How much LINK did he steal & what was the market value at the time he stole it?
ED LINK thief -- moon suppressor?
Owen Garcia
Michael Cruz
binance stole the lot of it. greedy fucking jewhales with their illuminati bots AAAAAAAAAAAAAAAAAAAAAA fucking dogs.
NOBODY IS STOPPING THE MOONTRAINMETRO
Cooper Flores
>MOONTRAINMETRO
That's it, I'm out. Srsly, MOONTRAINMETRO? I don't care if some of my LINK will be sold at a loss, I'm out.
This meme is dead. to me.
Ryder Harris
>Stolen LINK
Wut?
Joshua White
How did Binance steal anything?
There was a malicious tumblr link a couple weeks ago that stole people's LINK held in ED.
Jason Brown
im glad you out you fucking cuck enjoy being poor
Samuel Fisher
Ty for your bags
Benjamin Jenkins
He stole 20k from one user and i think 800 from another. I was in the thread
James Diaz
I was the guy who lost 800
Gavin Harris
Did u recover
Landon Miller
...
Julian Rodriguez
Yeah, some good-guy user sent me $200 in ETH which is what I had spent on the LINK at that time.
Tyler Ross
I love this story
Kevin Long
This place has people who are cool as fuck.
I hope we make it & can pass on this legacy ourselves.
Lincoln Russell
What happened???????
Camden Barnes
daily reminder that all these feel good moments are engineered by P&D groups to get you emotionally attached to your LINK
Alexander Wilson
How was it stolen?
Is there some kind of exploit?
Jack Bailey
yeah you click on a shitbox link and get your link stolen, its 2017 nigger
Jeremiah Miller
Anyone get a copy of what was on the webpage?
Evan Diaz
I have the code if anyone wants it
Joshua Foster
yo!
I'm interested.
Carter Barnes
I'm not emotionally attached, I recently cut smoking out of my life and have been spending my smoking budget on CRYPTO so it's all been a jolly experiment / gamble. I think blockchain is fascinating, all moon memes aside. If you don't appreciate the tech and innovation, why are you even here?
Chainlink is a gamble but I've definitely done my own research and I'm willing to gamble money on it.
Worst case scenario I lose money I was going to smoke up anyways.
That and I'm at a profit for my link presently.
Your post is pretty ominous desu
Austin Peterson
Nigger
They fixed the vulnerability shortly after
Dylan Price
I expected as much, I'm just interested in how it works.
Josiah White
patched
Isaac Thompson
...
Alexander Russell
So, why does running that javascript in a browser steal your link?
Is it a plugin or something?
Jason Lee
its called corss site scripting: XSS
the script tag runs the code in the browser as if it was embedded in the webpage
Jonathan Cox
cross site scripting*
Blake Rogers
Gotcha.
I thought that was just in some page's source.
Didn't know that request indirection thing existed though, that seems like it'd be useful for exfiltration.
Nathaniel Allen
the request website is there it sends the private keys there to redirect. I'm sure that website just redirects to something he hosts. After he got the keys, he manually had to log in with them to steal. That gave me enough time to take all my LINK out, as i clicked on the link kek.
Wyatt Rogers
Any idea where the xss problem was in the site?
I can't see anywhere for users to input text.
Liam Campbell
no clue. i dont think there was any need for an input field, as the script ran directly from the URL. I think etherdelta was just prone to executing script tags.