Slashdot Mirror

← Back to Stories (view on slashdot.org)

Bezop Cryptocurrency Server Exposes Personal Info of 25,000 Investors (threatpost.com)

Posted by BeauHD on from the leaky-faucet dept.

lod123 shares a report from Threatpost: A leaky Mongo database exposed personal information, including scanned passports and driver's licenses, of 25,000 investors and potential investors tied to the Bezop cryptocurrency, according to researchers. Kromtech Security said that it found the unprotected data on March 30, adding that it included a treasure-trove of information ranging from "full names, (street) addresses, email addresses, encrypted passwords, wallet information, along with links to scanned passports, driver's licenses and other IDs," according to the researchers. Kromtech researchers, in their overview of the results of its investigation, said that Bezop.io, the organization behind the currency, immediately secured the data after being notified. Bezop is one of over 1,000 cryptocurrencies in a crowded playing field vying for investor attention. According to Kromtech, the list of 25,000 people included both current and prospective investors promised Bezop cryptocurrency in exchange for promoting the cryptocurrency on social media.

28 comments

  1. Frist post? (sic) by TimMD909 · · Score: 1

    MongoDB is so WebScale that even leaks from servers get better performance! WebScale!

    1. Re:Frist post? (sic) by Anonymous Coward · · Score: 0

      Damn you sir, I came here to post this sort of nonsense.

      I mean, except, it isn't nonsense. Granted, it took many other database providers and Linux distributions fucking forever to stop exposing their shit like a Hollywood pervert - but the idea in software should be to learn from the past.

      Mongo has a history of scaling up so it can leak information at speeds that a conventional RDBMS cannot match.

  2. McAfee Strikes Again? by mschwanke97402 · · Score: 1

    Isn’t this the crypto currency that John McAfee was promoting? Good security job there dude!

    1. Re:McAfee Strikes Again? by Anonymous Coward · · Score: 0

      yes. and he said these guys are e-commerce experts going to topple amazon

    2. Re:McAfee Strikes Again? by war4peace · · Score: 1

      No, he promoted Verge.

      The fact that the MongoDB Database was unsecured means that the admin(s) didn't know what they were doing. What's really worrying is that there's 25K people out there willing to provide very sensitive information in exchange of a promise, which is very likely to be as empty as my bank account.
      I was interested in investing a very small amount of money into an ICO a few months ago. When I saw what they were asking me to provide I laughed, turned around and dropped the deal.

      --
      ...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
    3. Re:McAfee Strikes Again? by Anonymous Coward · · Score: 0

      McAfee promotes a different cryptocurrency each week. Bezop was one of them.

    4. Re:McAfee Strikes Again? by war4peace · · Score: 1

      I apologize. I only knew about Verge and then stopped giving a shit..

      --
      ...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
  3. All cryptocurrencies are Ponzi Scams by Anonymous Coward · · Score: 0

    Are (any) fiat-currency and (any) cryptocurrency really equivalent, as cryptocurrency fans claim?
    For example, US Dollar and Bitcoin are really equals?
    Value/validity/authorization of US dollar is provided/guaranteed by US Government (and in-turn whole US Public)!
    Also, not to mention, US Dollars in any US Bank is insured by US Government!
    What authorization/guarantee/insurance is behind Bitcoin? Nothing!
    Sorry but that is the end of discussion then!

    Why do you think Satoshi Nakamoto is really hiding his identity, if Bitcoin is really such a great innovation?
    He is just someone does not like media/fan attention?
    Or, could it be really because Bitcoin (and all cryptocurrencies followed it) are actually Ponzi Schemes?
    (So he knew very well that law enforcement would come after him sooner or later?!)

    If so-called cryptocurrencies are really good innovation, why they attract so many criminals/criminal activity?
    Could it really be because, all cryptocurrencies themselves are scams, and that is why they attract all kinds of criminals/criminal activity?

    If so-called cryptocurrencies are really currency, why no company/store can use Bitcoin as currency anymore?
    Because the price of Bitcoin proved to be extremely unstable to use as a currency?
    Would the result be different, if Bitcoin replaced by any other "cryptocurrency"?
    Aren't all work the same way?

    If so-called cryptocurrencies are really money; isn't people issuing their own money, illegal already, in all countries?
    If so then, why they are still not banned in all countries?

    Or, they are not actually virtual currency but virtual investment?
    But, if they are actually investment, why we need/want them?
    What would happen to world economy, if people invested in virtual investments, instead of real investments?

    Or, all so-called cryptocurrencies are actually just a modified (made decentralized and paying variable interest) Ponzi Schemes?
    (Price of cryptocurrencies would keep increasing in the long term (by their design), so it is equivalent of paying variable interest to all long term investors.)

    As more and more people invest in cryptocurrencies, it will become harder and harder to ban their trading everywhere!
    All cryptocurrencies need to be banned globally before it is too late!

    1. Re:All cryptocurrencies are Ponzi Scams by Highdude702 · · Score: 1

      If so-called cryptocurrencies are really good innovation, why they attract so many criminals/criminal activity?
      Could it really be because, all cryptocurrencies themselves are scams, and that is why they attract all kinds of criminals/criminal activity?

      You could say that about any currency. Replace crypto currency with USD in that sentence. Criminals are attracted to money. Cash is just as if not more so anonymous than most cryptocurrencys. Criminals love cash!

