making posts showing how retarded you are and make good on your "threat"

I asked you plainly if you wanted me to give my info and email. You have yet to respond. I gave you my name and all you did was attempt to make a joke (you're an idiot) - so, apk, I ask again! What info do you want? I already offered my email. Or would you rather just sit here and make fake threats, apk-the-molester?

This is several times now I've called your bluff. And all you've done is what you normally do - show fake and bloated feelings of grandeur (which you obviously don't have so your autistic brain makes it up lol)

This is your last chance, Chester. Sue me. I'm begging you to.

Either that or GTFO. Blowhard.

P. S. For someone crying like an autistic child fucker, you sure do throw "made up names" at everyone you coke across. I'd love go hear the email and voice mail you left Slashdot. I bet they're laughing their asses off at the screeching and sobbing.

Come on Chester.

Jesus fuck retard take your shit elsewhere

Jesus fuck retard take your shit somewhere else.
I don't want to be associated with you.
Go post elsewhere, as this is where I call him a retard, not where you make horrible claims.
As I tell APK all the time provide some actual real fucking proof, not wild speculation, not some crap on some random website.
You are the one making claims now back them up.
Me, I'm the guy who calls APK a retard.

Stupid, Mike "alabamy" != even your name, lol

Read subject 'sethern boy' & I bet the judge in your hamlet is yore "Uncle Daddy" (lmao) - yea I heard how "your kind" is down there in them thar bayous!

You are just TOO dumb - My name isn't Chester you "BRAVE" sethern gentilmin (lol, trying best 'sethern accent').

Where did I threaten to SUE you?

AGAIN you INBRED bamy BOY:

I can't sue an UNIDENTIFIABLE anonymous "Mahk Alabamy" BOY with no name & address who libels me calling me pedophile & babyraper (such 'courage', lol - not - EXEMPLARY of you FINE "sethern gentlemin" punks that lost the civil war)!

* You're not much of a man "Sethern wally" & NONE of your 'sly kind' is & dumbass (how to bring suit on that & would I want to even? I know you're a loser & a worm with NO BALLS!).

I don't go for 'setups' the 'sethern way' (you'd probably have me 'lynched' if I were STILL in Alabama working, ala the "sethern BRAVE" way ala the KKK on blacks 10 to 1)

At least not until President Trump alters laws EVERYWHERE on libel (which he said the other day he is since he's been shit on by scumbags)).

APK

P.S.=> See subject 'sethern BOY' - & learn to READ - I can't bring suit on "Mahk Alabamy' (lol, I picture you as a bony runt living in a tarpaper shack, probably stolen phone line you strung to your 'shaid', lol)... apk

Re:Stupid, Mike "alabamy" != even your name, lol

Proven coward and liar. I knew you couldn't and wouldn't muster the balls to follow through. I offered my info. I you refused and deflected with insults. Way to go, baby.. Errr Chester. You lost all credibility. I've completed my day. Btw my log in name for Slashdot has spoken to you before. If you looked you'd find it. I've given you all the info I need and you need. If you asked and accepted I'd just tell you but you're a coward who lost his chance for greatness. 6 digit ID. Simple, domain specific email. You blow more smoke than a hooker. Bye Chester.

Thanks for sticking up for me again... apk

See subject & @ least you (even if by unidentifiable ac posts) keep it technical - that 'sethern bitch' doesn't & project I beat his ass on tech & he's just a "butthairt sethern gentilmin" punkass worm.

APK

P.S.=> Like you said? I can't BELIEVE I am saying 'thanks' to you but you're not LOW ("sethern low", lol) like "Mahk Alabamy" - a real "CREDIT" to the South, eh? Not... apk

I asked you a question, answer it... apk

You're a coward behind unidentifiable anonymous libelous posts.WHERE'd I threaten to sue YOU specifically? Clue inbred dumbass - I can't sue a ghost w no name!

Again you inbred 'sethern gentilmin' (not) whimp - "Mike Alabamy" != your real name

&

I have no idea what PART of the bayou swamp yer "tahpapuh shaid" is located in there (lol, doing best 'sethern accent' so you feel "raght @ home").

* You never had credibility & you're just online "SETHERN TRASH", another butthurt BITCH from the "dirty ole' south" that lost a war to us Northerners up here in "the land of the ice & snow" (better than your knat filled swamp full of punks like you that libel others behind UNIDENTIFIABLE anonymous posts calling me pedophile & babyraper (which I'm not BUT I BET YOU ARE in YOU PROJECTING IT, lol)).

Say HELLO to your inbred "Uncle DADDY" for me, ok? LMAO! Georgia folks told me that about "your kind" & it's obviously truth - you PROVE it.

