Bitcoin Forum

Other => Meta => Topic started by: Jet Cash on May 17, 2018, 06:56:37 AM



Title: Why are so many accounts being reported as hacked?
Post by: Jet Cash on May 17, 2018, 06:56:37 AM
The forum login doesn't appear to be particularly vulnerable to me, and the use of a decent anti-virus package should provide some additional protection. My instinct is to believe that most of the hacked accounts are sold accounts, but I'm not sure that reporting them would be of much benefit.

The other alternative is a lack of sensible precautions. Leaving a computer logged into Bitcoin Talk whilst you go to the 'loo, or some other place, would seem to be pretty stupid if you are posting from a location with other computer users nearby. Allowing your browser to supply passwords is fine if you are sure nobody else will use your machine, but if you are in a dormitory, and leave your machine unattended, then it may not be the most sensible thing to do.

So do we have a profile of the people who are losing their accounts? Are most of them posting from educational establishments or libraries?


Title: Re: Why are so many accounts being reported as hacked?
Post by: bitperson on May 17, 2018, 07:00:44 AM
My guesses would be phishing (the lookalike .to site, with its high placement in Google results, seems like a perfect way to collect Bitcointalk passwords) and password stealing malware disguised e.g. as altcoin wallets.


Title: Re: Why are so many accounts being reported as hacked?
Post by: actmyname on May 17, 2018, 07:05:45 AM
Account sale -> Report as hacked -> Easy scam, especially with the new email resets.


Title: Re: Why are so many accounts being reported as hacked?
Post by: TheQuin on May 17, 2018, 07:09:36 AM
Two big reasons I know of:

a) The forum was hacked back in 2015 and the encrypted database is available on the darknet. Accounts with weak passwords are vulnerable to being brute forced.

b) The .to and other phishing sites masquerading as mirror sites. They often show up on a Google search ahead of the real site.


Title: Re: Why are so many accounts being reported as hacked?
Post by: hilariousetc on May 17, 2018, 07:15:12 AM
Account sale -> Report as hacked -> Easy scam, especially with the new email resets.

Well it would be an easy scam if people ever got their accounts back. Those that didn't change their passwords since the forum breach is the main reason. Most people probably get them hacked by either downloading malware or logging onto phishing sites.


Title: Re: Why are so many accounts being reported as hacked?
Post by: demonic098 on May 17, 2018, 07:39:09 AM
Two big reasons I know of:

a) The forum was hacked back in 2015 and the encrypted database is available on the darknet. Accounts with week passwords are vulnerable to being brute forced.

b) The .to and other phishing sites masquerading as mirror sites. They often show up on a Google search ahead of the real site.

Good day Quin ;)

For A. I don't think brute force will work well here, In our login form we have a captcha and that will prevent brute force + we have a limit on incorrect passwords.

For B. The phishing site has a captcha error so I think it wouldn't work anymore(hopefully). Plus an experienced member here has a "hairstrand" of a chance get phished by that site because a lot of members here is aware of that phishing site but we should still spread the word.

I hope one of those accounts that have been hacked share his/her statement here ;).


Title: Re: Why are so many accounts being reported as hacked?
Post by: TheQuin on May 17, 2018, 07:51:03 AM
Good day Quin ;)

For A. I don't think brute force will work well here, In our login form we have a captcha and that will prevent brute force + we have a limit on incorrect passwords.

They can buy the database that has an MD5 hash of the password and brute force it offline.

For B. The phishing site has a captcha error so I think it wouldn't work anymore(hopefully).

That's good news but there will be many more phishing sites to replace it.

Plus an experienced member here has a "hairstrand" of a chance get phished by that site because a lot of members here is aware of that phishing site but we should still spread the word.

It's the far greater number of inexperienced members that are getting hacked.


Title: Re: Why are so many accounts being reported as hacked?
Post by: lebrone08 on May 17, 2018, 08:38:59 AM
The forum login doesn't appear to be particularly vulnerable to me, and the use of a decent anti-virus package should provide some additional protection. My instinct is to believe that most of the hacked accounts are sold accounts, but I'm not sure that reporting them would be of much benefit.

The other alternative is a lack of sensible precautions. Leaving a computer logged into Bitcoin Talk whilst you go to the 'loo, or some other place, would seem to be pretty stupid if you are posting from a location with other computer users nearby. Allowing your browser to supply passwords is fine if you are sure nobody else will use your machine, but if you are in a dormitory, and leave your machine unattended, then it may not be the most sensible thing to do.

So do we have a profile of the people who are losing their accounts? Are most of them posting from educational establishments or libraries?

phising is number reason why theirs a  lot of account have been scam. most of the scammer send a personal message were in, if you open the links it will automatically copied all your important information so better stay away from all the message that is not related from you or anonymous sender.


Title: Re: Why are so many accounts being reported as hacked?
Post by: Jet Cash on May 17, 2018, 09:05:18 AM
Thanks for all the replies guys, and I hope that a few members will read the thread, and avoid losing their accounts.

I forgot about phishing, probably because I use direct navigation instead of clicking links in email. In fact the google omnibox has become a real nuisance for me, and I may put some direct navigation boxes on some of my pages to bypass Google.


Title: Re: Why are so many accounts being reported as hacked?
Post by: hugeblack on May 17, 2018, 01:01:09 PM
Two big reasons I know of:
a) The forum was hacked back in 2015, and the encrypted database is available on the darknet. Accounts with weak passwords are vulnerable to being brute forced.
b) The .to and other phishing sites masquerading as mirror sites. They often show up on a Google search ahead of the real site.

c) BitcoinTalk mobile Apps: Many unofficial applications appear on Google Play.
d) Fake ICOs: Many require to create a new account"any jobs related to username and password" and add bitcointalk information "People usually use the same password for all accounts."

Plus traditional methods of hacking accounts" hacking emails, secret Question,...."


Title: Re: Why are so many accounts being reported as hacked?
Post by: LTU_btc on May 17, 2018, 05:06:04 PM
I can tell you from my own experience, why my account was hacked. I just didn't cared much about security. I used weak password and no 2FA on my email. No surprise - it was hacked. Then hacker changed my bitcointalk password with "Forgot your password?" function, later he changed email address of bitcointalk. Luckily, I was able to recover my account by signing a message from staked Bitcoin address. It was very good lesson for me that I need to secure my mail, exchange and other accounts with strong unique passwords and 2FA.


Title: Re: Why are so many accounts being reported as hacked?
Post by: BTCeminjas on May 17, 2018, 06:27:35 PM
That's the reason why we are the one who has a responsibility to keep safe our password in bitcointalk account and email account, don't make do the same password in your email account in bitcointalk account or even other accounts. Recently issues that having a phishing link in bitcointalk that fooled people and that was probably the cause when you log in a wrong website.

***-SNIP-
d) Fake ICOs: Many require to create a new account"any jobs related to username and password" and add bitcointalk information "People usually use the same password for all accounts."

Plus traditional methods of hacking accounts" hacking emails, secret Question,...."
Exactly, maybe one of the reasons those ICO intended a scam to their participants.
Or those signing in airdrops also be careful on that.