Bitcoin Forum

Today I checked my email as I normally do every day and I found 3 new emails directing me to reset my Bitcointalk password.
This has all been done from a single IP address: 46.221.6.183 located in Turkey.

My question is:
Can anyone activate password reset for any account with simple log-in attempt and is this a good reason to blacklist this IP address and ban it from forum as evil?

https://i.imgur.com/BYZ4svU.png

https://i.imgur.com/rDW3BSi.png

Newbie Tip:
Never click any email links and don't trust any email you receive.

PS
46.221.6.183 You are an idiot!



How Scammer tried to Hack my Bitcointalk and how to Protect yourself?
https://bitcointalk.org/index.php?topic=5173531

Don't click and activate two-factor authentication for your e-mail.

Yeah, as I said my first post:

I would like to invite people to examine my received and sent trust feedback and you will find the answer who tried this stupid hack.

Looks as if you are doing a good job here - keep up the good work.

btw, I added you to my trust list.

I would also disagree with you as it is enough to just enter 'username' and ask for password reset.
And this should be changed/removed to improve forum security.

https://i.imgur.com/pk2QmTh.png

be careful man somebody is seriously loaded

vodafone is mobile phone operatör  :( obviously a direct attack from turkey maybe mobile phone

change passwords,
no clicks,
get exchange and forum mails separate

I think we are on the right path. Someone (cr**ook) who has multiple accounts on this forum is very worried about our investigation senor. He tried to stop us by trying to hack your account. This blatant activities will not stop our efforts.

guys , there is a problem !!!!

These shared locations common areas,can be a zombie line. More than 10000 people per hour pass through the street in this place. Maybe more...

These are tourism areas, more than enough free wifi points available...

this is a zombie attack if the timing between two mail is 7 hours


https://i.ibb.co/VgPvws2/1.png

https://i.ibb.co/5Yps3xX/2.png

There was no hack attempt. Don’t worry about these emails. As explained, all someone did was put your username in the « Recovery password » screen, sending you the email. There is 0 things he can do with that. Even if you click the link, you will be one changing the password, and not him. He is the one who needs the link (which is on your email).

If you do the same with « theymos », is his account at risk? No.

It looks like your account will be fine if the password change link is not given to the IP owner.

It's just that there are idiots trying to change your password and enter your username so you get the link in your email.

Unless the forget password feature doesn't use a username, but using email might be difficult for idiots trying to change someone else's password.

Woah there, be careful when using the word 'Turkey' or 'Turkish' here as you might get accused of racism. Any use of that word that is included or associated with anything bad or negative will be taken by a lot of the Turks here as a smear against the entire country/peoples of Turkey regardless of facts. *braces for attack*.


Yeah, all you need is the username, or I believe the secret question if you have that set up. I wouldn't worry about mere emails as there's nothing they can do unless they have access to that so make sure it's as secure as possible.


Well they'd be pretty stupid to use their own IP to try hack, but there's nothing you can do about people using public wifi without blocking them but that would be unfair to all the others who use that connection innocently.

I agree with @TryNinja. Unless your address mail account is unsafe, this cannot be really called hack attempt.

What I'd add it's that it may have been something else:
1. Somebody wants to somehow warn/scare you.
2. Somebody wants even more drama related to Turkish users (https://bitcointalk.org/index.php?topic=5220060) of this forum.

But maybe I am thinking (way) too far...


PS. According to @hilariousetc, I may not thinking too far after all.  ;D


Edit: correction for clearness (address -> mail account)

Yes, I think think he is very stupid, as I exposed him for cheating and I am 100% sure he is from Turkey.
This is ongoing investigation, and I will do my best to expose him further.

Evil IPs are used all the time in Bitcointalk - so it is not a new concept, and this is evil IP.
He needs to pay if he wants to use this IP again



What address are you talking about?

When someone tries to reset your password 3 times from same IP address I call that a (stupid) hack attempt.

https://i.imgur.com/xfMINi7.png

Of course, nobody can prevent this. It is a good service to offer free service to the guests coming to the country. Everyone including me has already explained to the friend.

No need to worry as long as he maintains his email address...

