Wallet Manager Code UpdatePosted: August 13, 2013
It is with great pain that I have to announce that my wallet manager code was compromised at an unknown time in the past. I haven’t spent too much time doing computer forensics because I believe that I was compromised on a previous VM that hosted my site in 2011, which has since been deleted in favor of a OS refresh.
Details about the compromise can be found on this stackoverflow.com post. If you have downloaded and are running a copy of my Wallet Manager, you will want to look at files in the /protected/models/ directory for the exploit code.
Going forward I am going to publish the Wallet Manager code to a public GitHub repository. My goal will be to secure the code, make it open source, and enable community contributions.