Website stolen by black BTC

1.

at present, the vast majority of digital currency transactions are concted in exchanges. Among the numerous exchanges, bitfinex, binance, okex and so on are well-known

However, bitcoin and other digital currencies, as decentralized assets, have to be traded in a centralized exchange, which seems to have hidden contradictions and dangers

1. Problems and challenges of stock exchanges=“ https://iknow-pic.cdn.bcebos.com/fd039245d688d43fdf16c83b761ed21b0ff43bbf ">

in February 2014, Mt. GOx, the world's largest bitcoin exchange at that time, was stolen 850000 bitcoins, and the price of bitcoin suffered a" cliff "crash on that day. Later, it was revealed that Mt. GOx was in fact a thief, and only 7000 bitcoins were actually stolen

in August 2016, bitfinex, the largest U.S. dollar bitcoin trading platform, suffered a security vulnerability, resulting in the theft of 120000 bitcoins, which was worth $65 million at that time. If converted into the price in December 2017, it would be worth nearly $2 billion

on December 19, 2017, South Korea's youbit exchange was attacked by hackers and lost 4000 bitcoins, and the exchange declared bankruptcy

on December 21, 2017, the Ukrainian liqui exchange was stolen 60000 bitcoins, and the unit price of bitcoin plummeted by US $2000

in 2018, such a drama will only continue

in addition to the threat of hackers, traditional exchanges also have some inherent shortcomings, such as lack of supervision and inefficiency. The security of the exchange for investors can only rely on its own credit, and the cost of running is very low. The stock exchange is regulated at the national level, but there is no such sword of Damocles on the top of the digital currency exchange. Moreover, in an exchange, the same order can only be submitted to one exchange. After the user places an order, the funds used for the transaction will be frozen and can only wait for the completion or cancellation of the transaction. These are undoubtedly inefficient

All in all, the problems of exchanges are the problems of centralization

2. Decentralization of exchanges=“ https://iknow-pic.cdn.bcebos.com/86d6277f9e2f070889a173c9e224b899a801f257 ">

(1) the progress of the exchange itself

the upgrade of security means is various. At present, the best use is cold wallet, that is, to keep the digital currency in the offline U disk. At the end of 2017, when the YouTube exchange was attacked, 75% of its assets were withdrawn into the cold purse in time to avoid greater losses. However, it seems to be a helpless way to protect the online assets by offline means. Of course, there should be many other methods, which will not be repeated here

(2) the representative of cross ledger transaction is ripple network, and the operating company is ripple labs, which is a semi centralized system. Ripple is a decentralized clearing agreement. In order to solve the high cost and delay of inter-bank clearing, its base currency is XRP. Ripple network can connect all kinds of assets, such as US dollar, RMB, Japanese yen, bitcoin, etc. to its own network. In this system, U.S. dollars or bitcoin can be converted into reborn currency, and then reborn currency can circulate freely in the network, just as a highway is built between various assets. Due to the support of major banking institutions, the reborn currency achieved nearly 300 times growth in 2017

(3) decentralized exchange

some teams try to use blockchain technology to build a decentralized exchange. This kind of decentralized exchange, to some extent, is an extension of cross ledger trading

bitshares is the most representative of early rising projects. It builds a blockchain development platform with servers scattered all over the world. Even if some of them are attacked, the system will not collapse. Anyone can transfer money and borrow money freely on this platform, and can also quickly build a centralized exchange based on this platform. In order to ensure stable value, bitstocks also require three times of digital assets as collateral. At present, bitstocks are running fairly well

later, with the development of Ethereum and smart contract, the x x protocol came into being. This is an open protocol running in the Ethereum blockchain and a decentralized exchange in the Ethereum ecosystem. The agreement has attracted many investors. At present, it has completed financing and started to build open source software tools and infrastructure. Of course, there are many competitors. Ether Delta, IDEX and oasis DEX are trying to provide similar functions. Moreover, it is a smart contract system based on Ethereum, which only supports erc20 token. If other smart contract public chains start to rise, the demand will be reced

in addition, there are some teams that are entering, such as the domestic road seal agreement, looping (LRC) in English. They adopted a design similar to the X protocol, and also introced a fast payment function similar to the lightning network. It is characterized by trying to match multiple exchanges, the user's order can be broadcast to multiple exchanges, and completed by different exchanges. Moreover, the user can still use the account funds after placing an order, and the user's behavior of transferring part or all of the funds is equivalent to partial or total cancellation. To some extent, it improves the breadth and timeliness of the transaction. However, this system seems to have damaged the "power" of the existing exchanges. Whether we can persuade everyone to play together will be a difficult problem

