|
Title: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Aurum on August 14, 2014, 11:39:50 PM http://pastebin.com/KaWsDgdq (http://pastebin.com/KaWsDgdq)
Bitcoin.de are on him pack. That sucks. Are we need to always make new password? :) Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: oceans on August 15, 2014, 12:26:08 AM With anything no matter what it is a password update should always be compulsory at least once every few weeks to a month if possible to ensure your accounts are safe and this is one prime example as to why.
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: bornil267645 on August 15, 2014, 12:29:33 AM It's one of the basic rule for all the newcomers out there, "CHANGE THE PASSWORD REGULARLY"
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Hfleer on August 15, 2014, 12:37:38 AM They might have got their hands on the 3 crap sites, but nearly no way they got access to bitcoin.de (i think)
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: cryptworld on August 15, 2014, 12:37:39 AM this sites leaks are really bad for bitcoin world
databases security of these sites should be hardly improved Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: bitsmichel on August 15, 2014, 12:40:18 AM http://pastebin.com/KaWsDgdq (http://pastebin.com/KaWsDgdq) Bitcoin.de are on him pack. That sucks. Are we need to always make new password? :) Yes, because in most cases today passwords are not hashed in the database. Companies do not take security seriously - that's why hacking pays off. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: juju on August 15, 2014, 12:40:53 AM http://pastebin.com/KaWsDgdq (http://pastebin.com/KaWsDgdq) Bitcoin.de are on him pack. That sucks. Are we need to always make new password? :) The only one that seems big is the freebitco.in, Never use the same password on any site, and never make it anything meaningful. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Aurum on August 15, 2014, 12:44:20 AM 3 Crap sites?
freecoinworld, i download there and have 2500 members emails with md5 password and btc address :) freecoinworld.com site is off and showing a page explaining them are hacked. Auroracoin them add some minutes ago on same pastebin. i extract the emails and 1500+ members, i test 10 emails and no one is same freecoinworld.com. Fuck man i member on past from makebtc.org, and for my surprise my email are on it :) I think sure them have the bitcoin.de members details, nothing in this world is impossible to hack. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: p2pbucks on August 15, 2014, 02:03:53 AM sorry for hear that , i have account on bitcoin.de . so what're the compromised bitcoin websites doing now,hope they didn't store passwd in plaintext ;D.
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Aurum on August 15, 2014, 02:20:23 AM Oh him update the paste with the bitcoin.de and freebitco.in files, but it's coded by password for only who make the payment.
Someone is good here with zip password crack? :D Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: rz20 on August 15, 2014, 02:26:05 AM Any proof that he has got it? Because I don't believe that he has got access to 4 servers.
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Aurum on August 15, 2014, 02:32:33 AM Any proof that he has got it? Because I don't believe that he has got access to 4 servers. I dont know. But i think it's sure, i download the 3 other sites and is real. i don't have enough btc to buy the others to see :( Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: SomethingElse on August 15, 2014, 02:44:49 AM password managers can really help
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Skoupi on August 15, 2014, 02:53:03 AM Any official word from bitcoin.de yet?
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: dquancey on August 15, 2014, 09:09:17 AM password managers can really help This. I use KeePass for all my passwords, randomly generated passwords that is unique to each individual site. This way if one account gets compromised, all your other accounts are safe too. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: dadaas on August 15, 2014, 09:36:23 AM I think you guys are overreacting. Do you guys think that real hackers would publish their files in .rar format with password? Only way this could work is if password is long enough because rar files are easily cracked.
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: NLNico on August 15, 2014, 09:48:43 AM Quote we too sell the exploit that you can hack and dump any site of faucet you want :D all of them price 1 btc for the exploit Sounds like some bullshit lol.Also that e-mail address is associated with a phishing attempt: https://bitcointalk.org/index.php?topic=547617.msg5972181#msg5972181 Sounds like a low life scammer with no real skills. Might be the owner of that MakeBTC site also (some ponzi scam?) Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: BitCoinDream on August 15, 2014, 09:49:52 AM http://pastebin.com/KaWsDgdq (http://pastebin.com/KaWsDgdq) Bitcoin.de are on him pack. That sucks. Are we need to always make new password? :) LoLz... why the hell people will pay for freebitco.in and QoinPro.com ID/Pass ? Except Bitcoin.de any other DB are not valuable in the list. Moreover, if Bitcoin.de keeps he pass in encrypted form, that wont be of much value either. As I can see the hot wallets are safe for all the sites. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Rampton on August 15, 2014, 09:53:37 AM It's one of the basic rule for all the newcomers out there, "CHANGE THE PASSWORD REGULARLY" Not really. Changing passwords regularly could lead to several problems. I wouldn't advice using the same passwords for different sites though. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: dadaas on August 15, 2014, 10:12:07 AM I've just checked other 3 files they are offering for free and all paswords are hashed in databases. No need to worry at all if your password is long enough.
