Bitcoin Forum

    Recently, we had an incident where a member states that PMs were sent from his account, without him being aware. https://bitcointalk.org/index.php?topic=5150479.0 It definitely is possible for a hacker to log into someone's account, send a PM with the "save a copy to my outbox" unchecked, and the real owner of the account not being made aware. Would it do any good to allow an option to be notified by e-mail whenever a PM is sent from your account? Also, an e-mail notification would be sent whenever someone decides to opt-in or opt-out. Perhaps these e-mails can also come with an option to lock the account.

Edit:Perhaps just having the option to get notification when someone logs into your account would be better. It doesn't even need to include the ip like many sites have implemented. That way, a hacker cannot circumvent it by simply turning the option off since you would be notified of the initial log in. Also, an option to either lock the account or automatically log off all sessions with the e-mail would be helpful.

What if there's an email notification every time a user login on its forum account to top this. And with this ,

Voted yes but just wondering if such a feature can be implemented that easily and how productive it'll be since it doesn't stop the hacker from sending the PM. On all socal media related sites i have seen the feature of receiving a notification when you receive a PM but haven't seen any for receiving a notification for PM sent.

How about the option of making the "save a copy to my outbox" a default setting that can't be changed and message saved in outbox can only be deleted after certain number of days like 30days period.

What if users do not use main emails (that used for their jobs) to register their accounts in the forum? Those users likely don't log in emails (used to register forum accounts) too often.
For inactive users, whom fall into inactive status for months or years, such email notifications don't make sense.

---

If such email notifications when PM sent activated, it should be limited on PMs sent from strange IPs of each account. Recent months, when Gmail's users log in from strange IP, strange devices, they have to do some confirmations to log in their emails.

It's already in your profile. Just set "Notify by email every time you receive a personal message:  " to "always" and you will receive notifications.

It's in the private message section of your profile.

He wants to receive notifications when he sends a PM, not when he receives one.

Better than that, can't we have access to our own IP logs? We get such information from exchanges and even Google so if possible, we can see if any other IP address has been accessing your account. Also, if the login IP changes, it would be better if we receive notifications via email and a 2FA like exchanges do.

If it's just an Option that can be checked and unchecked, then the hackers will disable the option when they are using victims' accounts to send messages just like they would u check "save copy to my inbox"

My suggestion is that maybe we have the account automatically locked when there is a sudden change in the IP address log from the usual pattern accompanied with a verification email with information about a mandatory security check.

2FA will not be implemented on this forum software. Maybe on the new forum software. This has been suggested multiple times but nothing has been done.

I don't think this is going to help. I have 1847 sent messages. If I would have received 1847 emails, I would have disabled that option a long time ago, or filter them to be deleted.

That wouldn't only work for you, it would also give someone who gains access to your account access to your IP (and approximate location).

---

I've seen cases indeed where a hacker doesn't change the password so the account doesn't get locked. I'd say that means the account locking and recovery system is starting to pay off!
It's still quite rare to happen, so a solution that can only prevent a small fraction of this rare thing won't really help much.

2FA has not been considered for the new forum software but something like an email notification when the IP changes also would prove to be useful. Your suggestion of locking such an account also would be good but people would keep complaining everytime their account gets locked so a notification also would suffice.

This seems like a better option ( 90 days is a lot , maybe 30 ?) since there is no guarantee the user will see the Email before their account is used to scam, or maybe the two together for better security? But most importantly people should start using more complex passwords and take care of their own accounts security, babysitting does not always solve the problem.


No please , ain't nobody got time for that.

Maybe just have a visible statistics of sent messages per day/week/month instead of notifications, like
Messages sent today 0.  I don't know where it could be placed but should be on a easy-to-spot place.

Having an option like that would only make sense if the option can't be turned off. If a hacker manages to gain access to an account and un-tick the option for sending a notification via email when a PM is sent we are back to square one.

But in that case we will encounter the problem that LoyceV highlighted. Possibly getting 1000 emails and notifications of sent PMs.

The best option I think is having all sent PMs automatically go to the Outbox folder like CryptopreneurBrainboss suggested.   
 

     I already thought about hackers disabling the option.
If a hacker was trying to cover his tracks by disabling, sending PM and then enabling again, you would get 3 e-mails. It would probably be better if someone had the option of getting a text by phone. However, I'm not sure this is possible, or if this site even wants to store something as sensitive as a phone number.


