Bitcoin Forum

My account StewieG https://bitcointalk.org/index.php?action=profile;u=133434 (https://bitcointalk.org/index.php?action=profile;u=133434) was hacked, the hacker even changed the Avatar. Is this a coincident that there is another thread where someones account was hacked? My guess is that the attacker got the password from the bitcointalk hack.
I had a BTC address on it which was now deleted by the attacker, the address is a few years old and was attached to my account for years. If you can tell me the address, because I don't remember it, I can find the key to it and sign a message. Would I then be able to recover the account?  PLZ help

Contact theymos or Cyrus. They can restore deleted posts so if you can still sign a message from the address you should be fine.

I contacted theymos and also contacted Cyrus now, thanks.

Okay here is proof of the address I had on my profile:

https://web.archive.org/web/20170114091900/https://bitcointalk.org/index.php?action=profile;u=133434

I have had it there for years as you can see. I will try to find the key to the address and post a signature here. I hope an admin can reset my password then... Until now no admin replied to my messages.  :-\

I have found my key, is there any admin I can talk to? Until now no admin answered me.

same too :/ my account got hacked too :/ Username : jylee1997123

Hello guys, how did your accounts get hacked? Sorry for your loss, I hope everything gets resolved quickly.

Question, bitcointalk got hacked in 2015. Did you guys change your password afterwards? I am not sure if I did... Maybe I did not.
But still, as far as I can see the passwords were hashed with sha256 and my password is not exactly easily guessable and was 17 characters long. So I kind of doubt someone cracked the password.... So how did he get my account? I am 100% sure my computer is not infected with any kind of malware.
Also I can see my avatar was changed and my personal infos like signature and BTC address was deleted. I am not sure what to make of it but I would rather say this was a personal attack as I have made some enemies here. Still I am not sure how my account got hacked. Also theymos is not answering on my request to change my email so I can recover my account.
Maybe he can tell me if there were multiple login tries into my account. Also the ip address used for the login of the attacker would be helpful, maybe in case they save the html header we can find out if the attacker is using an automated script or not. The user agent would be at least an indicator for how he is doing it.
Update: My password does not appear to have been reused somewhere else according to https://haveibeenpwned.com/Passwords

You need to sign a message from your old btc address you did have on your profile from a long time. Sign a message through your wallet and contact some forum administration staff.

hilariousandco https://bitcointalk.org/index.php?action=profile;u=164822  can recover your account I believe.

Theymos is too busy and recovering accounts is not one of his priorities he has explained before. Sorry that your account got hacked.

I did that already, so far I have not received a reply. I really want to figure out how this happened. This is so strange... I almost suspect someone on the forum with higher privileges changed my account. I am not saying this is what happened but this is the most likely explanation I can come up with right now.

That is highly unlikely that someone with higher privileges changed your account, that has never happened before. Post here the message and signature you signed from your wallet and then contact hilariousandco like I said above. I am not seeing any signed message here from the address you say you had from a long time.

This is the message i sent to hilariousandco :
---------------------------------------------------------------------------------------------------------

Hey man I see you are online and I have an urgent request. My account got hacked and I created this thread: https://bitcointalk.org/index.php?topic=2078374.0

I already sent this message to theymos but he is not responding:
------------------------------------------------
My account StewieG has been hacked/lost. Please reset the email to xxxx The current date is 10.08.2017

I have signed the text above with the following key.
Address:
19YnGfADyDQpzVHTjR5Zh1uL8uhSfiofU7

Signature:
xxx

The Address was listed on my account for years and has only been changed after my account was hacked yesterday or today. You can find the proof that I had attached the address to my account here:
https://web.archive.org/web/20140406104608/https://bitcointalk.org/index.php?action=profile;u=133434

------------------------------------------------

Please recover my account or help me out somehow, it is really urgent
------------------------------------------------------------------------------------------------------------

I edited the email and signature due to privacy concerns, here is a valid signature with the same key:

Text: https://bitcointalk.org/index.php?topic=2078374.msg20770023#msg20770023
Signature: IK9zdz9a5ie3MV7bBYqcBA/ZUs98W5FXLrm14EjrGhpRbGzXWQlg7rTGCEpsrUT8iwk/UwDaioao9yOWPXo4+jU=

If the signed message is correct you just have to wait now and hope for the best. I am sure the forum administration will help anyone in your position as long as they can sign a message from an old and staked address of theirs.