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: bitsmichel on August 15, 2014, 10:44:24 AM I've just checked other 3 files they are offering for free and all paswords are hashed in databases. No need to worry at all if your password is long enough. Which hashing algorithm is used? MD5? Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: dadaas on August 15, 2014, 10:49:18 AM I've just checked other 3 files they are offering for free and all paswords are hashed in databases. No need to worry at all if your password is long enough. Which hashing algorithm is used? MD5? Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Aurum on August 15, 2014, 10:51:02 AM Yes, them use md5, the auroracoin forum use the traditional forum salt that is more hard to decrypt.
but with a good pay decoder with trillion hashes decode it no can be hard. examples (hashes get from freecoinworld): 30fca77cebf16fe3c5b5b4db4371dee4 - cinta3segi 842df9fecdc99ad5aea6deb7ab117ae0 - me4ta12345 Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Mellnik on August 15, 2014, 11:04:32 AM Oh my god. Why the fuck would you use md5 LOL
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Remember remember the 5th of November on August 15, 2014, 11:11:26 AM Yup, the moment we read about MD5, it's already guaranteed that you need to change your password ASAP. MD5 can be bruteforced very easily.
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: bitcoin_de on August 15, 2014, 01:16:49 PM As of now it seems that this is just scam in the case of bitcoin.de. This is not the first attempt of this kind. The person trying to make money out of this wasn't able to provide any proof that this data is indeed what he claims it is.
Best regards Oliver Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: franky1 on August 15, 2014, 02:34:55 PM guys get your head out of the sand..
simple solution is to change your password regularly and then it wont matter if someone has your md5 hash. if you are worried about it more because you use the same email and password for all sites. CHANGE THEM ALL even to me its more likely that "aurum" owns the aururacoin forum and give away sites and and has dumped his databases as the free 'tempter' to try getting people to hand him funds. so just change your passwords regularly and dont use the same password on every site, as standard security procedure. and move on with your lives Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: counter on August 15, 2014, 06:10:24 PM Thanks for the news. I think it is good for this to happen so people are aware that they need to take the extra steps to be safe. Big ups to all of those who are more technologically inclined taking the time to warn others. ;)
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: CharHill on August 15, 2014, 07:32:37 PM http://pastebin.com/KaWsDgdq (http://pastebin.com/KaWsDgdq) Bitcoin.de are on him pack. That sucks. Are we need to always make new password? :) Yes, we are, with that information Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: galbros on August 15, 2014, 08:27:29 PM As of now it seems that this is just scam in the case of bitcoin.de. This is not the first attempt of this kind. The person trying to make money out of this wasn't able to provide any proof that this data is indeed what he claims it is. Best regards Oliver This is good to know, it would be good to hear from the other sites, though I suspect this is a hoax/scam. As others have noted freebitco.in has a lot of users, but I'm not sure what the value of the passwords would be since they are tied to btc addresses not anything useful. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: dadaas on August 15, 2014, 09:33:56 PM As of now it seems that this is just scam in the case of bitcoin.de. This is not the first attempt of this kind. The person trying to make money out of this wasn't able to provide any proof that this data is indeed what he claims it is. Best regards Oliver This is good to know, it would be good to hear from the other sites, though I suspect this is a hoax/scam. As others have noted freebitco.in has a lot of users, but I'm not sure what the value of the passwords would be since they are tied to btc addresses not anything useful. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Valle on August 15, 2014, 10:56:07 PM It's one of the basic rule for all the newcomers out there, "CHANGE THE PASSWORD REGULARLY" I tried to change ALL my passwords at once. It took about 2 weeks. