Bitcoin Forum

Other => Meta => Topic started by: random_australian on May 01, 2020, 12:05:31 PM



Title: Someone hacked my 2013 account, anyway to get it back?
Post by: random_australian on May 01, 2020, 12:05:31 PM
I was on here a lot way back when, I stopped using it for while, went to log in and found my password didn't work, and when I tried a reset it didn't go to my email. Anyway it can be returned to the original email address? I'm guessing not, but thought it was worth asking, especially because I figure the only reason for people to still an old account on a board like this is to use to scam people.


Title: Re: Someone hacked my 2013 account, anyway to get it back?
Post by: OmegaStarScream on May 01, 2020, 12:15:28 PM
Can you provide a signed message from an address you posted prior to the hack? If so, see this: https://bitcointalk.org/index.php?topic=5089777.0

I'm guessing not, but thought it was worth asking, especially because I figure the only reason for people to still an old account on a board like this is to use to scam people.

Can you share the account's username?


Title: Re: Someone hacked my 2013 account, anyway to get it back?
Post by: random_australian on May 01, 2020, 12:34:40 PM
The username is room101 ( Big 1984 fan in 2013 I guess :) )

My last post was July 2017, in October it switched to all Cyrillic? posts I think, but yeah, it could have been anyone, I stupidly reused a password that is now on haveibeenpwnd It's not a huge deal, just wanted to buy a Casascius on the Collectibles board, and figured a 0 post account would not look as believable as my old one.

Not sure if I posted any addresses, I usually try to avoid doing that just as basic OPSEC, but I'll dig through all the old messages, it's an excellent idea I should of thought of it, thanks!

My apologies for not posting on Meta, I realised as soon as I posted, and tried to ask for someone to move it there, but was foiled by the new account post timing limits. A tiny bit ironic I think.


Title: Re: Someone hacked my 2013 account, anyway to get it back?
Post by: Pffrt on May 01, 2020, 12:54:31 PM
https://bitcointalk.org/index.php?action=profile;u=129815
That's your account? You can try to recover your account by following the above linked thread.


My apologies for not posting on Meta, I realised as soon as I posted, and tried to ask for someone to move it there, but was foiled by the new account post timing limits. A tiny bit ironic I think.
You yourself can move the thread into meta for getting attention. Check below of this thread and you will get the opt to move the thread.


Title: Re: Someone hacked my 2013 account, anyway to get it back?
Post by: rhomelmabini on May 01, 2020, 01:03:41 PM
This really belongs to Meta. I've reported it so that mods will take action.

This link is the last post you posted your own Bitcoin address before I guess it's been hacked https://bitcointalk.org/index.php?topic=1574127.msg15807155#msg15807155 if you can somehow signed a message on that then there's a high chance you'll get your account back. Just follow the link OmegaStarScream just given and do follow also the instructions there.


Title: Re: Someone hacked my 2013 account, anyway to get it back?
Post by: Krislaw on May 01, 2020, 01:17:14 PM
The username is room101 ( Big 1984 fan in 2013 I guess :) )

My last post was July 2017, in October it switched to all Cyrillic? posts I think, but yeah, it could have been anyone, I stupidly reused a password that is now on haveibeenpwnd It's not a huge deal, just wanted to buy a Casascius on the Collectibles board, and figured a 0 post account would not look as believable as my old one.

Not sure if I posted any addresses, I usually try to avoid doing that just as basic OPSEC, but I'll dig through all the old messages, it's an excellent idea I should of thought of it, thanks!

My apologies for not posting on Meta, I realised as soon as I posted, and tried to ask for someone to move it there, but was foiled by the new account post timing limits. A tiny bit ironic I think.

You should take action now by signing a message from the address here https://bitcointalk.org/index.php?topic=1574127.msg15807155#msg15807155
Archive (https://archive.is/0x0Xn) 1FrvANzkcgWvCuVFyfphbDNHbYUMfysd4K by messaging forum support. If you need more help, follow this topic https://bitcointalk.org/index.php?topic=5089777.0.


Title: Re: Someone hacked my 2013 account, anyway to get it back?
Post by: Upgrade00 on May 01, 2020, 02:28:10 PM
Did you include a secret question option when creating your account? You can try to recover the account using that, this action would get the account locked and the hacker would not have access to it while you wait for the recovery process to be completed.
Having a signed message is not a prerequisite for accounts' recoveries, but it will quicken the process and convince users to leave negative ratings warning users not to deal with such accounts.