APK

P.S.=> I couldn't trust anything an "honorable (not) 'sethern scum'' put out as another LIE from you anyways (how can you LIVE w/ yourself? You're no man - you're a punk & you SHAME your fellow sotherners (who aren't ALL like "your kind", INBRED trailer trash))... apk

Addendum vs. your libel (from malwarebytes)

Pertinent email excerpt from S. Burn @ malwarebytes on my CURRENT code build he looked @ & he says it's falsepositive:

Alex,
                  It's an F/P (server hasn't been compromised, and file is the same as it was when I uploaded it).

  I'll get hold of the Sophos and McAfee guys.

  Regards

  Steven Burn

APK

P.S.=> So FUCK YOU asshole who is libeling me & stalking me... apk

Re: Addendum vs. your libel (from malwarebytes)

7 more still say it's infected. Keep up kiddy diddler. Your software is malware and now everyone knows.

Not for long & you can't even count, lol

See subject: It's only 5 more & I'll get 'em overturned (folks here saw me do it before) & when it's done & Pres. Trump amends libel laws? BITCH, we'll see what happens w/ you too (I'll get your IP address IF I have to this site's logs to do it & go from there to your ISP 1st, & if need be legally via other means) - I'm a patient person & when I'm right, I'm right. I am right & you are TRAILER trash online.

You're done BOY ('sethern SCUM Mike from Alambamy' who can't even COUNT you're such a fucking LOSER hick)!

(... mark my words - you're libeling me attempting to defame my character publicly, you are done...)

APK

P.S.=> You little PUNK with NO BALLS do-nothing "ne'er-do-well" UNIDENTIFIABLE trolling little worm... apk

Re: Which OS(es) was/were involved with this breac

what have virus's got to do with JavaScript injection?

OK, what's your name & address you libeler

What's your REAL name & REAL address "Mike from Alabama" (I never raped ANYONE much less a minor & I'm no pedophile) along w/ your registered username here on slashdot bigshot.

* You flapped your cocksucker - now make good on it (I'm going to make you regret the day you were born you fucking scumbag motherfucker).

APK

P.S.=> Let's see if you have any balls you UNIDENTIFIABLE anonymous lying little "ne'er-do-well" cocksucker... apk

Ok then, give me this information... apk

Even if I lose the lawsuit, I think the end will be worth it." by Anonymous Coward LIAR LIBELER I AM GOING TO DESTROY on Monday January 15, 2018 @12:23PM (#55932401)

What is your REAL name & address with your slashdot registered username you claim to have that's 6 digits?

Your 'good defense' probably is insanity in some form is my guess (doesn't matter, I am going to make you regret libeling me and saying I am a baby raper, pedophile, kiddy diddler (all lies & libel about me)).

I don't think you understand something - I am going to fucking END you...

* COME ON COCKSUCKER - ANSWER THOSE QUESTIONS TRUTHFULLY... we'll see what happens!

APK

P.S.=> See that quote from you - you'd lose motherfucker & IF you were to SOMEHOW get off w/ a 'slap on the wrist' because you're DECLARED LEGALLY INSANE? Then worse things will happen for you... apk

Re:Ok then, give me this information... apk

You lost your chance, Chester. I asked you several times what information you wanted as I begged you to sue me for over an hour. Yet you just sat there, diddling a child and spouting off with some nonsense autistic screeching about how you're some sort of demi god.

Poor guy. You really are a proven idiot and now, with all of these, everyone has more info on how stupid you truly are.

You had your chances. Now you're just on your own, just like you were when you chased those boys in to the bathroom at your highschool job.

"End me" baby! End me so hard. Please.

Btw: I am surprised to see you still flapping your autistic, gingivitis gums so long after the fact. Just proves that you are so pathetic and lack any sort of life. Good thing the doctors realized your damaged DNA (Remember, you're 6 weeks premature, which causes your autism) made you sterile and we don't have to worry about a sick fuck like you breeding with someone (forcefully or not.)

See you on the flip side, Chester.

P.s. Like I said before - You've interacted with my non-AC account before. You've got the ability to find it. Go to work, chester. And stop calling people out for being AC when you, yourself....are AC! Lol! You anonymous blowhard coward. -- Did I get that right? Come at me. I've got some pretty damn good plans for you, and they'd make me a fortune in doing so! (btw: Libel isn't an arrestable offense, douche. You truly -are- the low end of autistic when it comes to IQ.)

Later, Chester. Leave the kids alone for one night, k?

Ok you chicken-dick little motherfucker

Even if I lose the lawsuit, I think the end will be worth it." by Anonymous Coward LIAR LIBELER I AM GOING TO DESTROY on Monday January 15, 2018 @12:23PM (#55932401)

What is your REAL name & address with your slashdot registered username you claim to have that's 6 digits?

Your 'good defense' probably is insanity in some form is my guess (doesn't matter, I am going to make you regret libeling me and saying I am a baby raper, pedophile, kiddy diddler (all lies & libel about me)).