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: dadaas on August 15, 2014, 10:59:49 PM It's one of the basic rule for all the newcomers out there, "CHANGE THE PASSWORD REGULARLY" I tried to change ALL my passwords at once. It took about 2 weeks. How many account do you have then? This way it looks like you have over 20k accounts :D Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: LiteCoinGuy on August 15, 2014, 11:03:00 PM They might have got their hands on the 3 crap sites, but nearly no way they got access to bitcoin.de (i think) and also there were no news about a bitcoin.de hack. maybe just scam. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Valle on August 15, 2014, 11:11:52 PM It's one of the basic rule for all the newcomers out there, "CHANGE THE PASSWORD REGULARLY" I tried to change ALL my passwords at once. It took about 2 weeks. How many account do you have then? This way it looks like you have over 20k accounts :D Not that many, about a hundred. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Valle on August 15, 2014, 11:13:27 PM It's one of the basic rule for all the newcomers out there, "CHANGE THE PASSWORD REGULARLY" I tried to change ALL my passwords at once. It took about 2 weeks. How many account do you have then? This way it looks like you have over 20k accounts :D Not that many, about a hundred. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: dadaas on August 15, 2014, 11:30:09 PM It's one of the basic rule for all the newcomers out there, "CHANGE THE PASSWORD REGULARLY" I tried to change ALL my passwords at once. It took about 2 weeks. How many account do you have then? This way it looks like you have over 20k accounts :D Not that many, about a hundred. Well anyway it took you quite a time to change every password. I thought you had even more accounts when you did that for 2 weeks :) Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Valle on August 16, 2014, 12:01:00 AM It's one of the basic rule for all the newcomers out there, "CHANGE THE PASSWORD REGULARLY" I tried to change ALL my passwords at once. It took about 2 weeks. How many account do you have then? This way it looks like you have over 20k accounts :D Not that many, about a hundred. Well anyway it took you quite a time to change every password. I thought you had even more accounts when you did that for 2 weeks :) Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Razick on August 16, 2014, 01:18:46 AM http://pastebin.com/KaWsDgdq (http://pastebin.com/KaWsDgdq) Bitcoin.de are on him pack. That sucks. Are we need to always make new password? :) Yes, because in most cases today passwords are not hashed in the database. Companies do not take security seriously - that's why hacking pays off. I agree, there is no excuse for not hashing passwords. It's really easy to do. Here's some free PHP code for anyone who wants to hash passwords. This is not the best way to do it in the newer versions of PHP but I'm stuck with 5.4. Code: <?phpTitle: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Aurum on August 16, 2014, 02:29:58 AM guys get your head out of the sand.. simple solution is to change your password regularly and then it wont matter if someone has your md5 hash. if you are worried about it more because you use the same email and password for all sites. CHANGE THEM ALL even to me its more likely that "aurum" owns the aururacoin forum and give away sites and and has dumped his databases as the free 'tempter' to try getting people to hand him funds. so just change your passwords regularly and dont use the same password on every site, as standard security procedure. and move on with your lives Lol you are crazy? the auroracoin owner is there: https://bitcointalk.org/index.php?topic=446062.0 in the hacker database its show the admin email as balduro@auroracoin.org the same username of this post, so you can know i am dont the owner. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Brewins on August 16, 2014, 03:01:15 AM Soooo is it a legit hack, or someone trying to spread virus using a false hack cleam?
I don't open archives like that. In fact I don't even visited the addres cause the pastebin site is a bitch and keeps giving me unsolvable captchas. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Aurum on August 16, 2014, 03:28:22 AM Soooo is it a legit hack, or someone trying to spread virus using a false hack cleam? I don't open archives like that. In fact I don't even visited the addres cause the pastebin site is a bitch and keeps giving me unsolvable captchas. unhappy its legit :( Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: wbaw on August 16, 2014, 03:43:22 AM Screw passwords, why can't we use our keys to log in yet?
