RapTarX
|
|
October 25, 2021, 06:19:31 PM |
|
there's no email or any message that contain malicious links. So I doubt CZ claimed was right, it was just a FUD because I don't even receive emails in my inbox.
That's not how it works. Hacker will most possibly sell the email database in darkweb. The buyer can be assured that all these emails belong to people who are interested & linked with crypto. They can use the email for phishing purposes, for advertising purposes. You are unlikely to get an email instantly after the hack. CZ claimed it as FUD? This guy can do anything to cover up their shit. Though I appreciate his business plan & success; he is not a good guy for the crypto at all in general. Can you remember the 7000 BTC hack from Binance? CZ tried his best to prevent the news from being spread everywhere & that's why he took attention to REVERSING (it's not a reverse though) the transaction with a fork even though he was certain that it's never going to happen.
|
|
|
|
Quickseller
Copper Member
Legendary
Offline
Activity: 2996
Merit: 2374
|
|
October 25, 2021, 08:13:14 PM |
|
Can someone tell me why emails are not encrypted or kept more securely, or what makes it more difficult to hack a password than an email?
Email addresses (and other non-password data) is normally stored in a database. The database itself will usually have permissions restrictions prevent an arbitrary person from accessing the database. The reason this information is stored in a database is so the business, in this case CMC can query this information to complete various tasks, such as emailing their customers. A password on the other hand is typically stored in a "hashed" format. This means the actual is not actually stored, but rather the result of the password being passed into a hash function is stored. This means that someone querying the database cannot actually get the actual password, but if the correct password is entered into a query, it is trivial to confirm the correct password was entered. The reason passwords are stored this way is because there is no valid business reason for someone to query someone's password. Also, the number of people who can access even the hashed passwords is generally more restricted than other parts of the database. There have been a lot of hacks of various crypto services over the years. It is not inconceivable to believe that the leaked list is actually a compilation of email addresses used by crypto users.
|
|
|
|
LTU_btc
Legendary
Offline
Activity: 3234
Merit: 1375
Slava Ukraini!
|
|
October 25, 2021, 10:53:55 PM Last edit: September 10, 2023, 10:05:39 PM by LTU_btc |
|
Didn't know you can create an account there. What the accounts are for on their platform? (Never visited their site for quite time)
You can use accounts to make a crypto watchlist and keep track of your portfolio, but people were mainly using them to claim diamonds and buy rewards (NFTs, vouchers, etc.). It's basically the same concept that Coingecko introduced some time ago with candies. Maybe I was living under the rock for some time, but I also wasn't aware that's possible to make account on Coinmarketcap. And didn't knew about their diamonds. Well, fortunately I don't have account there, so my email isn't leaked. Offcourse, it may be just coincidence. But it's also possible that they deny these things just trying to defend their reputation.
|
|
|
|
Stedsm
Legendary
Offline
Activity: 3052
Merit: 1273
|
|
October 25, 2021, 11:00:23 PM |
|
Ridiculous how hackers try to steal data and information for their personal benefits. CMC seems to be working fine, I didn't see any kinda glitch on their site, don't know how and when this hack took place. I've got an account there, but as they claim that the passwords were not leaked, I still smell something fishy happening behind the curtain and I hope that their claims are not proven bullshit later on.
Even if our passwords are not leaked at CMC but some users whose email addresses ever got hacked (with their passwords) could be matched with the ones in the database that was received by the hacker and they may use those users' e-mail address' password, and who know if a user has used the same password here and at many places? It'll definitely ruin things for such users.
|
| .SHUFFLE.COM.. | ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ | ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ | . ...Next Generation Crypto Casino... |
|
|
|
mk4
Legendary
Offline
Activity: 2926
Merit: 3881
📟 t3rminal.xyz
|
|
October 26, 2021, 05:19:29 AM |
|
There have been a lot of hacks of various crypto services over the years. It is not inconceivable to believe that the leaked list is actually a compilation of email addresses used by crypto users.
Yep, never said it was impossible to be the case. It's just that there's a lot of potential reasons how there's a huge overlap between a "leaked" email list with CoinMarketCap's email list. Like how there's almost a guarantee on having a huge overlap between CoinMarketCap/CoinGecko users and Coinbase/Binance users. Something something innocent until proven guilty.
|
|
|
|
shield132
|
|
October 26, 2021, 08:10:50 PM |
|
Haha, this man is very shameful. They are denying what happened but at the same time are investigating? Cmon. Btw what are partial matches? Oh, there was a leak on another website maybe on coingecko (joking of course) and somehow it happened like the emails that were leaked on another website were partial matches of the emails registered on coinmarketcap. Haha, idk if anyone believes that but probably people really believe, that's the reason why he lies. This statement from him is done in order to act like a cool company and the CEO who works like a swiss watch, without problems.