I don't think you understand something - I am going to fucking END you...

* COME ON COCKSUCKER - ANSWER THOSE QUESTIONS TRUTHFULLY... we'll see what happens!

APK

P.S.=> See that quote from you - you'd lose motherfucker & IF you were to SOMEHOW get off w/ a 'slap on the wrist' because you're DECLARED LEGALLY INSANE? Then worse things will happen for you... apk

Knew you were full of it... apk

See subject: You said you WOULD give up your real name & address - now you won't? You're a liar & a libeler of myself proving it all the more.

PROVE that I did what you said (I never did, you are both lying & libeling me) in "diddling little kids" or "chasing boys into a bathroom"!

You can't do THAT either (impossible, never happened, as I am NOT A 'sex offender' or 'child molester' or 'baby raper' as you called me lying & libeling me).

* You did the job on yourself & aren't worth any effort from me whatsoever, coward liar.

APK

P.S.=> Thanks for proving my point that you're a piece of TRASH 'sethern SCUM' & nothing more (even others in the 'retard troll' told you to fuck off - take their advice scumbag that you are HIDING behind UNIDENTIFIABLE anonymous posts libeling me and lying)... apk

Re:Knew you were full of it... apk

Says the one hiding behind an UNIDENTIFIABLE anonymous post?

Pot, meet kettle.

UNTRUE - I id myself via "APK" @ in posts

See subject: @ bottom of my posts I 'sign off' + my unique posting style, "p.s." & all (trolls try impersonate me via poor imitation (flattery) of my style but fail like u now FAIL to live up to ur word giving up ur REAL name/address & registered luser account here on /. too).

APK

P.S.=> I've literally got 100's of times they tried which I caught them in signalling it wasn't I when I was impersonated (many others said it for me beforehand saying "FAKE APK" etc. too)... apk

Additionally - you're not only a libeling liar

See subject: Additionally you're also a HYPOCRITE pot calling a kettle black posting UNIDENTIFIABLE anonymous now in your scumbag post I reply to here!

(I id myself via APK signoff, you don't).

My other reply to you did the rest of the job on you & "your kind" (online cowardly trolling libelous lying shitbag TRASH) https://news.slashdot.org/comments.pl?sid=11610309&cid=55949629/

&

PROOF YOU are a 'sethern SCUM' LYING LIBELER spreading lies about me trying to DAMAGE my good name https://news.slashdot.org/comments.pl?sid=11610309&cid=55948711/

&

you ADMIT you know you'd lose a lawsuit for libel vs. myself too!

Well, tell you what fucker:

When President Trump reworks the LIBEL laws (& he is working on that being a victim to them himself)?

MOTHERFUCKER, I am COMING FOR YOUR ASS in a court of law for starters (bank on it) & cocksucker, I am coming FOR YOU personally too...

APK

P.S.=> Write your will motherfucker (doubt you have a damn thing you obviously INSANE (your 'good defense' is probably mental incapacity) behavior libeling & stalking me... apk

Re:Additionally - you're not only a libeling liar

Hey, pre-teen fucker;

I'm bored again. Come play.

-signed,
The one who made you cry on the phone to Slashdot.

3 days later pussy? LOL!

You said you'd give me your REAL name & address + your /. registered lusername! More lies as usual (as you did about me)

(I think you know what'd happen IF I had that information & it wouldn't be good for you on ANY level...)

* You're a joke - but I think you KNOW that about yourself (since you proved it here constantly libeling me & telling one lie after another).

APK

P.S.=> You're scum - but when those libel laws change after President Trump reworks them (& he is)? You're done - bank on it you penniless waste of life... apk

Re:3 days later pussy? LOL!

Ahh, I knew I could count on your autistic need for grandiose feelings to come back here!

Poor guy.

On another note, I am fairly certain you, as a small little man who rapes children, cannot do a single thing to me. Except maybe spit on me when you're screeching autistically at me.

Btw. I heard the call you placed. I, and everyone else here laughed, as did those who 'leaked' it to me. Poor guy. Explains why you're not married. Then again, when they find out about your registering as a sex offender...they don't tend to want you. And you have a severe case of micro penis.

P.S.=> I'm convinced you're related to Chris-chan. Have you had your vaginoplasty yet?

Let's see your PROOF I'm a sex offender

Let's see your PROOF I'm a sex offender: Impossible to prove as I'm not one & you said you'd give your real name/address & didn't.

* By the way - I called /., but NOBODY ANSWERED & no message was left (wasn't possible either), liar.

( You're nothing but lying trash & online scum as well as a TRUE coward whimp weasel, nothing more)

APK

P.S.=> This should be fun seeing you "flail about" w/ bullshit as it's impossible for you to prove I'm something that I'm not... apk