Some people may not want a certain PM stored in their outbox for any period of time. They may want to convey some personal information that they also request the receiver delete when they are done with it. I realize there are better ways to go about this, though.

Can't the hacker delete the sent PMs from the user's account? When they can send PMs without the knowledge of the user, they can easily delete their own sent PMs as well as we can do now manually.

I’d say that this is a better option. A person can perform a silent hack into someone’s account (not changing the credentials nor email) and not just PM some shady stuff, but also create posts such as those seen recently in this and other threads:  Please disable Fake ANNs download links , theymos ! (https://bitcointalk.org/index.php?topic=5144054.msg51083860#msg51083860). A couple of related cases were reported as silent hacks, and verified to be so to the extent that can be done through taking a look at the IP logs.

An email notification when someone logs into an account could be useful in order to act as quick as possible. This could have it’s tweaks such as only notify when you do so from a new IP (to delimit the number of notifications), and have an opt-in option to activate it.

I don't like the idea of sharing your phone number in this forum. This beats the purpose of anonymity and the hacker will get far more valuable information if they can check out your phone number after hacking your account.
I really like the idea of changing the password via email only. This will ensure that a foreign IP cannot log you out of your account. If notifying by email isn't possible, maybe share the login time and all the activities of the user's database on another website? This will also help Mods trace out scammers. The fact that you can delete all your past activities in a forum where a transaction is built on trust is scary.

This is true, and would be a pain in the ass in my opinion.   I don't need a notification sent to my email whenever I send a PM.  I'm already getting notifications for received PMs, and I hate to say it but the Maggiordomo bot has been getting a bit irritating in that regard.  Removing the option to not save outgoing PM in the outbox isn't going to do much, because the hacker can just delete the message after it's sent.  

The situation that spurred bones to create this topic is a bit concerning, but I would like to think it's an isolated case.  I don't recall learning about any other situation with a similar account breach.  

Since most of us are into cryptocurrency we should all understand the importance of self reliance and accountability when it comes to our own security.  Maybe some people don't take the security of their forum account as seriously as their bitcoin wallet, but maybe that's what needs to change.  This is especially true for those of us who've developed a trusted reputation here, it's not only our account and reputation that are on the line, but someone may get scammed.   Continuing to ask theymos to implement troublesome features to compensate for a few members' lack of accountability and responsibility isn't a great solution.

I have changed the poll and topic to explore if it would be better to just have the option to get notified whenever they log in.

Edit: I forgot to take a screen shot of the previous poll. It was 9 to 5 in favor of adding an option to get e-mail notification when sending a PM.

There is actually an option like this. I've been receiving email notifications everytime a got a pmed.

I think the best thing to do right now than waiting for theymos to do your suggestions which is actually has a very  small percentage of getting considered. Try to add a 2fa security for a higher security of your account. Here is a very good guide

https://bitcointalk.org/index.php?topic=5041789.0;all

Here as well


Note: It is mainly your responsibility to take good care of your account and add up as much security as you can so you don't have to rely on the current forum features.

I think this is the neatest solution. We know from theymos' topic Retention/privacy info (https://bitcointalk.org/index.php?topic=5136127.0) and from the page https://bitcointalk.org/privacy.php that your IP is logged for at least 3 months, and partially up to 2 years. It would be fairly easy to implement a simple check upon login of the current IP compared to all previous IPs, and fire off an email notification if the IP is brand new. That would stop users who wanted this option from being flooded with emails. The obvious drawback here is that it wouldn't work well with Tor or anyone who frequently rotates to new VPN servers.

Perhaps add another alert for user agent then. I bet no hacker would guess that my browser is "NCSA_Mosaic/1.0 (Windows 3.1)".

If you are infected with malware, it is possible someone could access your account without logging in. The hacker could possibly access your account locally on your computer, or they could copy the cookie used to validate you and logged in.

Well, I realize that my proposed solutions won't make someone's security foolproof.  Just another pesky pawn that one could place to get in the way of the hacker's queen.

Before I vote, I need to be cleared on the whole idea of email notification, what's the aim of this suggestion, is it that you want to to get notified each time your account get logged into or you're trying to prevent hackers from accessing our account?.

How about recieving this notification only when there is a change in users IP address instead of receiving a notification for every login attempt. Most platform uses this feature and it helps prevent hack attempts.

If the whole suggestion is about preventing hackers from gaining access to your account I don't see the usefulness of a notification when it might be too late before you can do anything about it.