I corrected with better wording. I was referring to your mail address/mail account. Without access to that one the so-called hacker can't do anything.
That's why I think that he may have been actually trying to trigger this kind of reaction, hence the rest of that post of mine.

It should be mentioned that this is not the first time something like this happened.
Here is one example of fake bitcointalk login page with turkish .tr origin address:

How Scammer tried to Hack my Bitcointalk and how to Protect yourself?
https://bitcointalk.org/index.php?topic=5173531

Read the answer from TryNinja, someone just teases you and wants to scare you, there is no real danger in the sense that someone can hack your account. To do this, he/she would first have to hack your email or your forum password, and even if someone has managed to do something like that if you have a signed BTC address access, the account will be returned to you.

One user is also have hacked account from Turkey (but this time really hacked) : https://bitcointalk.org/index.php?topic=5217251.0

Also, IP from Turkey does not mean that it is really about someone from that country, it can be VPN/proxy IP.

When you forget your password there are 2 options:
     - Use username/email to receive a password recovery link (if email is not compromised there is nothing to worry about... on the other hand you would not know if email is compromised until it's too late... but let's be optimistic here...all's good)
     - Use the secret question option and if you get the answer right your account will be blocked and you will be email-ing us to unlock it

Use a very strong secret question... or don't set up one at all !
TBH if your email is compromised I would assume the forum account might not be in top 3 worst worries at that time

I agree with NeuroticFish on the first part ... someone is trying to scare/warn/troll you.
Regarding the IP ... wouldn't take it at face value. VPN, Tor, Proxy.... chances are even the "hacker" didn't know what IP he was using :))

I would propose to use ONLY email in the password recovery tho. Seems safer and harder for account farmers !

P.S. Changed thread title for my post. May want to consider doing the same...

I know, I am not retarded.

Not the case here.
This user stupid moron is 100% from turkey.

https://i.imgur.com/GMfKzN2.jpg

because here there are already many who provide a complete solution I will only give a few strong password suggestions with a combination of uppercase letters, numbers and symbols and enable protection of phone number or authentication for your e-mail and use GMAIL with no other e-mail because GMAIL is more secure

This is the reason certain feedback should be cleared up, especially retaliatory and cursing feedback, maybe also the feedback from nuked users. (I know that doing this could create other problems, so I won't continue.)

If it hasn't been mentioned already, I don't think that ip can be banned. @theymos or other admins, if the one posting this thread looks similar then it'll be an ip used by many people (mine will be UK though) and it is definitely dynamically assigned afaik. So even if you ban one its unlikely they'll use it again.

Please do NOT spam yobit signature and gmail here, and don't give people bad advice to use one and only Gmail.

If you know, why are you still insisting that someone try to hack you in a way that is impossible to hack someone's account? The fact is that you have angered someone and that person is trying to get revenge on you, but you don't need to pay too much attention to it. The best way would be if you ignored the whole thing or reported it to the admin via PM.

I have some good advice for you, choose one of the two semifinals Croatia plays today, open a beer and enjoy ;)

I am not insisting anything, and thank you for your advice.

It is very much possible to use this tactics + sending PM to user to hack them, as I showed in previous example from turkey:
https://bitcointalk.org/index.php?topic=5173531

I did not click any links in email or PM, but some newbie user can easily do it. 

is this a war between hackers? or is it merely a hatred between the two parties !? if you have a good solution continue and don't hesitate because you are defending your own account, continue!

How is your comment is contributing to the context and the overall thread? Are you seriously that desperate to trigger an attempt to beat the dead horse for your signature campaign? Have you even read the thread from the beginning? Tsk.

OP, getting a "did you forget your password?" mail from Bitcointalk or anywhere for what it's worth, does not mean you are hacked or it is an attempt for you get hacked. IP masking with VPNs or just straight out stealing domains, hacking the hosts (for your second one) is really easy. Brigading won't get you anywhere.

I am done talking about this but I am not going anywhere.

Anyone can examine this account (including moderators) and all his connected farmed accounts for BAN evasion:
https://bitcointalk.org/index.php?action=trust;u=2649164

Please read trust feedback and check reference link.
More interesting stuff coming soon.... stay tuned

PS
For experts pleasure only, I edited topic title