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: zedicus on August 16, 2014, 05:29:37 AM As of now it seems that this is just scam in the case of bitcoin.de. This is not the first attempt of this kind. The person trying to make money out of this wasn't able to provide any proof that this data is indeed what he claims it is. Best regards Oliver This is good to know, it would be good to hear from the other sites, though I suspect this is a hoax/scam. As others have noted freebitco.in has a lot of users, but I'm not sure what the value of the passwords would be since they are tied to btc addresses not anything useful. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: zvs on August 16, 2014, 07:01:03 AM My email address has been available for years via MtGox, lol.
re: changing PW, I haven't changed some passwords in years... but then I use different password for every location aha, 17030,Darkhosis,hosis@hotmail.com,$1$TYhI6vSw$9e15nmZd0xlCrVAwR8aqj1 Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: wordman267645 on August 16, 2014, 07:09:08 AM we should remember password 8) 8)
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: dadaas on August 16, 2014, 09:07:41 AM As of now it seems that this is just scam in the case of bitcoin.de. This is not the first attempt of this kind. The person trying to make money out of this wasn't able to provide any proof that this data is indeed what he claims it is. Best regards Oliver This is good to know, it would be good to hear from the other sites, though I suspect this is a hoax/scam. As others have noted freebitco.in has a lot of users, but I'm not sure what the value of the passwords would be since they are tied to btc addresses not anything useful. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: gondel on August 16, 2014, 10:08:41 AM Someone can confirm that the info of qoinpro.com is real?
This is very bad news if true :( Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Stery on August 16, 2014, 10:16:31 AM Thats really bad news.
Dont you think the passwords can be cracked Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: bitsmichel on August 16, 2014, 10:22:50 AM Thats really bad news. Yes, a lot of MD5 hashes are found. The idea of MD5 is like a formula, it's easy calculate the output, but hard to calculate the input from the output. But.. people have created entire bi-directional databases of MD5 hashes, pairs of (password, hash) so its' easy to look up. These are known as rainbow tables and some are larger than 15 billion entries. If you have a totally unique and long password, you may be safe from it, but it's better to assume you are not.Dont you think the passwords can be cracked Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: LiteCoinGuy on August 16, 2014, 11:18:11 AM As of now it seems that this is just scam in the case of bitcoin.de. This is not the first attempt of this kind. The person trying to make money out of this wasn't able to provide any proof that this data is indeed what he claims it is. Best regards Oliver thx for that update. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: dadaas on August 16, 2014, 12:55:07 PM Someone can confirm that the info of qoinpro.com is real? This is very bad news if true :( Well, I don't know, but databases which are exposed for free are real so there is no reason not to believe them. It is quite possible that somebody already bought one database. You will be sure if you change your password and don't use that particular password on any other account. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: bornil267645 on August 16, 2014, 12:57:59 PM That's an interesting update. 8) 8)
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Sheldor333 on August 16, 2014, 02:47:51 PM It will happen, best way to protect yourself don't put all your BTC in one place and change your password regularly. No other way to do it. Be smart about it.
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: DurbanPoison on August 16, 2014, 11:09:07 PM It's one of the basic rule for all the newcomers out there, "CHANGE THE PASSWORD REGULARLY" & never use the same password on different sites! Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: zedicus on August 17, 2014, 12:04:59 AM As of now it seems that this is just scam in the case of bitcoin.de. This is not the first attempt of this kind. The person trying to make money out of this wasn't able to provide any proof that this data is indeed what he claims it is. Best regards Oliver This is good to know, it would be good to hear from the other sites, though I suspect this is a hoax/scam. As others have noted freebitco.in has a lot of users, but I'm not sure what the value of the passwords would be since they are tied to btc addresses not anything useful. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: BigNewsCrews on August 17, 2014, 02:29:09 AM uhh most of these sites are sites where people have no bitcoin anyways, why would anyone want to hack them? for .0000000001?