Title: Re: Someone hacked my 2013 account, anyway to get it back?
Post by: Rohan Kotkar on May 02, 2020, 09:16:57 AM
If you are sure your account was hacked and you were not the recent one handling that account than I fear to say that you have lost your account. In the year 2013, there was a breach and millions of forum accounts were been hacked. Even if you had security question, it might have made it a lot easier for the hacker to get acess to your account. Also, if you had a simple password than the chances would have been way lot higher that your account is hacked as the hacker had the password hashes in sha256script.

All you can do is report the account and try contacting admins with signed message from the address mentioned by @krislaw. Atleast you can lock the account if you are not given acess again because it is important that the account should not be used to scam anyone as you might be the suspect behind happing anything similar.

I suspect your account is hacked by referring this thread posted by theymos: https://bitcointalk.org/index.php?topic=1067985.0


Title: Re: Someone hacked my 2013 account, anyway to get it back?
Post by: taufik123 on May 02, 2020, 01:48:08 PM
The account has been inactive for a long time and it's been almost a year on November 26, 2019.

And you said that you last opened it and posted in 2017.

If indeed the account was hacked by someone else and then the email and password were changed, of course it will appear in the Mod Log section in Bpip (https://bpip.org).

But there is no notification of changes to email and password.

https://bpip.org/profile.aspx?id=129815

https://i.postimg.cc/TYcYjzH4/Screenshot-25.jpg
Code:
Security/Moderator Log
11/16/2018 4:22:08 AM woke up
11/26/2019 9:55:28 AM woke up

if you really own the account you must be able to prove ownership with the signed Bitcoin Address message that you have posted and the primary email that the account has. if these conditions cannot be met, then the account will not be able to be opened again.


Title: Re: Someone hacked my 2013 account, anyway to get it back?
Post by: acroman08 on May 02, 2020, 02:34:04 PM
The account has been inactive for a long time and it's been almost a year on November 26, 2019.

And you said that you last opened it and posted in 2017.

If indeed the account was hacked by someone else and then the email and password were changed, of course it will appear in the Mod Log section in Bpip (https://bpip.org).

But there is no notification of changes to email and password.

https://bpip.org/profile.aspx?id=129815

https://i.postimg.cc/TYcYjzH4/Screenshot-25.jpg
Code:
Security/Moderator Log
11/16/2018 4:22:08 AM woke up
11/26/2019 9:55:28 AM woke up

if you really own the account you must be able to prove ownership with the signed Bitcoin Address message that you have posted and the primary email that the account has. if these conditions cannot be met, then the account will not be able to be opened again.

as far as I know, bpip didn't record anything(like password change, email change etc..) before it was launched and the OP said that his last post was July 2017. and his theory is that his account was hacked around October (that same year) since in the post history it shows that the language being used change from English to Cyrillic. the OP's only option to prove that he owns the account is to sign a message using the address provided by krislaw which was found on the OP's post history.


Title: Re: Someone hacked my 2013 account, anyway to get it back?
Post by: random_australian on May 02, 2020, 11:33:45 PM
-----BEGIN BITCOIN SIGNED MESSAGE-----
My account Room101 has been hacked/lost. Please reset the email to ########### ( The original account email I signed up with) The current date is 3rd May 2020
-----BEGIN SIGNATURE-----
1FrvANzkcgWvCuVFyfphbDNHbYUMfysd4K
IGxvg1b3xa6K8LdStR6hG/hoJedNQr9vB+JjXml2GZq3P78EA3BU9znKxG2LY0e6pzNc+peysP2n8Fb98ZA83Cw=
-----END BITCOIN SIGNED MESSAGE-----

Here is the unedited post where I posted that address: https://bitcointalk.org/index.php?topic=1574127.msg15807155#msg15807155

Can someone please check I signed correctly. By some miracle I found the old account.

Thanks everyone for you help. Now to find a nice mint 2011 Casascius!

EDIT: Just wanted to confirm it was OK if I didn't actually put anything in the message field of the above signature. I just used the bitcoin address and signed a blank message. So in Bitcoin Core, you are verifying a blank message against with the above signature against the above address

EDIT2: It just occurred to me unless you specify the date in the message being signed you could just be pasting a signature someone posted years ago. I have sent support a signed message with date and email, I don't want to post it here for obvious reasons, but I'm pretty sure it worked correctly. Thank you so much everyone for all your help, as soon as I get back in I'll send you all some merit, I appreciate you taking the time!


