|
Title: This account has been compromised. Post by: ssbtoday on June 16, 2013, 06:05:40 AM There has been several posts originating from my account "ssbtoday" since June 4th. Please report them to the moderators as they were NOT me. I barely logged in to find these 'scammy' posts with atrocious English and it is rather annoying. Help please.
Proof I am the original owner of the account: There was a post on March 29th with an address of 19wAGPypBu61s28k1hRx5nF6EZMTfMiF5b with my name on it. I will send any moderator bitcoins from that address to prove my identity, as that has been my bitcointalk address since the creation of this account. More information: Apparently by checking google, the e-mail on this account (which was changed) now has an e-mail that does not exist. I even checked Google's forgotten password and it clearly states it's not an account, how could someone have changed the e-mail on my account without even sending me an e-mail? This is outrageous! Title: Re: This account has been compromised. Post by: BadBear on June 16, 2013, 06:51:03 AM I moved the threads you mentioned to archival until it gets sorted out. You need to contact theymos, he's the only one who can help you.
Title: Re: This account has been compromised. Post by: theymos on June 16, 2013, 07:03:22 AM Is it under your control now? Your email address is currently the same as it was before.
Title: Re: This account has been compromised. Post by: ssbtoday on June 16, 2013, 07:09:21 AM Theymos, the email I have setup now is the one I use daily, it is protected with two factor auth, so if the hacker somehow got in, they must have bruteforced or somehow got the password other ways. I have a copy of every single email on that email forwarded to a second account which has an even longer password then the first and is also two factor auth'd.
And to answer your question, yes it is under my control to the best of my understanding. (Not sure if old sessions still exist) Title: Re: This account has been compromised. Post by: theymos on June 16, 2013, 07:16:54 AM An account-stealing Java exploit has been going around lately. You might have run into this, though I'm not sure whether this exploit allows the attacker to change your account settings.
Title: Re: This account has been compromised. Post by: ct1aic on June 16, 2013, 07:27:54 AM An account-stealing Java exploit has been going around lately. You might have run into this, though I'm not sure whether this exploit allows the attacker to change your account settings. My account was also hacked in first days after registering in this (and another) forum, as I also run a java of a page that invited us to "mine BTC online"! What a naive I was... But I could recover the account and replace the password. Title: Re: This account has been compromised. Post by: ssbtoday on June 16, 2013, 07:31:20 AM Now that I think of it... I used Bitcoinplus for the shortest duration before in the end of may... .-.
Title: Re: This account has been compromised. Post by: 🏰 TradeFortress 🏰 on June 16, 2013, 07:33:26 AM And Bitcoinplus is the scam site that gives you an error when you try to cash out.
Title: Re: This account has been compromised. Post by: ct1aic on June 16, 2013, 08:14:20 AM And Bitcoinplus is the scam site that gives you an error when you try to cash out. I don't know if Bitcoinplus.com and the site Browsermine.com are related (the IP is not the same), as the text of the page is the same, including a syntax error: 'transfered' instead 'transferred'. Quote Bitcoin Generation New: you can generate bitcoin for a friend. You must have Java installed to use the bitcoin generator. If your browser asks you to run the applet, or to install Java, say yes. Waiting for Java applet to load... If it does not start (refresh "F5") and press run again! Step 1: Click "Start Generating" Step 2: Wait while your computer works (leave this page open) Step 3: Earn bitcoin It's that easy. Want the explanation? Read how bitcoin works, but click "Start Generating" first so you'll earn bitcoin while you read. New: The bitcoin miner for websites is available. You are not logged in. You can start generating now and your coins will be transfered to your account when you sign up. If you close your browser your coins may be lost. Already have an account? Log in. Last 21 May, several seconds after I authorized the run of the Java @ www dot browserminer dot com, something posted 2 messages in the 2 Bitcoin Forums I was logged in, this forum and also Butterflylabs forum, with a 21 seconds interval. The only diference between the 2 messages was the link, as the first one was in error (browerminer.com instead browserminer.com). I received a auto-ban in this forum and a ban for life in BFL one. I could gain access to both, appealing to the bans, a week later. As a security measure, I replaced the password in both (and others) sites, but I think the exploit only sent the spam messages, nothing more. But we never know... The message of SPAM: Code: http://www.browserminer.com Title: Re: This account has been compromised. Post by: bitspill on June 17, 2013, 05:06:38 AM I don't know if Bitcoinplus.com and the site Browsermine.com are related (the IP is not the same), as the text of the page is the same, including a syntax error: 'transfered' instead 'transferred'. Browserminer.com is someone saving the html from bitcoinplus.com and rehosting it with their own java applet being loadedLocated near the top of the page source is a comment inserted stating it was saved from bitcoinplus.com and all of the links throughout the page link back to bitcoinplus. Title: Re: This account has been compromised. Post by: ct1aic on June 17, 2013, 11:49:42 AM I don't know if Bitcoinplus.com and the site Browsermine.com are related (the IP is not the same), as the text of the page is the same, including a syntax error: 'transfered' instead 'transferred'. Browserminer.com is someone saving the html from bitcoinplus.com and rehosting it with their own java applet being loadedLocated near the top of the page source is a comment inserted stating it was saved from bitcoinplus.com and all of the links throughout the page link back to bitcoinplus. Yep... I forgot to see page source of www.browserminer.com scammer site... Code: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> All links point to the original site, except the pishing java script and a iframe: Code: <script language="javascript" src="nE0A6TxQ9tpn.js"></script> Title: Re: This account has been compromised. Post by: binaryFate on June 18, 2013, 08:36:11 AM There was a post on March 29th with an address of 19wAGPypBu61s28k1hRx5nF6EZMTfMiF5b with my name on it. I will send any moderator bitcoins from that address to prove my identity You could just cryptographically signe a message with that address to prove ownership, no need to send coins of yours! bitcoin-qt has this option, it's easy to use. |