Rcovering the account is not even my main priority. I want to know how the attacker got control over it. Since I doubt my computer is infected and I only login via one computer this is a pretty scary situation. So yeah I would need the cooperation of an admin in order to find out how this happened.

I am afraid the forum administration can only help you to recover your account and it is out of their control to help you find out how your account got hacked. Probably it was when the database of the forum was hacked about 2 years ago. Based on your facts that your PC is clean and you log in via only one computer it is the leaked database of the forum that made your account hacked, this database was being sold in the dark web, accessible through TOR browser in different black markets there.

Yes but the password was 17 char long and the password was sha256 hashed and I don't think the attacker cracked it, at least it is not likely.... The admin could tell me if the attacker knew the password and just logged in, he could give the ip addresses of the attacker and he could look if the account was overtaken by the password recovery function. Then I would if the attacker maybe has access to the email address or if he knew the secret recovery question/answer...

You are not understanding. That leaked database was sold several times on darkweb, it had all the passwords exposed so the guy who hacked your account probably bought that list in the darkweb. He didn't need anything to crack, he got the password from the list, he just logged in into your account and changed email password and everything. This happened to many accounts but they were recovered with a signed message.

The passwords were in cleartext?! WTF?! Okay still the admin could tell me if I changed my password after the hack occured. If you could pm me where I can find the database so I can lookup if the password is exposed or not and still the same, i would be thankful.

And the ipaddress would be nice to have, also the http header on login if available. Funny thing is the attacker changed the avatar. It shows part of the mad hatter hat now. Anybody else has seen this behaviour before? Has this any meaning? Is this his "signature"?  ???

Yes it was in cleartext, thats what a leaked database means. Admin has no responsibility for your account, only you are responsible for your account and for safeguarding it. The database is from long gone now but you might give a shot and try to search in the black markets using TOR browser (for how to do that use google ,it is very long for me to explain it to you here).

Its past 11 pm here in Italy so I am going to sleep. Take your time and be patient.

A leaked database doesn't necessarily mean that the passwords are in cleartext, it only means that the Database is leaked. Normally the passwords are hashed and you need to crack them first. Just FYI^^ Good night and thx for support.

Many people were affected by the said leak and most of them haven't changed their passwords since 2015, including me. Also, hilariousandco cannot do anything in regards to recovering hacked accounts and only and admin can unlock it for you. Best thing would be sending a pm and wait for them to reply. Cyrus and theymos are busy working on in the new forum and it might take a while for you to get in touch with either of them.

Just wondering can mods change the email of a bitcointalk account?

so any user who registered before 2015, didn't change password because was not closely following what was happening in those times and didn't post any btc address is doomed to be hacked and have absolutely no chance recovering the lost account.

don't you think these are some very high requirements just to keep your account from being stolen.

i have:
- old email address
- old password
- ID's and contents of my past PM's
- i was logging in from same IP for 4-5 months
- have control of my twitter address in my signature.

and still can't get my account back because i didn't post a btc address in this forum. as far as i understood no past info is kept in forum but i should be able to prove my ownership with different methods, like as i said with PM id's

Great one day later and still nobody replied. I don't know why they didn't make it mandatory to change the password the first time you login. In 2015 I was busy doing other things and didn't really pay attention to what was happening in bct and the hack. My email address is a old one I have no control over. Now I started using my account again and it is now kind of important I can recover it. But instead of anything happening, besides my proof this account belongs to me, somebody else is having fun with it and even though I said it is important I gain back control over it. This is really frustrating. I don't even think the account was hacked due to the database hack in 2015, the passwords were hashed and my password was enough to not get cracked that simple. I do suspect an admin behind that incident and therefore it would even be more important to respond and tell me what happened.
I wrote to 4 admins yesterday, I got 0 replies. I find it hard to believe nobody read my message.