Title: Re: Someone hacked my 2013 account, anyway to get it back?
Post by: rhomelmabini on May 03, 2020, 12:27:41 AM
<....>
I use this tool https://tools.qz.sg/ online since I am on my mobile but somehow it shows the signature is not valid. Can anyone verify it using Electrum or any other tools to prove that it is indeed correct?

I used this too https://reinproject.org/bitcoin-signature-tool/ but it still shows me the same output.


Title: Re: Someone hacked my 2013 account, anyway to get it back?
Post by: random_australian on May 03, 2020, 12:43:53 AM
Yeah bitcoin core seems to verify blank messages OK, the above don't though, and I don't want to post my email. Try this:

-----BEGIN BITCOIN SIGNED MESSAGE-----
random_australian is Room101 3rd May 2020
-----BEGIN SIGNATURE-----
1FrvANzkcgWvCuVFyfphbDNHbYUMfysd4K
HzvmlD4BCm3190RJ/8P0BGxzSHaAGeVbYJLmizj3TZlnVDBWvOI6wnKkurkp+wMn3wjtxZ/zJM3Sp13Ri7nQi2c=
-----END BITCOIN SIGNED MESSAGE-----


Title: Re: Someone hacked my 2013 account, anyway to get it back?
Post by: Veleor on May 03, 2020, 01:46:17 AM
1FrvANzkcgWvCuVFyfphbDNHbYUMfysd4K
Archive (https://archive.vn/0x0Xn#selection-4685.0-4685.7)

Yeah bitcoin core seems to verify blank messages OK, the above don't though, and I don't want to post my email. Try this:

-----BEGIN BITCOIN SIGNED MESSAGE-----
random_australian is Room101 3rd May 2020
-----BEGIN SIGNATURE-----
1FrvANzkcgWvCuVFyfphbDNHbYUMfysd4K
HzvmlD4BCm3190RJ/8P0BGxzSHaAGeVbYJLmizj3TZlnVDBWvOI6wnKkurkp+wMn3wjtxZ/zJM3Sp13Ri7nQi2c=
-----END BITCOIN SIGNED MESSAGE-----
Verified (https://brainwalletx.github.io/#verify?vrAddr=1FrvANzkcgWvCuVFyfphbDNHbYUMfysd4K&vrMsg=random_australian%20is%20Room101%203rd%20May%202020&vrSig=HzvmlD4BCm3190RJ%2F8P0BGxzSHaAGeVbYJLmizj3TZlnVDBWvOI6wnKkurkp%2BwMn3wjtxZ%2FzJM3Sp13Ri7nQi2c%3D) and Archive (https://archive.md/RmFNd#selection-7021.0-7021.17)



The "Room101" profile, apparently, from October 2017 passed to the farmer who bumping topics using a group of accounts: HappyScamp (https://bitcointalk.org/index.php?action=profile;u=79231), miTgiB (https://bitcointalk.org/index.php?action=profile;u=80719), evilscoop (https://bitcointalk.org/index.php?action=profile;u=98209), Room101 (https://bitcointalk.org/index.php?action=profile;u=129815), naRky (https://bitcointalk.org/index.php?action=profile;u=130822), BongaManollo (https://bitcointalk.org/index.php?action=profile;u=147643), hansolo93 (https://bitcointalk.org/index.php?action=profile;u=162071).
Because all these profiles have changed passwords within 20 minutes and after that they began spamming at the same Russian ANN topic (https://bitcointalk.org/index.php?topic=2276091.140).

Code:
October 10, 2017, 02:02:24 PM - hansolo93 - password changed
October 10, 2017, 01:58:00 PM - BongaManollo - password changed
October 10, 2017, 01:56:34 PM - naRky - password changed
October 10, 2017, 01:53:38 PM - Room101 - password changed
October 10, 2017, 01:50:27 PM - evilscoop - password changed
October 10, 2017, 01:48:19 PM - miTgiB - password changed
October 10, 2017, 01:45:45 PM - HappyScamp - password changed
Archive (https://archive.md/Za1US#selection-23931.0-23931.16)


Title: Re: Someone hacked my 2013 account, anyway to get it back?
Post by: rhomelmabini on May 03, 2020, 02:13:37 AM
To random_australian I confirmed as well that the address has been verified and I guess sooner or later you may get your account back on you and since you already sent message to support your account now is on queued for recovery.


Title: Re: Someone hacked my 2013 account, anyway to get it back?
Post by: random_australian on May 03, 2020, 02:41:39 AM
Thanks everyone, much appreciated :)


Title: Re: Someone hacked my 2013 account, anyway to get it back?
Post by: Room101 on May 13, 2020, 12:44:07 PM
It's mine again :) Thanks again everyone, I appreciate it :)


Title: Re: Someone hacked my 2013 account, anyway to get it back?
Post by: nutildah on May 13, 2020, 12:48:44 PM
You'll probably want to PM veleor and ask him to remove your negative feedback (https://bitcointalk.org/index.php?action=trust;u=129815) (he noticed your account had changed hands).


Title: Re: Someone hacked my 2013 account, anyway to get it back?
Post by: Room101 on May 13, 2020, 12:59:41 PM
You'll probably want to PM veleor and ask him to remove your negative feedback (https://bitcointalk.org/index.php?action=trust;u=129815) (he noticed your account had changed hands).

Excellent idea, thanks :)


Title: Re: Someone hacked my 2013 account, anyway to get it back?
Post by: rhomelmabini on May 13, 2020, 01:11:08 PM
Welcome back Room101!


Title: Re: Someone hacked my 2013 account, anyway to get it back?
Post by: Room101 on May 13, 2020, 01:15:29 PM
Welcome back Room101!

Thanks!

Can anyone tell me the best place to post an un-editable address, so if this happens again, and next time the thief is smart enough to delete the one address I had posted, I can get it back? Much longer password this time, so should be harder to get my password if the forum is hacked again, but better safe than sorry!


Title: Re: Someone hacked my 2013 account, anyway to get it back?
Post by: mole0815 on May 13, 2020, 01:40:09 PM
It's mine again :) Thanks again everyone, I appreciate it :)

Congratulations on getting your account back.
Now there are only two things that are urgent.

Get the negative rating removed and post this screenshot:
https://abload.de/img/unbenanntk9jli.png
here -> Save your nice merit records, here (https://bitcointalk.org/index.php?topic=5171113.0) ;D


Title: Re: Someone hacked my 2013 account, anyway to get it back?
Post by: acroman08 on May 13, 2020, 07:25:15 PM
Welcome back Room101!

Thanks!

Can anyone tell me the best place to post an un-editable address, so if this happens again, and next time the thief is smart enough to delete the one address I had posted, I can get it back? Much longer password this time, so should be harder to get my password if the forum is hacked again, but better safe than sorry!

Congrats on getting your account back!

you can just post a signed message on Stake your Bitcoin address here (https://bitcointalk.org/index.php?topic=996318.0) and ask someone to quote and verify your address. that's the easiest way I know and you can archive the post you made on that thread for extra precaution.


Title: Re: Someone hacked my 2013 account, anyway to get it back?
Post by: Last of the V8s on May 31, 2020, 01:37:41 PM
Snooped a bit ;D. Nice to have you back! Good posts so far, thank you. Get a hat? ask in WO or pm xhomerx10 with a picture to be made into one.


Title: Re: Someone hacked my 2013 account, anyway to get it back?
Post by: iamsheikhadil on May 31, 2020, 04:53:29 PM
You just got your legacy back! Congratulations! Glad for ya! Having a senior member account back is like getting back a lost diamond! Welcome back Room101, hope you will enjoy your stay here after such long time ;)


Title: Re: Someone hacked my 2013 account, anyway to get it back?
Post by: Mrengage on May 31, 2020, 07:38:19 PM
I was on here a lot way back when, I stopped using it for while, went to log in and found my password didn't work, and when I tried a reset it didn't go to my email. Anyway it can be returned to the original email address? I'm guessing not, but thought it was worth asking, especially because I figure the only reason for people to still an old account on a board like this is to use to scam people.

Please always try to cross check your sentence before posting for a better understanding of what you are saying tho I get what you mean but look at your error here:
Quote
because I figure the only reason for people to still an old account on a board like this is to use to scam people.

I believe you were to say STEAL so correct it. 👍