Having an option to receive an email notification when a PM is sent would be beneficial. Obviously not everyone has a real email attached to their account or activity monitors their attached email.

The email sent to respond to a message contains a link to reply to the message. I can see a lot of people accidentally clicking on the security link when receiving a email saying they just sent a PM, if they are in the middle of a PM conversation.

   It appears that some scammers on Telegram are trying to gain confidence from people by telling them they are a bitcointalk member. It appears one scammer may have gotten access to a reputed members account and sent PMs under the member's nose. Unfortunately, for the reputed member, there is really no way to prove definitively that he was "hacked." Now he is being asked to potentially make up for the victim's loss. I just want to make it harder for scammer's to use another person's account on the down low. I realize that e-mail notification is not a fail-safe. However, offering as many tools as possible to give people notification that their account may be compromised is a good thing. I personally don't want to force additional security options on people though. I think it should be up to the person to use the extra tool or not.

One of the hackey ways I could think of is, checking the Last Active option of your account and verifying with your actual Last Active time. OF COURSE, you've to check it without logging in on the website and opening your profile.

2FA can potentially solve the above issue but we have it coming up in the new forum (hopefully). IP based verification should be used in connection with the login logic. Something what LBC does, if they find youe opening the site from a different IP that doesn't exist before, you're forced to do confirm a link sent in your email.

They will now that you've told them! I'd recommend switching immediately - I use WorldWideWeb/0.18 (NeXTSTEP 3.3).

Some people constantly spoof their user agent, so again, wouldn't work for everyone, but it certainly could be offered alongside the IP option. Between the two of them, I suspect that would cover most people who are worried about it.

I don't understand how this happened? Did the user in question just give out their password?

Here is the thread in question that I am talking about. https://bitcointalk.org/index.php?topic=5150479.0 I am leaning toward believing that the OP is telling the truth; however, it is possible that it is just an excuse. Unfortunately, no information from the OP on thread to indicate exactly how he may have gotten compromised.
Here is a similar described incident. But I don't think the telegram scammer actually had access to the bitcointalk account to confirm the credentials that he was giving. https://bitcointalk.org/index.php?topic=5148419.0

Wow. What a thread.

He did say this:

If you look at the picture of theymos' PM, you can see he logs in from 5 different USA IPs in less than 12 hours. Assuming he was in New York for a few days, it seems he could well have logged in to dozens of different public WiFis, and then less than a week later, his account is used to scam. As most of us know, if you log in to a public WiFi without any sort of encryption it is entirely possible for that WiFi owner to see absolutely everything you send and receive, including usernames and passwords. I'm not saying this is definitely what happened, but it's a very obvious vector of attack.

Or a keylogger, or an XSS exploit to grab the cookie, or his password was password123, or a salty ex-girlfriend/boyfriend tried to screw him over...

WiFi MITM attack isn't that simple IMO. To extract a password from an HTTPS session you'd need to fool the user into accepting a fake cert, or plant a fake CA.

They can't hold your hand, account security falls on you.  No one to blame but yourself.

     First of all, let's get something straight. When an account gets hacked, the main blame goes to the hacker. It's not like hackers are some wild predatory animals that just can't control their instincts. I'm not suggesting that Bitcointalk holds people's hands. I'm just suggesting an additional tool for users to implement.

Depends on the type of authentication method used. You can extract session token/JWT's from request headers but again installing the fake cert on your own system and making sure the system accepts it is a very difficult task. Basically, your system will be already compromised if the MITM managed to install a fake cert on the system.

It's tricky to get email notifications right so that they're not too spammy. Maybe later.

For now, I added this page where you can see your IP logs for the past 30 days: https://bitcointalk.org/myips.php . You could pretty easily write a userscript to periodically check this and warn you if it's weird. (But don't scrape it on every pageload.)

I don't want to make older IP logs automatically accessible because that'd give a hacker a bunch of useful/sensitive information. But 30 days is probably not too harmful.

OP suggested like a 2 way factor authentication and yes it does sound good to use email rather than a smart phone with its number. A smartphone has disadvantage that whenever it will be stolen the the two way factor will be not be activated and it is the same as like you are also will not be able to access your btc precious account.

At the moment they could but in the 2nd part of his post CryptopreneurBrainboss says:
This could be useful for the current forum but once the forum switches to the new software, hopefully with a 2FA option, it would no longer be needed.

