Liberty Reserve API IP spoofing confirmed - Page 2

xibit · #11 03-02-2009, 04:44 PM

I can only warn you to have many of money at LR, I have several friends who were flown, one $5,000 the other one $30,000, since I work essentially with AP and PM who are sharply more safe except for the advantage to proceed to transfers by bankwire ( IBAN)
Beyond that I work with 2 LR accounts, the first one for the current harvests and as soon as there is certain amount I transfer it on the second. This last one I use EXCLUSIVELY with the first one and the exchanger, (in this case Swapgold.com who are very serious and helpful people)

gofindit4me · #12 03-02-2009, 04:44 PM

Well this is a big concern to me as well. I didn't even know about any problem at LR until I read this forum, I hadn't checked my account for a few days.

I, like many others, lost money when e-bullion bit the dirt. Lets hope LR isnt going to do likewise, albeit for different reasons.

capitalcorpex · #13 03-02-2009, 06:46 PM

This is my opinion: They are scam or Not. if they are, why they should post news on blog or put website under maintenance? They can go away anytime. I think they have problem and maybe happen for all, an we must wait only. I sure they will back and continue their business.

mmoexchange · #14 03-02-2009, 07:16 PM

i dont like the way they work it like a HYIP company or anything like that working and support look like amateur

GoldMember77 · #15 03-02-2009, 11:03 PM

Quote:

Originally Posted by martt

GOLDMEMBER77, I have sent you an email 30 minutes ago and received an autoreply, please check your mailbox.

The same thing happened to me:

My LR account was wiped through an API - Despite I never used any API - that suddently became registered in my account.

The full balance (A bit more than $73000 - ni typo, 73000) has been sent to another account (I do not publish the number for now). The history shows an "API" transaction and I then saw that an API was registered in my account, allowing all operations for all IP.

I contacted 3 major exchangers asking if they made a transaction with the account that received the funds, they said "no".

So far I didn't contact LR as first I imagined be the only one in this case and LR would flame my lack of security, etc. I talked with the exchangers and finally when I wanted to contact LR 2 days later... Their website went offline, and is still offline.

My passwords are SAFE, impossible to guess, I do not know them myself and copy them from a file stored in a Truecrypt container. My PC is more than safe and has been verified immediately after this by an independent expert I urgently hired in my place.

IMO the funds are lost, as LR will blame our poor security, will say we had a virus, etc. I *know* that my account was hacked, no doubt. The only doubt I have is if it was an internal job made by the LR team itself, or not. Why? Because to register an API in an account that had no API, I think the guy must login, know the password, the PIN code and the security code. That is more than an IP spoof, as so far as I know, it is not possible to setup an API without login!
I believe that passwords are stored encrypted on the LR server (At least I hope so!), it means that only somebody having access to the FILES can change the passwords and PIN (replacing the encrypted form of MY pass by the encrypted form of HIS pass), use his passwords, then put back my passwords.

Now as I see I am not alone, I have a LITTLE hope to recover. My money is clean, I just received LR from some exchangers. I have no problem for a legal issue but against what? A Costarican company? Good joke

Anyway Goldmember77, please contact me by mail, maybe we can work together on this!

Readers no need to say that I have only one post, it is true that I quite never read here and less post even! And no need to saying I am stupid to keep such amount, please.

Thank you

Martt,

I am really sorry for your loss. That is a lot of money for anybody, I don't care who you are.

I wrote my post in hopes other people in my situation will come forward and talk about similar experiences. I BELIEVE WHAT YOU ARE SAYING. As I said, I have been in IT/Security for 22 years. I have a college degree in applied cryptography, and I know what I am doing and talking about. There is not a chance on earth that our account got stolen for poor security on our part.

I have written Liberty Reserve today, even though this has happen last week for the same reason than yourself: They will probably reply with a canned message saying how I need to "protect my liberty reserve account".

The insider job was the first thing that came to mind, and here is why: Even if you can spoof their routers into faking an IP (which is really hard to do if they are truly running CISCO routers as they claim), there is NO WAY (ABSOLUTELY NO WAY) they could have gotten my API password. Now you are telling me that your API just "appeared" out of thin air (and I believe you after what happened to me which is basically impossible). Maybe a disgruntled/rogue employee? Is not outside the realms of possibility.

In my career as a security consultant, I can ASSURE YOU that most companies are really concerned with "external security" and not at all with internal security. Curiously enough, more than 70% of for example customer information stealing happens as an inside job. I wouldn't be surprised if LR internal security would be very poor at best.

Again, sorry for your loss. Hopefully we would get something back. At this time, I just can't believe them anymore. They are still offline. The concept of "the site should be becoming up slowly in certain regions" is simply crap. Anybody that knows something about networks would agree with me. Not even DNS propagation takes a long time nowadays. What is it going to be the next excuse? Their hard drive fried and they need a week to replace it?