  4. Who? by AndyKron · · Score: 1

    Awesome! Who's going to jail for letting this happen?

    1. Re:Who? by Anonymous Coward · · Score: 0

      More importantly, who's going to jail now that this did happen? If I was someone working at the IRS, I'd be licking my chops for such a list! (Names, Addresses, etc) I think they even get a prize if they report people who didn't pay their taxes. That's not to say cryptocurrency investors don't pay their taxes, it's just harder for them to know who to check without lists like these!!!

    2. Re:Who? by Highdude702 · · Score: 1

      I know people with mining farms, data center sized. They all pay taxes because that's a lot of money to end up losing otherwise. Which if you noticed right after tax time all coins prices started to go up again. I believe its artificially inflated around tax season as to not have to pay so much on gains. But that's just my tin foil hat theory.

  5. Read that as Bezos' cryptocurrency. by Anonymous Coward · · Score: 0

    And thought the founder of Amazon was involved.

  6. Just what you want from a crypocurrency... by 14erCleaner · · Score: 1

    Why on earth did they need people's scanned driver's licenses and passports? What kind of fool would give that up to invest in an "anonymous" currency? The mind boggles....

    --
    Have you read my blog lately?
    1. Re:Just what you want from a crypocurrency... by Anonymous Coward · · Score: 0

      Well, if a person is fol enough to "invest" in a crypto currency, sending passport photos is granted. In practice the leaked user database is a gold mine for crooks.

    2. Re:Just what you want from a crypocurrency... by MrL0G1C · · Score: 1

      What kind of fool would give that up to invest in an "anonymous" currency? The mind boggles....

      A greedy fool. I kind of feel sorry for these people they're all being ripped off. I don't know what it is about people that have scam screamed at them, ignore the warning and continue. Ok I do, they're fucking morons.

      --
      Waterfox - a Firefox fork with legacy extension support, security updates and better privacy by default.
    3. Re:Just what you want from a crypocurrency... by Anonymous Coward · · Score: 0

      Because of Know Your Customer and anti money laundering laws. Exchanges wont list ICO tokens that dont have any KYC because the US would go after them.

    4. Re:Just what you want from a crypocurrency... by Anonymous Coward · · Score: 0

      You know, leaking the DB on purpose would be a decent cover if you'd already sold it to some crooks and wanted plusable denyability when they start using it. "Oh no, somone stole ot, it'll probably be used by crooks now. woe are we."

  7. Oh the irony by ArhcAngel · · Score: 1

    If they had invested with bitcoin they could have done so anonymously!

    --
    "A person is smart. People are dumb, panicky dangerous animals and you know it." - K
  8. That's a valuable list! by Anonymous Coward · · Score: 0

    25,000 gullible suckers! I'd like to get my hands on that list. ;)

  9. ICO investors dox themselves by Anonymous Coward · · Score: 0

    Did you know crypto "investors" literally upload scans of their own passports to sketchy websites hosted in third world countries just to participate in ICOs?

  10. They aren't investors by Anonymous Coward · · Score: 0

    They are speculators or gamblers

  11. How many of these damn things are there? by sabbede · · Score: 1

    And why do people expect them to hold value? There's too many for any to be accepted as payment, so it's just a game exchanges are playing with each other. It won't turn out well.

    1. Re:How many of these damn things are there? by ravrazor · · Score: 1

      Ok - the previous 4 comments, and usually all that relate to cryptocurrency on /., are negative and/or pessimistic.
      Just an open "Ask Slashdot" since there aren't that many posts here for everyone: "Does everyone here really think BitCoin, Ethereum or Ripple are that bad?"

      I have some of all of them, and obviously the sketchier ones (like bezop) are riskier, it seems like the ones above are destined for something, maybe not in the next couple of months, but certainly the next decade.

      some info:
      - Pfizer, AMD and Ernst & Young have joined the Enterprise Ethereum Alliance
      - Samsung announced that they are manufacturing ASIC processing chips for Bitcoin (specialized mining hardware)
      - RobinHood announced the addition of cryptocurrencies to their trading app. Over 1,000,000 people are now on the waiting list
      - The Canadian government launched a trial to use Ethereum for the transparent administration of government contracts

      Just curious to see what people think, if we're talking about losing money in cryptocurrency and there's nothing but these negative comments.

    2. Re:How many of these damn things are there? by Anonymous Coward · · Score: 0

      They believe it because they have been lied to.

      There's a pretty easy scam you can run with ICO's these days, because Bitcoin's rise and teetering decline are well enough known that it's easy to sell something "like bitcoin but with the fatal flaw that ultimately caused it's downfall fixed" to people who's greed exceeds their grasp of economics and fraud.

      It can easily be made to appeal to people who want crypto currencies in general to succeed as a replacement for cash but see that bitcoin isn't going that way, and people who think bitcoin is just a bubble but that they'll be the smart one who gets in early and leave the suckers holding the bag this time.

    3. Re:How many of these damn things are there? by sabbede · · Score: 1

      I thought I had mentioned that I saw room for maybe two to survive the inevitable crash, which would fit with your points, but I guess I was too sleepy to get around to it.

  12. HERO by Anonymous Coward · · Score: 0

    Anybody that exploits and exposes the flaws in Crypto currencies is a hero.

  13. Can somebody tell me... by Anonymous Coward · · Score: 0

    Why these people are sending in scans of their passports and driving licenses?