Theymos stepped in and did hard for forum users. The switch from bitcointalk.org to Epochtalk might be a huge migration (or hugest) in history of crypto forums. Mainly because bitcointalk.org is the biggest and unique crypto forum, for years. I don't know which set of security methods for accounts will be applied in the new forum with 2-factor authentication, but I guess there are three methods: emails, signed message, and 2FA. It will be likely a tripple security method, that is hard for hackers to steal accounts.

The log looks suspicious,
I have been logging from various locations, but some are definitely out of my recognised range.
Country is the same, but very strange IP locations popping out here and there.
I am going to change my password anyway.
This is the minimum required action.
But anyway this log need some double checking.

I can see my log now but it's mainly Unknown city and unknown country and plus today my logs don't show an IP address at all.

If you browse on mobile, your IP assigned to you by your carrier can frequently change, and may not always be geographically accurate. The best way to check is to see what your IP is on your mobile, and check it directly against your logs.

As someone who always connects via a VPN, I'll need to build a small database of all the VPN servers I use and their public IPs, and then cross reference that against my logs periodically to be completely sure, but there's nothing I can see at the moment that stands out at me.

That is because of your service provider. I am not so sure if that is because they are using the Ip from the towers you are at.

Just like in the philippines the service provider just really sucks. You might even get similar IP from other people who uses the same service.

As long as you can recognize the date youve log in. I think thats just fine

I think that this innovation (https://bitcointalk.org/myips.php) can create an anonymous threat to users who do not use all sorts of anonymizers (using a static IP address). For example if a hacker were to gain access to a user account they could be restored by a signed message but the anonymity of the user would be compromised. In my opinion this is a call to use VPN services. Am I right?

How do hackers sign a message? Can you explain more about it, please. In my opinion, if real owners already signed a message previously before their accounts hacked. When they want to get accounts back, they have to sign another message with the same address. Hackers mostly can not have access to address used to sign message before. Personally, I think IPs show in that page only help users to discover strange IPs in their accounts' IP list, then if needed, they can change passwords of their accounts to have better security. It is just a preventive protectioin for users.
If accounts really hacked, real users can get their accounts back if they can show good proofs required in recovery process.

I'm sorry. I understand that this is done for personal monitoring of IP addresses. I probably made a mistake because I still don't speak English well. I meant that if a hacker gets access to the account, he will be able to find out the IP address belonging to the owner of the account.

Hi everyone,

As you can imagine, I've been very busy the last three days trying to figure this thing out and improving my security here.
For those who don't know, I'm the OP of the thread that led to all this.

If I had any idea how I got hacked, I would share it, really. I haven't kept anything to myself in the other thread.
I was told hacking from a public wifi wasn't easy to do. I honestly don't know if it is or not. I don't know what can be done and how.

It seems that only my account here was compromised. Other accounts (bank, emails, wallets, exchanges...) seem ok.
That reinforces the idea that I was targeted because of my rep here.
So maybe, it comes from a phishing link or a malware that I would have downloaded here ? Even though I don't see myself doing it, I might have clicked the wrong thing, honestly I don't know.  ???

I've been using my wife's laptop for the past three days and I formatted my PC. The last IP logs (thank you Theymos for that) match so it looks safe . I'll definitely check on those very often.

I'm just a regular guy, definitely no tech expert. I apply basic recommendations, never thought this could happen to me and yet it did. I don't think anyone can say they're 100% safe.

These are my last IP logs. The ones in France match. Maybe you guys should check your own logs to see if any of those IPs shows up in them.

https://i.imgur.com/AJN8pYE.jpg

As I proposed a few days ago in the thread mentioned in OP by bones, the smartest way to implement this would be sending an email either

• Connection from a new ip, which you need to validate in the email
• Or, connection from a different geographical region, which you could also validate through a link sent to you

Of course this would have to be an opt in option since some people might have used dispensable email accounts to create their account here.

However maybe this could be enforced and encourage people to change their email address to one they actually have access to.

I like this idea as well, not sure if it's doable though.

I am not liking the idea of ip log that is getting shared. The best way is 2FA and we are creating another complex solution that is not going to solve the problem.

What if , if hacker is also in same city?

2FA can be and has been breached before.

Accessing iplogs IS a security feature as long as it is private to the user only.

So is a notification when a log in happens.

Both features exist on most secured websites like exchanges. I don't see how this would weaken the security of your forum account.