At present, there is still a long way to go for the construction of decentralized exchange. In 3-5 years, traditional exchange will still be the main battlefield of digital currency

However, in the future, it is worth looking forward to let the decentralized digital currency get rid of the shackles of centralization

2. No, there are several reasons why bitcoin was stolen
1. A stolen bitcoin can't be retrieved, and if it's lost, it's lost.
2. Bitcoin has transaction records, but the address is hidden, and you can't find an indivial.
3. Every bitcoin has a key, and only if you have this key can you be admitted to own bitcoin. However, if bitcoin is stolen or lost, your bitcoin will disappear completely
therefore, the theft of bitcoin does not belong to cracking, it may be e to internal personnel.

3. First of all, delete all the contents and files put by hackers, or find out which files have been modified (which can be seen from the modification time or from the website log) to replace the previous backup files, find out what files need to be deleted immediately, and then add the official patch of the website program;;; VPS sets the security dog carefully, and the best security level is high. Or your FTP login has not been turned off anonymity, and if the hacker enters your VPS, it is recommended to change the VPS password to find out if the hacker has placed any other files in the VPS... Don't worry, to solve bit by bit, and remember to back up the database, but also often back up the whole station, compressed download to their own computer, there is a backup is easy to solve some problems, hope to help you

4. This problem can't be solved unilaterally:

1: Account: please make sure that there is only one system administrator in your existing operating system. The default account name of the system is administrator, and it's better to have a password! If you have one more account, you'd better delete that account...

if you can't delete it by ordinary methods, it's recommended to press and hold Ctrl + Alt + delete twice when logging in to the system, and the system login dialog box will appear. Enter the administrator password and enter the default administrator desktop,

then run CMD and enter the following command in the CMD window:

net user the account name you want to delete / del

2: there must be a professional anti-virus software, so as to maximally reject the intrusion methods available to hackers (such as Trojan horse virus)...

3:, Another is to install a professional firewall to prevent hackers from invading...

4: use sa.exe to detect whether there is a clone account...

5: upgrade the system patch

5.

Many websites have experienced being hacked and inserting malicious code. In order to deal with the website intrusion well, we need several key steps:

1. download the server log

   when the website is found to be hacked, the first thing to do is to download the log files, including the server log and FTP transmission log. The location of the server log is generally located in C: / / Windows / system32 / logfiles / w3svc1. The FTP log depends on the FTP software installed on the server. For example, serve-u is in the installation directory by default. For virtual host users. Generally, space providers will provide logs within 3 days and download FTP logs within 1 month. Please consult the service provider for details

2. replace all malicious code

   while downloading logs, malicious code should be deleted to avoid affecting user experience. If you have server permissions, it is recommended to replace the malicious code in batches. If virtual host is used, some virtual hosts provide batch replacement function. This operation should be cautious, because it is a direct replacement of the content. A little carelessness may make the content of the web page beyond recognition. So we must make a good backup first

3. download to local antivirus, or server-side antivirus

   next, we need to start to find out the behind the scenes of the invasion. Remember, don't rush to delete the virus first. If you have a personal server, you can turn on the antivirus software. If you are using a virtual host, you can download it to the local and kill it with antivirus software. Don't rush to kill the virus after you find it. Check the modification time of the virus file. Search the newly modified time and check what files have been created or modified ring this time

4. modify the vulnerability page according to the log prompt, filter single quotation marks with string parameters, and format numeric parameters as numeric types. Using SP in query analyzer_ dropextendedproc ‘xp_ Dirtree 'delete it, and delete some other dangerous stored proceres

5. Modify FTP password, super administrator password, 3389 login port, user name and password. And then there's the aftermath. If the other party has invaded the site, these passwords are no longer passwords, so the safest way is to change them all

