Cause of the botnet ( DEBUNKED )
-
@Daforce I don't think so... This is one of Fopa's scammy faucets on the PlayStore. They just keep releasing them for new coins. Kinda cool that Burst is recognized enough to get their attention though.
I say scammy because, well... you know how high withdraw limit faucets can be
-
@Daforce This 100-500 Downloads so far, so hardly could cause a 15K Client Network, no?
-
@Marc Unless all the other apps do the same thing. Their ETH app has 10,000 to 50,000 installs. And to boot all of the apps were updated on 6-27-2017... which is right around the time he went solo
Any .APK pros to bust these apart and check out the code?
Most of the reviews claim scam.... and I can't view more than one review on the burst app
Could be onto something here.
-
@k.coins said in Cause of the botnet ( in response to " pajeet " exploit ):
you know how high withdraw limit faucets can be
I don´t know. Please enlighten me.
@Marc said in Cause of the botnet ( in response to " pajeet " exploit ):
@Daforce This 100-500 Downloads so far, so hardly could cause a 15K Client Network, no?
The apk is freely avaiable. No need to go to the playstore.
-
@Daforce With high withdraw limit faucets, a couple things typically happen:
1.) The creator bets that people will use the app for a short time but not be able to reach the withdraw limit, therefore, ad revenue was earned, yet they had to pay nothing out to users.
2.) The creators will bail on the app at some time in the future (before anyone reaches withdraw), and again, earn ad revenue without paying anything out to their users
These are just two examples but I've seen these scenarios play out over and over.
-
@Daforce Doesnt fit together with size of plot each abused Client aka so far as what said/is know 200-300 GB each Client. Mobiles dont hold 300GB of free space normally. Also you Need to root in some cases, dont know about the actual Androids maybe its just a click to allow Installation from unknown sources just like on the firesticks, but People rooting normally know what they are doing and are more Aware due to that.
-
@Marc I'd say still probable. 300gb per client is an educated guess. There could be so much more to it than we know. They also run websites and there android downloads could be 100,000 or more. The 15,000ip's could be sloppy work and the only ones we have recovered.
To my knowledge google play won't host apps that require root. This guy is obviously good with code so who knows.
This is a great big world with many avenues....
-
@crutsy possible but unlikely, thats all I said.
-
@crutsy Here I am xD
I would say he is targetting PCs and not mobiles... provably he is not getting his bots from anything the users downloaded but from a cookie someone downloads when access to a site... Proxys are commonly known by doing this type of thing, although he can possibly have mobiles too in order to decentralize its bots base and an apk is provably the easiest way to target androids but I believe it comes more from PCs because 300Gb in a mobile makes a huge difference and most of the mobiles don't even have that kind of space available! Also if he would use androids he would have to create a plotter, and a miner at least... The plotter on android that exists from IceBurst work is pretty slow and it was just made to prove it's possible to plot on android but not really feasible. The miner, I think it would be too slow scanning the files...
also I think the current miner in Android only accepts plots with 1000 stagger (i'm not sure if it is still like this maybe @IceBurst can chime in and correct me if I am wrong)
I would defenitely bet that he is targetting PCs through a website with some kind of (super)cookie...0faucet.burstcoin.pt | burstcoin.pt | I just help for pleasure but if you want donate some coins: BURST-JYHR-SPXP-YT22-5F4KM
one_reply_to_this_post
-
@gpedro At the time there was a page for bitcoin that let you put a script on your own page where users entered the CPU began to undermine for the owner of the page. You could configure the cores you wanted to use so that users would not notice.
Are you thinking of something similar but for burst? It would be possible0ⓑ-BURST-2RZ4-89FK-5TQX-ET3BK
Free URL shortening and redirection service http://yurl.gq/
Search the whois database http://whoiswho.ga
http://tomygame.com/?ref=Energy
https://bitsforclicks.com/?r=RY3QHQBT238Q9JA
one_reply_to_this_post
-
@Energy No not really... Usually proxies are used to get information from you and for that the only thing that is used is a cookie that is downloaded by you when you access the website, so as long as the cookie don't expire (and you don't delete it) the hacker will know what he wants from you including passwords and even anything you type... I am suggesting that this can possibly be done with Burst... Maybe that cookie makes you download every software needed in the background, then it just standby for instructions of the botnet owner...
I think this kind of cookies are called supercookies... I know I watched a hackaton where there was a whitehat hacker that did something like that just for the purpose of demonstrate how easy and vulnerable people get when use unknown proxies...
-
@HiDevin can you change the word exploit to exploit (debunked) or something else in the thread title?
To visual Burst mining I like to compare it to a lottery with tickets. The more capacity you plot the more tickets you have every four minutes. Having a copy of some tickets won't increase your chances (overlapping). Having smaller batches of the tickets instead of one big batch won't increase your chances either...
1"Now everybody can see that da wallet is empty, empty." ->
The Burst Foundation: BURST-7BXU-TTFG-Z2JF-8QUZP (Development Fund)
one_reply_to_this_post
-
@daWallet gotcha
