Bitcoin Forum

After being away for a few days in the forum, it was a surprise to receive an e-mail from the forum. However, this e-mail, which I received today, and which I just read an hour ago was very serious and alarming. It had stated in the e-mail that my account's e-mail and my password was accessed and was changed by someone from a certain IP address. I panicked and tried to log in to my account, which of course, I can no longer access. I thought that maybe I have mistyped my password but I didn't. I tried using the "Forgot Password" setting but it didn't work, it stated that there's no account associated with my email address.

https://i.imgur.com/4NnLJxf.jpg

I searched for any related threads that may help me regain my account but to my dismay, the only thing I found was by means of contacting the admin, which of course, will take some time. I was losing hope, then, and so I reread the e-mail sent to me and saw the link from which I can lock my account. I was on the verge of doing so, when I decided to check the "new" e-mail that was used to change my email address. It lead me to a yopmail account , which I found out is accessible to anyone. And since it is accessible to everyone, I decided to use it to recover my account.


How did I recover my account?

1. I logged into my account using the "forgot password" setting. Then, a recovery link was sent to the "yopmail account" which can be used to change the password of your account.
2. After changing the password of my account, I also changed my email address, and added a new security question for additional security.
3. Afterwards, I deleted all the forum's messages in the yopmail account so as to prevent the hacker from undoing my change password nor locking my account.

I also found similar threads regarding hacks and email address change using yopmail account. I even found one, which was hacked using the same IP address.

https://bitcointalk.org/index.php?topic=4678021.0   >> This one was hacked using the same IP address used in hacking my account.


https://bitcointalk.org/index.php?topic=4542446.0   >> In this thread, the account was also hacked by means of changing the email address with a temporary yopmail account.

Furthermore, I also used a google authenticator so as to help me in securing my email address.

Just quoting for reference. This could be a masterpiece for those who lost their accounts and the hacker used yopmail account.

This is quite unusual. I am leaving a comment here and will check for bug related to this information. Will update this thread and inform the admin if I find anything useful. Op, are you sure that there is no fault of yours in this hack like clicking any link in your mail box or so ?

Also, it is strongly recommended that you remove the security question completely from your account. Can anyone with similar hack conform if he was also using a security question in the account ?

Yes, I am sure that I did not click any link related or associated with the forum as I have been away for almost a week. With regards to the security question, as far as I can remember, I did put a security question before as I have a friend whose account was also hacked (but is not using yopmail).

Hi Swenna,

YES. This is the exact method I used to recover my account. About 4 weeks ago, it was hacked, and fortunately, I didn't clicked the link to blocked my account so the hacker/s login everyday. So I review the email I received and I found out that he/she uses yopmail as the new email so I created the same email yopmail address and change everything very quick. Good for us the hackers didn't change the email to someone secure. Sadly though the hacker/s spend all my remaining merits but its all good at least we were able to recover our accounts.

I suggest NOT using/adding security question on your btcointalk account
If I'm not mistaken, if you used it to recover your account you will end up with locked account instead
please cmiiw, I vaguely remember this fact :-\

It's a good thing OP reacts swiftly recovering his account instead of locking it
another user vyg_new (https://bitcointalk.org/index.php?topic=4542446.0) chose to lock his account and now he has to wait for admin to unlock and recover it for him

I know but we did not have this idea in mind until OP posted it here today. I wish we would know this before. Lots of members could save both of their time and account. I feel guilty that I suggested vyg_new and some others to do the same (lock the account for security). I hope they understand it.

Nice recover OP.
Noob question time. IF we use a virgin new email do we reduce the chance to be hacked?

Does not matter.
Always user very strong password for both email and BitcoinTalk account. This site helps me a lot: https://passwordsgenerator.net

For your email account - if it supports 2FA then you must use the 2FA. It's better not to talk about BitcoinTalk security info (2FA or any other method, they all got buried under topic creation/suggestion/conversation only, no practical steps yet unfortunately)

Yeah but if noone knows my mail, how can they change it to a new one?

Everyone knows my email (https://bitcointalk.org/index.php?topic=4221113.0): mdayonliner@gmail.com
Can you crack it? (LOL)
The worse someone can do is to flood my inbox with spam and that's all!
Like I said, it does not matter whether it's known or unknown email.

they just need to gain access (bruteforce, phishing, etc) to your forum account and change it
I think there is no email confirmation sent to your old email address to confirm email change :-\
so, a strong forum password is a must in this case
and of course a strong password on your email address too,
in case they know your email address and decide to hack it first to be able to gain access to your forum account (by using forgot password feature)

lucky you. i got panic after seeing my account got hacked, using the same yopmail email. and locked it right away. quite sure the useless mods will take forever to recover it

Yes, I should have just changed my email address ( obviously, its another account ) but this just happened me to but I did the "lock out".

How long does it typically take ? I contacted  theymos about it.

If you lock out your account, this method won't work. My account was in the possession of the hackers for the last 3 weeks, fortunately he didn't change the yopmail that's why I was lucky.

As for how long? Nobody knows, but looking at some old post, might take 6 months to a year.

Initially, I didn't want to share this steps because I don't want the hackers to know it and hope that others can "discover" the method how to outsmart the hacker. Hahahaha. However, since Swenna has spill the beans (for sure the intention is good), maybe it can help others recover back their account (don't immediately lock it).

I was actully quite hesitant about posting this, too. However, when I saw that there were other accounts that were hacked uaing the same procedures (and one with the same IP address used in mine) I decided to post it so I can help others and to spread awareness, too. One can never be too careful. It's a lesson well learned.