Jump to content

  • Sign up for free and receive a month's subscription

    You are viewing this page as a guest. That means you are either a member who has not logged in, or you have not yet registered with us. Signing up for an account only takes a minute and it means you will no longer see this annoying box! It will also allow you to get involved with our friendly(ish!) community and take part in the discussions on our forums. And because we're feeling generous, if you sign up for a free account we will give you a month's free trial access to our subscriber only content with no obligation to commit. Register an account and then send a private message to @dave u and he'll hook you up with a subscription.

Bitcoins

Yoda

By Yoda,
in TNF - Techy Nerd Forum

 Share

Recommended Posts

Yoda Apprentice

Yoda

Posted
Posted

Hello Techy Nerds.....

 

Got a bit of a problem at work where some f****r has put some mining software on a couple of our servers. Noticed we were losing a bit of CPU power etc and found that someone was mining for Bitcoins on them.

 

I work for a small company and the emloyess generally display a level of retardedness that woulld preclude it being one of them. Which makes me think it is someone from two IT companies who work for us. I got a consultant in to see if they could prove when it was installed - and if remotely by what IP - no proof as whoever had done it had hidden their tracks pretty well.

 

I see from Wikipedia / the net that Bitcoins have a bit of value to crooks and are used by people for trading dodgy images etc. I guess my questions are:

 

(1) Anyone got any ideas to catch the bastard/s red handed going forward?

(2) Are Bitcoins as dodgy as they sound?

(3) Should I just consign it to history and experience and do some more reguar checks?

 

Love me x

Link to comment
Share on other sites
bri Grand Master

bri

Posted
Posted

done a bit of reading on BitCoins but I thought there was only so many out there and you couldn't generate anymore.

 

So are they using a botnet on your serves to try and generate more Bitcoins??

 

Bitcoins: What are they, and how do they work? | Technology | The Guardian

 

Bitcoin - Wikipedia, the free encyclopedia

 

I'd just send a circular round work saying what you've found and the co is looking into it further and just leave it at that.

Link to comment
Share on other sites
DJLJ Grand Master

DJLJ

Posted
Posted
Hello Techy Nerds.....

 

Got a bit of a problem at work where some f****r has put some mining software on a couple of our servers. Noticed we were losing a bit of CPU power etc and found that someone was mining for Bitcoins on them.

 

I work for a small company and the emloyess generally display a level of retardedness that woulld preclude it being one of them. Which makes me think it is someone from two IT companies who work for us. I got a consultant in to see if they could prove when it was installed - and if remotely by what IP - no proof as whoever had done it had hidden their tracks pretty well.

 

I see from Wikipedia / the net that Bitcoins have a bit of value to crooks and are used by people for trading dodgy images etc. I guess my questions are:

 

(1) Anyone got any ideas to catch the bastard/s red handed going forward?

(2) Are Bitcoins as dodgy as they sound?

(3) Should I just consign it to history and experience and do some more reguar checks?

 

Love me x

 

1) Depends how good you are and how good he is. Start limiting different people's access to certain places, start reading logs, make sure people start changing passwords on a regular basis, pull down post-it notes of said passwords from their monitors, remove admin access for outside vendors etc. I know it can be a pain, but for all you know, they can be serving kiddie pr0n from your servers, not a good thing.

 

2) yes.

 

3) No.

 

hth.

DJLJ

Link to comment
Share on other sites
Lee909 Grand Master

Lee909

Posted
Posted
so how do you get these coins and what can you buy with them?

 

ill post th link to the podcast later on but kevin smith covered it in his podcast,jay and silient bob get jobs.Appartly the if a website tech nerds can find were they are buying anything from lsd to heroin online with bit coins as the are pretty much untracable,some sort of black market ebay.

Link to comment
Share on other sites
Yoda Apprentice

Yoda

Posted
  • Author
Posted

Cheers everyone.

 

The servers are password protected. Only one other person in the company knows the password and he barely knows how to turn his pc on. So I know it isn't him.

 

Which is why I think it is one of the two IT companies who need access to the servers. The one company who developed some software for us have only accessed the severs remotely and their access is limited to one ip address. I cannot get rid of them as we have spent a fair wedge on the system and they need to support it, make further developments as and when.

 

Could they gain access through a different ip if they were smart about it anyway?

 

I could get rid of the IT support company who look after all of our computers but largely they do a pretty good job. I'd also hate to get rid without any proof really. I'm not good enough to get into looking at it in any depth, I just manage the area as a part time activity so am in a bit of a pickle with it.

 

I've read quite a lot on the net about them and bitcoins value has lessened after a hack that took place somewhere or other recently. Still they appear to be all about trading dodgy images and drugs so don't feel it is ignorable.

 

I don't really want to limit access rights because I don't really have the hours in the day to manage it.

Link to comment
Share on other sites
Dan Community Regular

Dan

Posted
Posted
Cheers everyone.

 

The servers are password protected. Only one other person in the company knows the password and he barely knows how to turn his pc on. So I know it isn't him.

 

Which is why I think it is one of the two IT companies who need access to the servers. The one company who developed some software for us have only accessed the severs remotely and their access is limited to one ip address. I cannot get rid of them as we have spent a fair wedge on the system and they need to support it, make further developments as and when.

 

Could they gain access through a different ip if they were smart about it anyway?

 

I could get rid of the IT support company who look after all of our computers but largely they do a pretty good job. I'd also hate to get rid without any proof really. I'm not good enough to get into looking at it in any depth, I just manage the area as a part time activity so am in a bit of a pickle with it.

 

I've read quite a lot on the net about them and bitcoins value has lessened after a hack that took place somewhere or other recently. Still they appear to be all about trading dodgy images and drugs so don't feel it is ignorable.

 

I don't really want to limit access rights because I don't really have the hours in the day to manage it.

 

does your company actually have any of these paedo-coins yoda?? if not then why are you worried?

Link to comment
Share on other sites
Yoda Apprentice

Yoda

Posted
  • Author
Posted

 

does your company actually have any of these paedo-coins yoda?? if not then why are you worried?

 

Whoever installed the mining software gets them presumably. It uses the processor in the servers to generate them. The mining slows down the server so the software which is effectively a web service runs much more slowly than it should.

 

Even if you ignore the fact someone is using my server to do something dodgy / illegal the speed issue is something I need to avoid.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...