/biz/ - Business & Finance

binance stole the lot of it. greedy fucking jewhales with their illuminati bots AAAAAAAAAAAAAAAAAAAAAA fucking dogs.

NOBODY IS STOPPING THE MOONTRAINMETRO

>>3928871
>MOONTRAINMETRO


That's it, I'm out. Srsly, MOONTRAINMETRO? I don't care if some of my LINK will be sold at a loss, I'm out.

This meme is dead. to me.

>>3928752
>Stolen LINK

Wut?

>>3928871
How did Binance steal anything?

>>3928936
There was a malicious tumblr link a couple weeks ago that stole people's LINK held in ED.

im glad you out you fucking cuck enjoy being poor

>>3928910
Ty for your bags

He stole 20k from one user and i think 800 from another. I was in the thread

>>3929363
I was the guy who lost 800

>>3929408
Did u recover

>>3929408

>>3929440
>>3929425

Yeah, some good-guy anon sent me $200 in ETH which is what I had spent on the LINK at that time.

>>3929468
I love this story

>>3929716

This place has people who are cool as fuck.

I hope we make it & can pass on this legacy ourselves.

What happened???????

>>3929734
>>3929468

daily reminder that all these feel good moments are engineered by P&D groups to get you emotionally attached to your LINK

>>3929408
How was it stolen?

Is there some kind of exploit?

>>3929976
yeah you click on a shitbox link and get your link stolen, its 2017 nigger

>>3929992
Anyone get a copy of what was on the webpage?

I have the code if anyone wants it

>>3930019
yo!
I'm interested.

>>3929969
I'm not emotionally attached, I recently cut smoking out of my life and have been spending my smoking budget on CRYPTO so it's all been a jolly experiment / gamble. I think blockchain is fascinating, all moon memes aside. If you don't appreciate the tech and innovation, why are you even here?
Chainlink is a gamble but I've definitely done my own research and I'm willing to gamble money on it.
Worst case scenario I lose money I was going to smoke up anyways.
That and I'm at a profit for my link presently.
Your post is pretty ominous desu

>>3930035
Nigger

They fixed the vulnerability shortly after

>>3930067
I expected as much, I'm just interested in how it works.

patched

>>3930082

>>3930100
So, why does running that javascript in a browser steal your link?
Is it a plugin or something?

>>3930219
its called corss site scripting: XSS
the script tag runs the code in the browser as if it was embedded in the webpage

>>3930254
cross site scripting*

>>3930254
>>3930267
Gotcha.
I thought that was just in some page's source.

Didn't know that request indirection thing existed though, that seems like it'd be useful for exfiltration.

>>3930284
the request website is there it sends the private keys there to redirect. I'm sure that website just redirects to something he hosts. After he got the keys, he manually had to log in with them to steal. That gave me enough time to take all my LINK out, as i clicked on the link kek.

>>3930302
Any idea where the xss problem was in the site?

I can't see anywhere for users to input text.

>>3930318
no clue. i dont think there was any need for an input field, as the script ran directly from the URL. I think etherdelta was just prone to executing script tags.