Bitcoin Forum

Other => Meta => Topic started by: digit on March 22, 2016, 09:23:59 PM


Title: mass password reminder requests occuring right now
Post by: digit on March 22, 2016, 09:23:59 PM
So whats going here? :o

https://bitcointalk.org/index.php?action=who

https://i.imgur.com/G9DY1iI.png

someone is mass requesting password reminders over the last hour?  Is any steps being taken to block this person and compromised accounts?

Title: Re: mass password reminder requests occuring right now
Post by: --Encrypted-- on March 22, 2016, 09:26:03 PM
probably just some guy hoping that the password reset emails will get to the email accounts that they created. some users use invalid email accounts that can be created easily (@gmail, @yahoo, etc)

Title: Re: mass password reminder requests occuring right now
Post by: shorena on March 22, 2016, 09:29:25 PM
Looks like a brute-force attack. Maybe theymos did not limit the number of requests.

Title: Re: mass password reminder requests occuring right now
Post by: SebastianJu on March 22, 2016, 09:57:06 PM
I was told reporting such post like the OP wrote is the fastest way to inform moderators and staff. I mentioned what it is about.

It might be that ip-bans doesn't work here. I know that hackers mostly would use a big list of free proxies or such to achieve such tasks.

Title: Re: mass password reminder requests occuring right now
Post by: n691309 on March 22, 2016, 10:03:53 PM
It's not the first time, i have seen this many time in the past (past months) maybe it's a brute force, I doubt users requests so often to reset their password.

Title: Re: mass password reminder requests occuring right now
Post by: Cyrus on March 22, 2016, 10:35:52 PM
I've informed theymos about it.

Title: Re: mass password reminder requests occuring right now
Post by: Freddynic159 on March 22, 2016, 10:49:01 PM
One solution would be to place a captcha on the form of password reminder (https://bitcointalk.org/index.php?action=reminder) to stop the massive requests.

Title: Re: mass password reminder requests occuring right now
Post by: FruitsBasket on March 22, 2016, 10:51:14 PM
Quote from: Freddynic159 on March 22, 2016, 10:49:01 PM
One solution would be to place a captcha on the form of password reminder (https://bitcointalk.org/index.php?action=reminder) to stop the massive requests.
That is a partly solution, because the could pay a captcha service to solve these captcha's automatically.

Title: Re: mass password reminder requests occuring right now
Post by: Freddynic159 on March 22, 2016, 10:59:11 PM
Quote from: FruitsBasket on March 22, 2016, 10:51:14 PM
Quote from: Freddynic159 on March 22, 2016, 10:49:01 PM
One solution would be to place a captcha on the form of password reminder (https://bitcointalk.org/index.php?action=reminder) to stop the massive requests.
That is a partly solution, because the could pay a captcha service to solve these captcha's automatically.

Yes, but they could already be doing business even without need to offer a service to complete captchas.

Title: Re: mass password reminder requests occuring right now
Post by: Zeke2345 on March 22, 2016, 11:06:02 PM
This kind of stuff would make me really nervous if I was doing a lot of business here.
Almost thinking about changing my password more often but I see there are drawbacks to that as well.
Good thing they do not know my grandmas dogs name of his favorite sex toy or I would have been hacked by now. :-X

Title: Re: mass password reminder requests occuring right now
Post by: SebastianJu on March 23, 2016, 01:14:16 AM
Thanks Cyrus...

I think it will be hard to block this. This is obviously done by a script or bot so anything that could be done to prevent that can be circumvented. Captcha, IP, Timeouts... a bot does not need to care.

The only thing that is stupid by the hacker is that he is noticeable. Though even then, what could theymos do? Block account access? The hacker already got access by owning or accessing the account email. Don't know how this could be dealt with.

Besides that... I fear it is effective. I always wondered why it happens so often that accounts get hacked. Phising sites are rather seldom though maybe this attempt here works better.

Title: Re: mass password reminder requests occuring right now
Post by: theymos on March 23, 2016, 03:39:28 AM
It looks like he was trying to spam a bunch of people. Annoying. There was already a rate limit per IP, but he was using multiple IPs. I added a CAPTCHA to that page. I also invalidated all of the reset codes that were generated just to be safe.

There wasn't any burst of actually-reset accounts. I don't see any possible security problems here. In particular, I long ago strengthened the way that reset codes are generated. It's not possible for attackers to guess or brute-force reset codes.

Title: Re: mass password reminder requests occuring right now
Post by: digit on March 23, 2016, 03:56:25 AM
Quote from: theymos on March 23, 2016, 03:39:28 AM
It looks like he was trying to spam a bunch of people. Annoying. There was already a rate limit per IP, but he was using multiple IPs. I added a CAPTCHA to that page. I also invalidated all of the reset codes that were generated just to be safe.

There wasn't any burst of actually-reset accounts. I don't see any possible security problems here. In particular, I long ago strengthened the way that reset codes are generated. It's not possible for attackers to guess or brute-force reset codes.

thanks, good to know forum is secure, it was random i happened to look at that page earlier and saw all that and had me wondering what the hell was happening :D



Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines