Bitcoin Forum

Other => Off-topic => Topic started by: corather on June 22, 2014, 05:50:35 AM



Title: So you with the IP address of 77.95.231.11
Post by: corather on June 22, 2014, 05:50:35 AM
You can stop trying to hack my crypto currency accounts, you're going to fail. I've notified snelis and the trading houses you tried to hack into.

Code:
C:\Windows\system32>tracert 77.95.231.11

Tracing route to hosted-by.snelis.com [77.95.231.11]
over a maximum of 30 hops:


 13   114 ms   113 ms   114 ms  ae-43-43.ebr2.London1.Level3.net [4.69.137.73]
 14   118 ms   123 ms   124 ms  ae-58-223.csw2.London1.Level3.net [4.69.153.138]
 15   112 ms   114 ms   116 ms  ae-231-3607.edge4.London1.Level3.net [4.69.166.25]
 16   124 ms   122 ms   121 ms  interactive.edge4.London1.Level3.net [212.113.8.46]
 17   121 ms   121 ms   145 ms  80ge.br2-cr1.smartdc.rtd.i3d.net [188.122.95.84]
 18   121 ms   121 ms   121 ms  hosted-by.snelis.com [77.95.231.11]

Trace complete.



Title: Re: So you with the IP address of 77.95.231.11
Post by: bryant.coleman on June 22, 2014, 06:05:15 AM
So someone tried to hack in to your Bitcoin wallet? How did you traced this IP? I couldn't understand a large part of this post. Can some tech savvy users help me by explaining this post?


Title: Re: So you with the IP address of 77.95.231.11
Post by: corather on June 22, 2014, 06:55:55 AM
So someone tried to hack in to your Bitcoin wallet? How did you traced this IP? I couldn't understand a large part of this post. Can some tech savvy users help me by explaining this post?

They attempted to log into two of the trading sites I frequent. The trading sites emailed the IP, tracert shows the IP's origination.


Title: Re: So you with the IP address of 77.95.231.11
Post by: shorena on June 22, 2014, 07:37:05 AM
So someone tried to hack in to your Bitcoin wallet? How did you traced this IP? I couldn't understand a large part of this post. Can some tech savvy users help me by explaining this post?

They attempted to log into two of the trading sites I frequent. The trading sites emailed the IP, tracert shows the IP's origination.

Which most likely is a tor exit node.

Quote
​SnelServer does not mention anything about Tor or similar software being run on their servers but after sending an email, they have said customers are welcome to run any software they wish on their servers which is legal in the Netherlands and abuse complaints must be responded to within 24 hours or the system automatically suspends your account until you do. Very reasonable pricing for dedicated servers and I personally run 5 exit nodes with them (350mbps +/- 100mbps) and have had no problems. I would recommend using Tor's boilerplate response for abuse notices. Very reliable network, great support staff, reasonable prices (79 Euro for 20TB out, unlimited traffic in on a dual core dedicated) and they also accept Bitcoin although you do need to submit ID documentation if you plan on purchasing more than 5 servers. (2014)

source: https://trac.torproject.org/projects/tor/wiki/doc/GoodBadISPs

and will get you not a single step closer. Whoever is attacking you might not even know that this is the IP the attack is coming from.

Make sure you have secure passwords (might want to change them) and 2FA where possible.


Title: Re: So you with the IP address of 77.95.231.11
Post by: ranochigo on June 22, 2014, 07:45:35 AM
You can stop trying to hack my crypto currency accounts, you're going to fail. I've notified snelis and the trading houses you tried to hack into.

Code:
C:\Windows\system32>tracert 77.95.231.11

Tracing route to hosted-by.snelis.com [77.95.231.11]
over a maximum of 30 hops:


 13   114 ms   113 ms   114 ms  ae-43-43.ebr2.London1.Level3.net [4.69.137.73]
 14   118 ms   123 ms   124 ms  ae-58-223.csw2.London1.Level3.net [4.69.153.138]
 15   112 ms   114 ms   116 ms  ae-231-3607.edge4.London1.Level3.net [4.69.166.25]
 16   124 ms   122 ms   121 ms  interactive.edge4.London1.Level3.net [212.113.8.46]
 17   121 ms   121 ms   145 ms  80ge.br2-cr1.smartdc.rtd.i3d.net [188.122.95.84]
 18   121 ms   121 ms   121 ms  hosted-by.snelis.com [77.95.231.11]

Trace complete.


Unfortunately, it is a tor node. https://www.dan.me.uk/torcheck?ip=77.95.231.11
Why don't you limit the login to your own IP address and on two factor authentication.


Title: Re: So you with the IP address of 77.95.231.11
Post by: Nobitcoin on June 22, 2014, 08:16:04 AM
You never know could be your neighbour  ;D


Title: Re: So you with the IP address of 77.95.231.11
Post by: corather on June 22, 2014, 08:25:04 AM
You can stop trying to hack my crypto currency accounts, you're going to fail. I've notified snelis and the trading houses you tried to hack into.

Code:
C:\Windows\system32>tracert 77.95.231.11

Tracing route to hosted-by.snelis.com [77.95.231.11]
over a maximum of 30 hops:


 13   114 ms   113 ms   114 ms  ae-43-43.ebr2.London1.Level3.net [4.69.137.73]
 14   118 ms   123 ms   124 ms  ae-58-223.csw2.London1.Level3.net [4.69.153.138]
 15   112 ms   114 ms   116 ms  ae-231-3607.edge4.London1.Level3.net [4.69.166.25]
 16   124 ms   122 ms   121 ms  interactive.edge4.London1.Level3.net [212.113.8.46]
 17   121 ms   121 ms   145 ms  80ge.br2-cr1.smartdc.rtd.i3d.net [188.122.95.84]
 18   121 ms   121 ms   121 ms  hosted-by.snelis.com [77.95.231.11]

Trace complete.


Unfortunately, it is a tor node. https://www.dan.me.uk/torcheck?ip=77.95.231.11
Why don't you limit the login to your own IP address and on two factor authentication.

Thanks for looking into that.


Title: Re: So you with the IP address of 77.95.231.11
Post by: shorena on June 22, 2014, 08:35:21 AM
You can stop trying to hack my crypto currency accounts, you're going to fail. I've notified snelis and the trading houses you tried to hack into.

Code:
C:\Windows\system32>tracert 77.95.231.11

Tracing route to hosted-by.snelis.com [77.95.231.11]
over a maximum of 30 hops:


 13   114 ms   113 ms   114 ms  ae-43-43.ebr2.London1.Level3.net [4.69.137.73]
 14   118 ms   123 ms   124 ms  ae-58-223.csw2.London1.Level3.net [4.69.153.138]
 15   112 ms   114 ms   116 ms  ae-231-3607.edge4.London1.Level3.net [4.69.166.25]
 16   124 ms   122 ms   121 ms  interactive.edge4.London1.Level3.net [212.113.8.46]
 17   121 ms   121 ms   145 ms  80ge.br2-cr1.smartdc.rtd.i3d.net [188.122.95.84]
 18   121 ms   121 ms   121 ms  hosted-by.snelis.com [77.95.231.11]

Trace complete.


Unfortunately, it is a tor node. https://www.dan.me.uk/torcheck?ip=77.95.231.11
Why don't you limit the login to your own IP address and on two factor authentication.

Thanks for looking into that.



Do not limit login to a certain IP unless you pay your ISP for that IP. There was a thread not that long ago where someone lost access to an account because of that. You might assume that you allways have the same IP because your ISP didnt change it for a week or two, but unless you pay for a dedicated IP it can change any seconds.


Title: Re: So you with the IP address of 77.95.231.11
Post by: ranochigo on June 22, 2014, 08:50:17 AM
You can stop trying to hack my crypto currency accounts, you're going to fail. I've notified snelis and the trading houses you tried to hack into.

Code:
C:\Windows\system32>tracert 77.95.231.11

Tracing route to hosted-by.snelis.com [77.95.231.11]
over a maximum of 30 hops:


 13   114 ms   113 ms   114 ms  ae-43-43.ebr2.London1.Level3.net [4.69.137.73]
 14   118 ms   123 ms   124 ms  ae-58-223.csw2.London1.Level3.net [4.69.153.138]
 15   112 ms   114 ms   116 ms  ae-231-3607.edge4.London1.Level3.net [4.69.166.25]
 16   124 ms   122 ms   121 ms  interactive.edge4.London1.Level3.net [212.113.8.46]
 17   121 ms   121 ms   145 ms  80ge.br2-cr1.smartdc.rtd.i3d.net [188.122.95.84]
 18   121 ms   121 ms   121 ms  hosted-by.snelis.com [77.95.231.11]

Trace complete.


Unfortunately, it is a tor node. https://www.dan.me.uk/torcheck?ip=77.95.231.11
Why don't you limit the login to your own IP address and on two factor authentication.

Thanks for looking into that.



Do not limit login to a certain IP unless you pay your ISP for that IP. There was a thread not that long ago where someone lost access to an account because of that. You might assume that you allways have the same IP because your ISP didnt change it for a week or two, but unless you pay for a dedicated IP it can change any seconds.
Yeah, I forgot to say that as my IP is always dedicated without any charges.


Title: Re: So you with the IP address of 77.95.231.11
Post by: S4VV4S on June 22, 2014, 09:01:33 AM
It only costs €2 per month to have a dedicated IP where I live.

And €2 is definitely worth it.


Title: Re: So you with the IP address of 77.95.231.11
Post by: jabo38 on June 22, 2014, 10:34:24 AM
If I ever get enough money, that static IP thing sounds great!

My accounts don't have much in them in my opinion for a hacker to warrant attacking, but I still wonder. 

I use 2FA wherever possible.  That should be enough to keep me safe, right?


Title: Re: So you with the IP address of 77.95.231.11
Post by: bryant.coleman on June 22, 2014, 11:07:12 AM
OK... so someone tried to hack to your crypto-trading accounts using TOR browser. Now I understood. But isn't there an option in these trading accounts, to block requests and log-in attempts from the TOR browser? In Blockchain.info there is such an option.


Title: Re: So you with the IP address of 77.95.231.11
Post by: ranochigo on June 22, 2014, 11:08:58 AM
If I ever get enough money, that static IP thing sounds great!

My accounts don't have much in them in my opinion for a hacker to warrant attacking, but I still wonder. 

I use 2FA wherever possible.  That should be enough to keep me safe, right?

Probably, unless your phone is hacked by the hacker who is attempting logins into your account which is unlikely. Choose a strong password and 2FA should be secure enough.


Title: Re: So you with the IP address of 77.95.231.11
Post by: S4VV4S on June 22, 2014, 11:09:22 AM
OK... so someone tried to hack to your crypto-trading accounts using TOR browser. Now I understood. But isn't there an option in these trading accounts, to block requests and log-in attempts from the TOR browser? In Blockchain.info there is such an option.

^^^^ That is why I believe blockchain is the most secure online wallet in existence.
Most reliable too.


Title: Re: So you with the IP address of 77.95.231.11
Post by: picobit on June 22, 2014, 11:17:25 AM
It only costs €2 per month to have a dedicated IP where I live.

And €2 is definitely worth it.

There have been cases of people having their static IP changed anyway.  Typically some error on the ISPs side.  Be prepared to have a secondary way to access your account if this happens to you (or your ISP goes broke, or you change ISP, or you suddenly need to move, or ...)



Title: Re: So you with the IP address of 77.95.231.11
Post by: franky1 on June 22, 2014, 11:20:19 AM
if someone is trying to hack more then one exchange, using your username then please think about this.

random attacks normally try one site and do it with multiple users (exchanges would see a form off login DDOS type thing). yet from what i can see this is an attempt of someone trying all known sites you use using your username..

.. i suspect this to be someone targetting you specifically.

thn ask yourself how does he know your username and al the sites you use?

.. i bet its either
someone you know/been chatting to
someone who has put a trojan on your computer via a altcoin wallet or other crypto based software that you haven't verified the source of.

so when did this start happening and within that day to a week prior what software that is at all related to crypto-currencies or given links to by someone in the community to download something.

lastly what services have you signed up for in the week prior to the attack.

there are rumours of websites which have "coming soon" with a registration page (hoping people type in usernames and passwords they use on exchanges)

have you signed up to any of these "coming soon" sites

if you use the same username on all trading sites, then its hard to narrow down if its bing hacked by trojan, known acquaintance, info gleamed from a "coming soon" website.

but if usernames differ and attack happened using different usernames then its more likely a trojan. if you have different usernames but attacks only happen on sites of a single username then its either from a phishing site or social engineering attempt


Title: Re: So you with the IP address of 77.95.231.11
Post by: S4VV4S on June 22, 2014, 11:24:56 AM
It only costs €2 per month to have a dedicated IP where I live.

And €2 is definitely worth it.

There have been cases of people having their static IP changed anyway.  Typically some error on the ISPs side.  Be prepared to have a secondary way to access your account if this happens to you (or your ISP goes broke, or you change ISP, or you suddenly need to move, or ...)



I don't have a static IP, but if I ever do I will take your advice into serious consideration.

Thanks  :)


Title: Re: So you with the IP address of 77.95.231.11
Post by: bryant.coleman on June 22, 2014, 11:48:35 AM
^^^^ That is why I believe blockchain is the most secure online wallet in existence.
Most reliable too.

Yes... Blockchain is the most reliable wallet right now. It is easier and simpler to use as well as to take backup. Other wallets don't have as many features as Blockchain offers. But recently there have been a lot of robberies going on in Blockchain wallets, all of them caused by phishing sites. So be careful when you log-in to Blockchain.


Title: Re: So you with the IP address of 77.95.231.11
Post by: S4VV4S on June 22, 2014, 12:14:18 PM
^^^^ That is why I believe blockchain is the most secure online wallet in existence.
Most reliable too.

Yes... Blockchain is the most reliable wallet right now. It is easier and simpler to use as well as to take backup. Other wallets don't have as many features as Blockchain offers. But recently there have been a lot of robberies going on in Blockchain wallets, all of them caused by phishing sites. So be careful when you log-in to Blockchain.

I said I believe it's the most reliable, I didn't say I use it ;)

I don't have much coins, (in fact I cannot use the plural word for it), but if I was to use an online wallet blockchain will be it.

But thank you for your advice :)
Much appreciated :)


Title: Re: So you with the IP address of 77.95.231.11
Post by: thecoindoctor on June 22, 2014, 12:42:22 PM
You can stop trying to hack my crypto currency accounts, you're going to fail. I've notified snelis and the trading houses you tried to hack into.

Code:
C:\Windows\system32>tracert 77.95.231.11

Tracing route to hosted-by.snelis.com [77.95.231.11]
over a maximum of 30 hops:


 13   114 ms   113 ms   114 ms  ae-43-43.ebr2.London1.Level3.net [4.69.137.73]
 14   118 ms   123 ms   124 ms  ae-58-223.csw2.London1.Level3.net [4.69.153.138]
 15   112 ms   114 ms   116 ms  ae-231-3607.edge4.London1.Level3.net [4.69.166.25]
 16   124 ms   122 ms   121 ms  interactive.edge4.London1.Level3.net [212.113.8.46]
 17   121 ms   121 ms   145 ms  80ge.br2-cr1.smartdc.rtd.i3d.net [188.122.95.84]
 18   121 ms   121 ms   121 ms  hosted-by.snelis.com [77.95.231.11]

Trace complete.


Lol unlucky to the guy with that IP unless he changes it. However this is probably against the rules posting his IP here. It's invading privacy.


Title: Re: So you with the IP address of 77.95.231.11
Post by: S4VV4S on June 22, 2014, 12:49:09 PM
You can stop trying to hack my crypto currency accounts, you're going to fail. I've notified snelis and the trading houses you tried to hack into.

Code:
C:\Windows\system32>tracert 77.95.231.11

Tracing route to hosted-by.snelis.com [77.95.231.11]
over a maximum of 30 hops:


 13   114 ms   113 ms   114 ms  ae-43-43.ebr2.London1.Level3.net [4.69.137.73]
 14   118 ms   123 ms   124 ms  ae-58-223.csw2.London1.Level3.net [4.69.153.138]
 15   112 ms   114 ms   116 ms  ae-231-3607.edge4.London1.Level3.net [4.69.166.25]
 16   124 ms   122 ms   121 ms  interactive.edge4.London1.Level3.net [212.113.8.46]
 17   121 ms   121 ms   145 ms  80ge.br2-cr1.smartdc.rtd.i3d.net [188.122.95.84]
 18   121 ms   121 ms   121 ms  hosted-by.snelis.com [77.95.231.11]

Trace complete.


Lol unlucky to the guy with that IP unless he changes it. However this is probably against the rules posting his IP here. It's invading privacy.

I am guessing the "doctor" didn't read the entire thread......


Title: Re: So you with the IP address of 77.95.231.11
Post by: LiteCoinGuy on June 22, 2014, 12:50:14 PM
sorry, i will stop  :P