steal from the rich not the poor Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: dadaas on August 17, 2014, 10:14:04 AM As of now it seems that this is just scam in the case of bitcoin.de. This is not the first attempt of this kind. The person trying to make money out of this wasn't able to provide any proof that this data is indeed what he claims it is. Best regards Oliver This is good to know, it would be good to hear from the other sites, though I suspect this is a hoax/scam. As others have noted freebitco.in has a lot of users, but I'm not sure what the value of the passwords would be since they are tied to btc addresses not anything useful. I agree with you that there is almost nothing worth hacking on freebitco.in account but I was just trying to find at least some reason why would those accounts be valuable :) Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: NavalStrike on August 17, 2014, 10:54:26 AM uhh most of these sites are sites where people have no bitcoin anyways, why would anyone want to hack them? for .0000000001? Sounds like a bad plan for a scams who want to get some profits.Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Thekool1s on August 17, 2014, 11:07:04 AM LOL They cant hack mine i don't keep the password no way close to the wallet on these type of sites :D
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: ajareselde on August 17, 2014, 11:33:51 AM It's one of the basic rule for all the newcomers out there, "CHANGE THE PASSWORD REGULARLY" & never use the same password on different sites! It doesnt get more simpler than that, but still some people keep on making the same mistake. Keeping the passwords for a long time is also a bad choice. Hope we dont get more bad press from things like this again Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Hfleer on August 17, 2014, 11:48:33 AM Just use a password manager like Keepass ...
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: MakeBelieve on August 17, 2014, 12:17:30 PM Just use a password manager like Keepass ... That doesn't prevent people from leaking websites with your password...it only helps remembering all the passwords. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Hfleer on August 17, 2014, 12:24:19 PM Just use a password manager like Keepass ... That doesn't prevent people from leaking websites with your password...it only helps remembering all the passwords. No, that makes you use the password that the password manager creates for you. This way you never use the same password for all the sites. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Aurum on August 17, 2014, 07:14:45 PM more bad news, him databases is true :( i contact him by email and brought the 3 database by 10btc, in one btc wallet private to no one know.
the admin of bitcoin.de talk there no possible hahahaha, bitcoin.de site is very secure, really i dont cant open any account since de 2fa is active on them site, but one user use the same password in email, i open the email and i see the blockchain wallet the same password, for my surprise booommmmmmm 33.78 btc in him wallet, that the btc is in my wallet now :). i spent 10 btc in them all database, so i am in a good profit now :) yes i am crazy, but i need to test it, now i am enjoying my weekend. Now i buy him exploit for all faucet sites, i am testing with, if tomorrow i get fell good, i will share with yours the code :D PS: the freebitco.in dont have 450k users, have 672157 users emails :) is too much text to read :). Lets work. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Aurum on August 17, 2014, 07:18:05 PM Sure i dont know because him is selling the db by 10 btc if him can get more than 500 btc hacking the users, These hackers are insane. him talk me him apollogy dont are hack users. Him dont want innocent members money, and him orgasm is hack sites. For me is the best hacker until now.
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Cortex7 on August 17, 2014, 07:27:41 PM ...in most cases today passwords are not hashed in the database... Unbelievable and lame. No excuse for a crypto currency site! It's so easy to add this to the PHP: Code: $sPassHash = hash( "sha1", $sPassword ); Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Aurum on August 17, 2014, 07:57:28 PM ...in most cases today passwords are not hashed in the database... Unbelievable and lame. No excuse for a crypto currency site! It's so easy to add this to the PHP: Code: $sPassHash = hash( "sha1", $sPassword ); yeah its add more hard, but dont impossible.One tip, in one database the password is clean pure text :D Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Kieran Bass on August 17, 2014, 08:07:07 PM So bad for a crypto site(s) to have their site hacked like this.
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: jbreher on August 17, 2014, 09:24:32 PM i contact him by email and brought the 3 database... one user use the same password in email, i open the email and i see the blockchain wallet the same password, for my surprise booommmmmmm 33.78 btc in him wallet, that the btc is in my wallet now :). It may be that I misunderstand your poor English, but I doubt it. The way this looks, you're a fucking lowlife thief. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Aurum on August 17, 2014, 09:32:58 PM i contact him by email and brought the 3 database... one user use the same password in email, i open the email and i see the blockchain wallet the same password, for my surprise booommmmmmm 33.78 btc in him wallet, that the btc is in my wallet now :). It may be that I misunderstand your poor English, but I doubt it. The way this looks, you're a fucking lowlife thief. sure i dont american, sure i dont forced know english, but iam profit. looooooool. with your skillls in english, you have money? good to you! bulshit people have to fucked, my teory. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Aurum on August 17, 2014, 09:42:39 PM If you are hacked for your fall, use paypal them can return your money, i use bitcoin and have more than 100k on them, hack it, i doubt!