I find the fact that no mandatory password change was being enforced on the users nothing short of absolutely amazing. In 2017, it seems, people are still suffering from that incident. An attacker can just login into your account and steal your messages and compromise not only your privacy but also the privacy of everyone you talked to and you most likely won't even notice. It seems like nobody gives a damn. You say you have been hacked, you write the admins and provide proof and instead of flashing red light turning on, nothing happens. Astonishingly scary.

Good luck. My forum account was hacked last year. I signed a message from a staked address as prescribed, messaged multiple times and waited patiently. I figured they just stopped recovering accounts for people (or maybe mine wasn't important enough).  :-\

guys just leave this place and migrate to crypto twitter as everyone else, sorry. will use just to follow new alts not listed on coinmarketcap till we have a better, more secure crypto forum

the attacker also has your email address and password combination so you need to change it everywhere else if you're using it.

thank you BCT, really.

Yeah this is really awesome. The admins seem to not give a shit. What wonderful situation to be in...  ::) Thanks guys, I hope the next time you get hacked the community reacts the same you just do: not giving a shit and moving to another place. Thanks, I will stay away from this place or any place you will ever have any administrative task in.

What is this cryptotewitter? You mean twitter?  ;D

Admin should make this form more secured like 2FA active ..
Via email or Google 2FA that will help to secured account
my account was Hacked too and email was changed  ;D but NO reply from Admin

Thanks

Shakeit did you get replied by Admin or still waiting ????

My account was hacked too and i'm waiting a response since 2 weeks.
I still don't understand how is it possible to change password and email of an account without email confirmation. And why admin does not hire someone to do this job and help oldest user to recover their accounts. They are earning easyli 8BTC per week with advertising thanks to us no? :(.
Of course I did a mistake to do not change my password in 3 years but the price of this fault is high enough.

I agree with your opinion about the work to deal with hackers who always make everyone lose because their account has been stolen. So we should be careful with how to change our account password at least once a week.

Still waiting... I don't think they will reply anymore, this is just sad. Very lame guys... Just hire someone who deals with this stuff... I think you made enough money with this forum... #sad

Yes, it is twitter, with people using it for crypto related purposes. Much more effective, more content, better discussion environment, no scammers or trolls allowed.

You can start by opening an account and following crypto cobain: https://twitter.com/cryptocobain (https://twitter.com/cryptocobain)
And also don't forget to follow me of course :) https://twitter.com/cryptomusk (https://twitter.com/cryptomusk)

Noone is using BCT for altcoins anymore, coins are getting hyped on crypto twitter without even an announcement thread here

Just tried to login with an account and got a message it was hacked in 2015. Too bad, lost all my post history, but yeah things like this happen.

The cookie error upon registration and all the captcha's dont' really inspire confidence though.

Hi, I got this message when I tried to login my old account and I got this email.
"Sorry Guest, you are banned from using this forum! Your account is locked because it sat inactive for years after the password hashes were leaked in 2015, and was therefore at high risk of being hacked. Email react-vdnp8@theymos.e4ward.com to get it unlocked."

I already sent an email 3 days ago with no reply until I found this thread.
But I dont really get what is signing means,
Can anyone teach me how to sign it? what software do I need?
I still have access with my orignal wallet it is stored in blockchain[dot]info.

Thanks.

my three ids was hacked!

no bitcoin address, how to get back them ? >:( >:( >:(

Bitcointalk admins are just full of shit! Fuck this bull, time to decentralize all the things!

My account BrannigansLaw was also hacked https://bitcointalk.org/index.php?action=profile;u=48491 but ive yet to receive a reply and its been over 3 months now

Same issue here as well, wondering if there's any chance to get the account. Mostly for the username though.