GoldMember77 · #16 03-02-2009, 11:07 PM

"You may be introduced to some quite bizarre rumors during this outage and false information that was cooked up by an unfriendly and dishonorable competitors but as always, Liberty Reserve will lead the way and is not going anywhere for many years to come."

I am not a competitor. What is really bizarre is taking more than 5 days to "work on an SSL certificate" specially after MANY accounts have been emptied. It would be great if LR just came out clean.

People in this forum have chatted with their online support people and they claimed they were going to be online in 30 minutes (that was 8 hours ago).

They are looking more and more like jackasses. People are not as dumb as they would like to think. I really hope they reconsider and drop the nonsense. There is no "dark empire competitor" trying to make them look like anything. They are doing this to themselves.

EMoney2008 · #17 03-02-2009, 11:23 PM

GoldMember77, I am really sorry for your loss... but first I want to enlighten you with these few facts:

For LR SSL Certificates Maintenance, I Am The Person Who Inform Their Support Stuff About This Issue Because When I Open The LR Site With My Mozilla Or Opera, The Browsers Said That There Is An Error With SSL Certificates Or SSL Certificates Is Out Of Date... And That Time I Also Had Problem With Accessing My Own LR Account As Well... It Detects From Different Location... So I Contacted Their Support Stuff And Met The Stuff Name "Valeria"... Contrary To What I Have Heard... She's Quite Friendly To Me And Fix My Problem With The Different IP Very Quickly.. First She Just Told Me To Give Her My Account Security Question, Addresses Of The LR Account And DOB.... After 3 Minutes I Got New Email From LR With New Reset Master Keys.. And She Told Me That The Issue Of Different IPs Is Not Permenant... Need A Few Days To Fix It Up Among Other Things...

I Am Not Here To Oppose With Your Statement And Fact Because I Am Truly Sorry For Your Big Lost.... But Just Want To Clarify Some Facts Of The Truths About The LR's Words!

Regards,

EMoney2008

Patryn · #18 03-02-2009, 11:29 PM

Before we continue, I just wanted to mention... You Do Not Need To Capitalize The First Letter Of Every Word. Reading Your Posts Makes My Eyes Bleed. Please Follow The Rest Of the Forum By Using Reasonable Capitalization. Thank You.

Quote:

Originally Posted by EMoney2008

For LR SSL Certificates Maintenance, I Am The Person Who Inform Their Support Stuff About This Issue Because When I Open The LR Site With My Mozilla Or Opera, The Browsers Said That There Is An Error With SSL Certificates Or SSL Certificates Is Out Of Date

Actually, I informed the LR administration directly when i noticed it. They were unaware of the issue and sent my inquiry to the tech department. Really not sure why you continue to claim to be the one who "discovered" the issue, as if doing so would give you some sort of special status.

EMoney2008 · #19 03-03-2009, 01:27 AM

Quote:

Originally Posted by Patryn

Before we continue, I just wanted to mention... You Do Not Need To Capitalize The First Letter Of Every Word. Reading Your Posts Makes My Eyes Bleed. Please Follow The Rest Of the Forum By Using Reasonable Capitalization. Thank You.

Actually, I informed the LR administration directly when i noticed it. They were unaware of the issue and sent my inquiry to the tech department. Really not sure why you continue to claim to be the one who "discovered" the issue, as if doing so would give you some sort of special status.

Oh Look, Did I Do Something Offensive Here.... I Just Wrote What I Did .. And That's What I Did... If You Don't Like Reading My Post.. Just Ignore It... And If You Are So High And Almighty Yourself... Then You Don't Have To Go Into The Same Bag With Me... By Claiming You Told The LR Stuff Directly ... LOL... What's A Person ......

And For Your Information, I Just Wanted To Correct The Goldmember77 That What The LR Posted About SSL Certificates Maintenance Is Actually The Truth.. Not An Excuse... And If I Remember, I Wrote About Me Informing The LR Stuffs Only 2 Times Here In Different Posts And Threads... So Please Keep Your Opinion To Yourself If I Might Ask...

I Am Here Like Every Other Member Who Want To Share The Views And Suggestions.... If You Have Noticed My Posts.. I Have Never Flamed Anyone Or Talk Ugly About Anything...

For The Style Of My Own Writing, Please Go And Find The Rules And Come Back To Me ... If You Can Find Any Specific Rule Which Forbidden Me *NOT* To Write In Capital Letter......

Patryn · #20 03-03-2009, 01:58 AM

Quote:

Originally Posted by EMoney2008

LOL... What's A Person ......

per***8901;son***8194; ***8194;[pur-suhn] –noun
1. a human being, whether man, woman, or child: The table seats four persons.[/quote]

Quote:

Originally Posted by EMoney2008

For The Style Of My Own Writing, Please Go And Find The Rules And Come Back To Me ... If You Can Find Any Specific Rule Which Forbidden Me *NOT* To Write In Capital Letter......

At what point did I state that you were breaking forum rules with your irritatingly ignorant and obsessive capitalization?