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: wzb422 on August 17, 2014, 11:03:32 PM They might have got their hands on the 3 crap sites
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Razick on August 17, 2014, 11:05:56 PM ...in most cases today passwords are not hashed in the database... Unbelievable and lame. No excuse for a crypto currency site! It's so easy to add this to the PHP: Code: $sPassHash = hash( "sha1", $sPassword ); It's not that easy if you want to do it right. Straight sha is too fast so you should use many iterations or sha2 or whirlpool. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Cortex7 on August 18, 2014, 12:04:12 AM ...in most cases today passwords are not hashed in the database... Unbelievable and lame. No excuse for a crypto currency site! It's so easy to add this to the PHP: Code: $sPassHash = hash( "sha1", $sPassword ); It's not that easy if you want to do it right. Straight sha is too fast so you should use many iterations or sha2 or whirlpool. Thanks for the heads up! This stack exchange comment seems pretty thourough: http://security.stackexchange.com/questions/211/how-to-securely-hash-passwords/31846#31846 Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: jbreher on August 18, 2014, 02:26:44 AM i contact him by email and brought the 3 database... one user use the same password in email, i open the email and i see the blockchain wallet the same password, for my surprise booommmmmmm 33.78 btc in him wallet, that the btc is in my wallet now :). It may be that I misunderstand your poor English, but I doubt it. The way this looks, you're a fucking lowlife thief. sure i dont american, sure i dont forced know english, but iam profit. looooooool. with your skillls in english, you have money? good to you! bulshit people have to fucked, my teory. Karma has a way of catching up... Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: dadaas on August 18, 2014, 03:52:20 AM Yes, them use md5, the auroracoin forum use the traditional forum salt that is more hard to decrypt. but with a good pay decoder with trillion hashes decode it no can be hard. examples (hashes get from freecoinworld): 30fca77cebf16fe3c5b5b4db4371dee4 - cinta3segi 842df9fecdc99ad5aea6deb7ab117ae0 - me4ta12345 One question, how does anybody crack those codes? Isn't it right that it takes long time to bruteforce those codes? Isn't that the whole point of hashing passwords, to make them practically uncrackable? Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: annoyingorange on August 18, 2014, 07:35:35 AM Fake pastebin posts like this are common, but you really should use a password manager like keepass or 1password and generate unique random passwords for every website login.
You can make them easy to read/type such as "phi8lugh7ku9re" or near impossible to brute force like "uBw=wr,9i[RrdX" Always have 2fa enabled for your email / dropbox / etc and if in doubt change your password. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: TheTruth4 on August 18, 2014, 08:04:52 AM What do you mean? This looks like a legit pastebin. What is going on with this post?
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: unexecuted on August 18, 2014, 08:10:57 AM What do you mean? This looks like a legit pastebin. What is going on with this post? It is impossible to prove whether that post is legitimate, unless the bitcoin.de owners admit to the leak. http://www.reddit.com/domain/pastebin.com/search?q=email&restrict_sr=on&sort=relevance&t=all Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: bitcoin_de on August 18, 2014, 10:15:46 AM Hi,
we are not so arrogant to say that we are unhackable, but here it is very likely a scam. The alleged hacker can not submit a single piece of evidence that he really has data from bitcoin.de. We have checked our system and could not detect any unauthorized access. So if someone really wants to get rid of 10 BTC... Please donate the money to the Wikimedia Foundation https://wikimediafoundation.org/wiki/Ways_to_Give#bitcoin or to the needy coffee fund of bitcoin.de: 1Ep3PpCs76JfKMjz5vckVTckB3JkSQEjAi Best regards, Oliver CEO Bitcoin.de Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Fahrradkette on August 18, 2014, 10:46:53 AM Call me suspicious, but ... the same person created this post, bought the database and claiming it is legit? In a rather strange english like within the pastebin-text? (Okay, English is not my native language, but still...)
Well...I don't believe it, sorry. :( But hey, I think the coffee fund is a good idea! Maybe I spend some btc on that. ;D Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Jamie_Boulder on August 18, 2014, 11:05:18 AM As long as you use different passwords for different forums/e-mails/accounts etc (AS YOU SHOULD) then all is well.
