[mahmud]

Linode will send you a confirmation email if you access the admin panel from a "new" IP. This guy must have had his email address compromised as well.

Looks like a class spear-attack.

[redegg]

So far there are 3 people who've reported their Linodes compromised. They all had popular Bitcoin services running on their Linode.

3 compromised emails? Very unlikely. They are all major contributors to Bitcoin, I think they know a little more than using the same password everywhere.

Linode will only send you a confirmation email if you enable the feature, otherwise tough luck. It's also been confirmed by the vice president of Linode to be a fault on their side.

[mahmud]

Fair enough. I stand corrected.

More plausible to have broken web UI security than an entire bitcoin-community-wide targetting.

[ceejayoz]

> Linode will send you a confirmation email if you access the admin panel from a "new" IP. This guy must have had his email address compromised as well.

The attack was not via the consumer facing admin panel. It was the internal Linode customer service interface.

[Legion]

> Linode will send you a confirmation email if you access the admin panel from a "new" IP.

IF you have the IP whitelisting feature enabled on your account. It is not by default.