|
Title: My Bitcoin Forum account has been compromised!! Post by: Sword Smith on June 07, 2013, 10:21:54 AM This account seems to have been hacked. Please quote this in another thread so that the attacker cannot
I will update this thread if the attacker does not delete it :/ Do not make any deals with this account until I sign a message saying everything i OK. Title: Re: My Bitcoin Forum account has been compromised!! Post by: Sword Smith on June 07, 2013, 10:29:55 AM This account seems to have been hacked. Please quote this in another thread so that the attacker cannot I will update this thread if the attacker does not delete it :/ Do not make any deals with this account until I sign a message saying everything i OK. WOW a lot of bitcointalk accounts are getting compromised. Theymos 2FA is need! Title: Re: My Bitcoin Forum account has been compromised!! Post by: John (John K.) on June 07, 2013, 10:34:41 AM I banned OP for the time being to stop the spam. I'll ask theymos to look into this, in the meantime CHANGE ALL YOUR PASSWORDS GODDAMNIT.
Title: Re: My Bitcoin Forum account has been compromised!! Post by: theymos on June 07, 2013, 07:43:29 PM WOW a lot of bitcointalk accounts are getting compromised. Theymos 2FA is need! I think that this attack involves stealing cookies using some weakness in Java, so two-factor authentication wouldn't help here. Title: Re: My Bitcoin Forum account has been compromised!! Post by: Mike Christ on June 07, 2013, 07:45:49 PM Java seems to be the center of all hacking attempts related to Bitcoin.
So from now on, words to live by: just don't run Java on any website related to Bitcoin. Title: Re: My Bitcoin Forum account has been compromised!! Post by: The 4ner on June 07, 2013, 07:53:14 PM I have a 50 char password and only ever log in through encrypted VPN's. Hopefully that's enough protectiong.
Title: Re: My Bitcoin Forum account has been compromised!! Post by: 01BTC10 on June 07, 2013, 07:58:02 PM I have a 50 char password and only ever log in through encrypted VPN's. Hopefully that's enough protectiong. Useless against cookie stealing. Don't click any forum link. Title: Re: My Bitcoin Forum account has been compromised!! Post by: pekv2 on June 07, 2013, 10:15:45 PM WOW a lot of bitcointalk accounts are getting compromised. Theymos 2FA is need! I think that this attack involves stealing cookies using some weakness in Java, so two-factor authentication wouldn't help here. Ekk, if this is the case, by damned people need to start locking down their browsers. Easy way for mozilla is cookie monster. https://addons.mozilla.org/en-US/firefox/addon/cookie-monster/ I'm not being self centered, but my browser is a fortress. Nothing normally that usually gets through a default browser, mine is setup to block. Tons of about:config settings, cookies, noscript,requestpolicy,mvps hosts,adblock with malware blocking list and others, I've got a ton of crap to long to list in here and be ot. [edit]btw, as noted in the other thread, I've got java uninstalled too[/edit] Need to get a point across to new comers & even old timers about browser security, some how. A browser can be a double doorway to your computer, letting things roll in then out. Block cookies and only allow cookies you trust for a certain time. Edit: Seriously, need a security section here :) Title: Re: My Bitcoin Forum account has been compromised!! Post by: The 4ner on June 08, 2013, 01:02:55 AM Damn. Well I do use Ghostery as well and have an app called cookie that also blocks cookies and deletes cookies every 5 minutes while browsing.
Title: Re: My Bitcoin Forum account has been compromised!! Post by: MysteryMiner on June 08, 2013, 03:02:10 AM I have a 50 char password and only ever log in through encrypted VPN's. Hopefully that's enough protectiong. VPN will make MITM attack easier by VPN operator. Bitcointalk already uses SSL to protect the contents of communication to Bitcointalk server, including specific urls and cookies.Title: Re: My Bitcoin Forum account has been compromised!! Post by: Maged on June 08, 2013, 06:06:47 AM Say, does the session cookie need to be accessible through JavaScript? If not, we could make the cookies HttpOnly (https://www.owasp.org/index.php/HttpOnly).
Title: Re: My Bitcoin Forum account has been compromised!! Post by: D35TR0Y3R on June 08, 2013, 06:10:39 AM Say, does the session cookie need to be accessible through JavaScript? If not, we could make the cookies HttpOnly (https://www.owasp.org/index.php/HttpOnly). Java malware will steal the cookies through the browser's storage directories.Title: Re: My Bitcoin Forum account has been compromised!! Post by: MysteryMiner on June 08, 2013, 08:04:18 PM Say, does the session cookie need to be accessible through JavaScript? If not, we could make the cookies HttpOnly (https://www.owasp.org/index.php/HttpOnly). Java malware will steal the cookies through the browser's storage directories.Specify time to stay logged in when logging in. Log out your forum profile when leaving forum. Useless cookie is not delicious. |