6. submit IP, intrusion time and log to local network police. Query the IP used by the other party's website, call the communication administration bureau where the other party's website is located to complain, be sure to report the case, need to keep the log of the other party's invasion, and provide IP to the police. At the same time, if the other party inserts the malicious code, which contains the website, it can report to the Ministry of information instry, and call the communication administration bureau where the website is located to complain

7. website vulnerabilities, repair and prevention, need a lot of professional knowledge, not only knowledge, but also need a lot of experience accumulation, so from the website to maintain the website maintenance server, as far as possible to find professional technical personnel or team assistance

6. According to your theory, if you drive into a dead person, or are killed, are the automobile manufacturers responsible
according to you, is the server provider also responsible? Because the server is also vulnerable? Is Microsoft, the system manufacturer of the server, also responsible? Because it was developed by Microsoft? If it's not Microsoft, then is the liunx provider responsible? Is the database provider also responsible? In what language? Is language provider responsible

which of Alibaba, Internet, Tencent, apple or Microsoft has no loopholes
programming is a science, but it's not entirely a science. Some things are metaphysical, such as hardware bugs. In many cases, programmers can't touch them, but once in a while, they touch them, restart them and get better
hackers have attacked, have you made a backup of your operation and maintenance? Have you made your plan?

7. First of all, the game providers are responsible for the players
then, the game providers can claim compensation like the space providers or the site building companies

generally, it's not about the site building companies (because everything has loopholes)

generally, it's about the game providers themselves (because only the space server itself has problems, It's only about the space provider)
and the server is generally rented by the whole server, which is the business of the game provider itself
1. The space provider is only responsible for renting the space (to ensure the security of the server, if the space goes wrong, the game provider is responsible for it)
2. The space provider is only responsible for the security of the machine room (if the server goes wrong, the game provider is responsible for it)
ask the space provider to do the maintenance, In a word, it's basically the responsibility of the game companies themselves, or the main responsibility lies with the game companies themselves

8. You have to find out, tort liability, see the site is not in the management of fault, fault can sue the site and tort liability!

9. 1. The most direct way: close the website. The network statistics background has the function of closing the website. You can choose to close it directly. If it's a small personal station, it's OK, but if it's an enterprise station, it's not realistic to close the website directly. Once the website is closed, the enterprise will lose a lot
2. The most thorough way: enable website backup files. Before the website is hacked, we need to back up the corresponding database and files, so as to better ensure the safety of the website. At the same time, when the website is hacked, we can quickly restore the operation of the website
3. After the website is hacked, find out the black chain immediately and delete it quickly
4. To submit the dead chain to the main search engines such as the network in time, it is recommended to list all the dead chain in a 404txt document, upload it to the FTP space root directory, submit the address to the network, and then
5. The setting of robots files, and set the related files of the deleted dead chain not to be crawled
6. Insist on high-quality content update for a period of time
7. Find some high-quality external links appropriately
8. Change the password of the system administrator. The password should be strong enough, preferably a combination of numbers, letters and symbols
9. Find a programmer to update the website anti Trojan program in time and install website security anti-virus software. Conditional suggestions to find a professional website security company to do security maintenance
10. Regularly check the security of the website: 1) analyze the system log and server log, check whether there are abnormal fluctuations in the number of pages and traffic of your site, and whether there are abnormal access or operation logs; 2) Check whether the website file has abnormal modification, especially the key pages such as the home page; 3) Whether the website pages refer to the resources of unknown sites (pictures, JS, etc.), and whether the abnormal links of external sites are placed; 4) Check whether the website has abnormally added files or directories; Check whether there are non administrator packaged website source code and unknown txt files in the website directory
11. Upload vulnerabilities carefully: upload vulnerabilities are often the simplest and most serious. They can make hackers or hackers easily control your website, prohibit or limit the types of files uploaded. If you don't understand, you can go to your website program provider
12. Directory permissions: please set some important directory permissions to prevent abnormal access. For example, do not give the upload directory execution script permission and do not give the non upload directory write permission
13. Database backup

10. I feel that my website, which I have been working hard for several years, is suddenly broken by hackers. I suddenly feel that the psychological gap is plummeting, causing a serious blow to people's hearts. At the same time, my team has lost confidence. In the future, I can only take a cut to gain wisdom, strengthen network protection, and avoid hackers coming to my network again.