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: dadaas on August 18, 2014, 02:50:26 PM Call me suspicious, but ... the same person created this post, bought the database and claiming it is legit? In a rather strange english like within the pastebin-text? (Okay, English is not my native language, but still...) Well...I don't believe it, sorry. :( But hey, I think the coffee fund is a good idea! Maybe I spend some btc on that. ;D I didn't notice that but you've got very good point. This definitely looks even more suspicious now when you pointed that out. But those free databases they offered in Pastebin are actually true. Probably because it is easier to hack small sites like those rather then serious sites like Bitcoin.de. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Fahrradkette on August 18, 2014, 03:06:11 PM I didn't notice that but you've got very good point. This definitely looks even more suspicious now when you pointed that out. But those free databases they offered in Pastebin are actually true. Probably because it is easier to hack small sites like those rather then serious sites like Bitcoin.de. I don't know if the other databases are legit, neither do I know that the bitcoin.de-database is (not) legit. But as far as I know: Bitcoin.de is regulated/inspected by the german Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht(BaFin)). I do think there are many regulations about security and can't think about any way that the passwords are saved plaintext like the thread-author said. Nuff said. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: dadaas on August 18, 2014, 03:09:37 PM I don't know if the other databases are legit, neither do I know that the bitcoin.de-database is (not) legit. But as far as I know: Bitcoin.de is regulated/inspected by the german Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht(BaFin)). I do think there are many regulations about security and can't think about any way that the passwords are saved plaintext like the thread-author said. Nuff said. I love those German words :D I didn't know that Bitcoin sites are supervised by federal authority but it makes sense because it is Germany and we all know how Germans are. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Fahrradkette on August 18, 2014, 03:12:41 PM Back to wörk! ;D
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: hyperdimension on August 18, 2014, 05:47:34 PM There's NO way they hacked Bitcoin.de, they need confirmation emails for everything. Unlike this site btw, this site needs confirmation email for everything too, i mean give me a break. How in hell it doesnt?
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Razick on August 18, 2014, 06:23:21 PM Yes, them use md5, the auroracoin forum use the traditional forum salt that is more hard to decrypt. but with a good pay decoder with trillion hashes decode it no can be hard. examples (hashes get from freecoinworld): 30fca77cebf16fe3c5b5b4db4371dee4 - cinta3segi 842df9fecdc99ad5aea6deb7ab117ae0 - me4ta12345 One question, how does anybody crack those codes? Isn't it right that it takes long time to bruteforce those codes? Isn't that the whole point of hashing passwords, to make them practically uncrackable? The problem is that hash functions are very fast on their own. Modern computers can check millions and sometimes billions per second. For example, although php isn't a good choice, I could break md5 with something like this: EDIT: As Cortex noted below, the attacker would likely target the database at once making the process much faster, especially if salts aren't used. Code: // this is the hash of the password I'm trying to break There's NO way they hacked Bitcoin.de, they need confirmation emails for everything. Unlike this site btw, this site needs confirmation email for everything too, i mean give me a break. How in hell it doesnt? Having confirmation emails doesn't automatically secure a site against having its database stolen. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: TheKoziTwo on August 18, 2014, 08:34:01 PM Aurum is using a forum account that he has either hacked or purchased from the original owner. Just compare his first post in the forum with his current ones. Without looking further into this it seems like Aurum just generated a list of usernames and fake passwords and is trying to make some quick btc by selling air. Nothing to see here.
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Cortex7 on August 18, 2014, 09:21:46 PM @Razicks PHP func, modified to crack a whole dbase of hashes at once:
Code: // these are the hashes of the passwords I'm trying to break Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Remember remember the 5th of November on August 18, 2014, 09:23:37 PM @Razicks PHP func, modified to crack a whole dbase of hashes at once: Only that for even faster performance, it would be implemented in OpenCL. Hashcat already has, though.Code: // these are the hashes of the passwords I'm trying to break Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Cortex7 on August 18, 2014, 09:27:08 PM Only that for even faster performance, it would be implemented in OpenCL. Hashcat already has, though. Of course you're right! just using PHP like pseudocode because many understand it. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: allyouracid on August 18, 2014, 10:11:26 PM I've just checked other 3 files they are offering for free and all paswords are hashed in databases. No need to worry at all if your password is long enough. Just for the sake of clarity, I did a quick rainbow tables check on some md5-hashed passwords from one of those dumps (the site which is already closed). Three out of ten hashed passwords (!) with an amount of altogether way more than 10 BTC could be converted back to plaintext. If I had more than five BTC in my account, I wouldn't use "johnjohn" as my password. So guys, hold on strong passwords, e.g. use calculated passwords which are different for each website (e.g. calculate them with a set of letters, numbers etc and the URL of the site or something like that, so they are not the same, but you can calculate them). Not to talk about 2FA.And, to make sure that your passwords are safe, do a rainbow tables check on it. Important: download the tables and do it on your pc, never put your password into an online rainbow tables website, as there are many sites which just wait for you to enter your password, so they can md5 it and get the correct hash for the password (so there isn't even any need to calculate the hash back into the password, because you already gave it to them). One more statement: I'd never steal BTC/money/anything from anybody. .edit: Neither the amounts nor the password "johnjohn" is what I have found. Don't want to support people trying to steal bitcoins. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: ikank268 on August 20, 2014, 05:58:43 PM oh no, how they have the email account and know the passwords ??? ?? it's like nightmare :-[
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: bitkojnek on August 22, 2014, 10:18:18 PM I bought it ;D
I bought the freecoin and qoinpro date, sure all is fine, now preparing the spam text heheheheh. It will delay some time since 600k emails is a big daten. Someone already bought the bitcoin.de? It's real? I want to buy it but 10 btc to high, if it's fake i don't can afford 10 btc. Please if someone really bought it talk here if that is real. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Mightycoin on August 23, 2014, 08:12:09 AM That sucks. That's why security is so much essential. Better change password twice every week :)
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: dadaas on August 23, 2014, 10:32:03 AM I bought it ;D I bought the freecoin and qoinpro date, sure all is fine, now preparing the spam text heheheheh. It will delay some time since 600k emails is a big daten. Someone already bought the bitcoin.de? It's real? I want to buy it but 10 btc to high, if it's fake i don't can afford 10 btc. Please if someone really bought it talk here if that is real. You will use those databases only for spam email? Somehow I don't think you will just do that. So can you log in any account from freeco.in and qoinpro? Are those DBs real? Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: CreamyPie on August 23, 2014, 02:48:34 PM This is the reason why security is so much essential. Being ignorant is not an option
Its recommended by experts to change password every few days, I follow them :) Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: jl2035 on September 03, 2014, 03:04:34 PM Yes, them use md5, the auroracoin forum use the traditional forum salt that is more hard to decrypt. but with a good pay decoder with trillion hashes decode it no can be hard. examples (hashes get from freecoinworld): 30fca77cebf16fe3c5b5b4db4371dee4 - cinta3segi 842df9fecdc99ad5aea6deb7ab117ae0 - me4ta12345 One question, how does anybody crack those codes? Isn't it right that it takes long time to bruteforce those codes? Isn't that the whole point of hashing passwords, to make them practically uncrackable? At least this guy is doing it: http://redd.it/2erai6 Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: richardramirez9 on September 03, 2014, 04:30:55 PM Bitcoin.de = imposible they hacked it unless inside job.
Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: C. Bergmann on September 03, 2014, 05:48:48 PM Bitcoin.de = imposible they hacked it unless inside job. As Oliver pointed out: there has been no hack. The "hacker" was unaible to proof anything. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: Kickstart4 on September 03, 2014, 07:06:58 PM Security is such an important aspect today. I am glad I am not listed there.
I keep changing passwords every few days too. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: jbreher on September 04, 2014, 12:23:06 AM The "hacker" was unaible to proof anything. I'd counter that he proved that he is untrustworthy scum. Title: Re: Bitcoin sites leaked :( - Big bitcoin members emails database Post by: johncarpe64 on September 04, 2014, 04:00:30 AM Yes, them use md5, the auroracoin forum use the traditional forum salt that is more hard to decrypt. but with a good pay decoder with trillion hashes decode it no can be hard. examples (hashes get from freecoinworld): 30fca77cebf16fe3c5b5b4db4371dee4 - cinta3segi 842df9fecdc99ad5aea6deb7ab117ae0 - me4ta12345 One question, how does anybody crack those codes? Isn't it right that it takes long time to bruteforce those codes? Isn't that the whole point of hashing passwords, to make them practically uncrackable? At least this guy is doing it: http://redd.it/2erai6 |