|
|
|
|
Darker45
Legendary
Offline
Activity: 2758
Merit: 1927
|
|
October 27, 2021, 01:53:03 AM |
|
Haha, this man is very shameful. They are denying what happened but at the same time are investigating? Cmon. Btw what are partial matches? Oh, there was a leak on another website maybe on coingecko (joking of course) and somehow it happened like the emails that were leaked on another website were partial matches of the emails registered on coinmarketcap. Haha, idk if anyone believes that but probably people really believe, that's the reason why he lies. This statement from him is done in order to act like a cool company and the CEO who works like a swiss watch, without problems. LOL! This response seems familiar. Typical CZ gaming. LOL! Why is it so hard for this businessman to admit what actually happened? There's no leak. It's simply FUD. There were partial matches on emails, though. And they're investigating. Please someone correct me if I remember it wrong, but this is also the same response CZ provided during the 2019 Binance KYC leak. The news of the leak was fake. It was merely FUD. But there were also partial matches on the images and personal information. And they're also investigating, even offering a reward for the identification of the supposed hacker as well as VIP upgrades to the affected users. This man doesn't appear credible at all.
|
|
|
|
Quickseller
Copper Member
Legendary
Offline
Activity: 2996
Merit: 2374
|
|
October 27, 2021, 06:20:50 AM |
|
There have been a lot of hacks of various crypto services over the years. It is not inconceivable to believe that the leaked list is actually a compilation of email addresses used by crypto users.
Yep, never said it was impossible to be the case. It's just that there's a lot of potential reasons how there's a huge overlap between a "leaked" email list with CoinMarketCap's email list. Like how there's almost a guarantee on having a huge overlap between CoinMarketCap/CoinGecko users and Coinbase/Binance users. Something something innocent until proven guilty. Well I do think it would be strange for only email addresses to leak. There is typically more information that leaks when a database is compromised. I would have expected for at least IP addresses and some data about the accounts to leak. There is a very narrow set of circumstances in which only email addresses would leak from CMC.
|
|
|
|
ultrloa
Legendary
Offline
Activity: 2926
Merit: 1269
|
|
October 27, 2021, 01:50:34 PM |
|
Eventhough they declare that our accounts is safe from that account we can't be so sure since there are other users especially those newbie accounts who use the same email and password for registration on a different platform so maybe there are other people do it on cmc since they think that its safe since this platform is owned by binance. So hopefully there are no victims of hacking on binance in this incident and stay away from phising guys.
|
|
|
|
R |
▀▀▀▀▀▀▀██████▄▄ ████████████████ ▀▀▀▀█████▀▀▀█████ ████████▌███▐████ ▄▄▄▄█████▄▄▄█████ ████████████████ ▄▄▄▄▄▄▄██████▀▀ | LLBIT | | | 4,000+ GAMES███████████████████ ██████████▀▄▀▀▀████ ████████▀▄▀██░░░███ ██████▀▄███▄▀█▄▄▄██ ███▀▀▀▀▀▀█▀▀▀▀▀▀███ ██░░░░░░░░█░░░░░░██ ██▄░░░░░░░█░░░░░▄██ ███▄░░░░▄█▄▄▄▄▄████ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ | █████████ ▀████████ ░░▀██████ ░░░░▀████ ░░░░░░███ ▄░░░░░███ ▀█▄▄▄████ ░░▀▀█████ ▀▀▀▀▀▀▀▀▀ | █████████ ░░░▀▀████ ██▄▄▀░███ █░░█▄░░██ ░████▀▀██ █░░█▀░░██ ██▀▀▄░███ ░░░▄▄████ ▀▀▀▀▀▀▀▀▀ |
| | | | | | .
| | | ▄▄████▄▄ ▀█▀▄▀▀▄▀█▀ ▄▄░░▄█░██░█▄░░▄▄ ▄▄█░▄▀█░▀█▄▄█▀░█▀▄░█▄▄ ▀▄█░███▄█▄▄█▄███░█▄▀ ▀▀█░░░▄▄▄▄░░░█▀▀ █░░██████░░█ █░░░░▀▀░░░░█ █▀▄▀▄▀▄▀▄▀▄█ ▄░█████▀▀█████░▄ ▄███████░██░███████▄ ▀▀██████▄▄██████▀▀ ▀▀████████▀▀ | . ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ ░▀▄░▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄░▄▀ ███▀▄▀█████████████████▀▄▀ █████▀▄░▄▄▄▄▄███░▄▄▄▄▄▄▀ ███████▀▄▀██████░█▄▄▄▄▄▄▄▄ █████████▀▄▄░███▄▄▄▄▄▄░▄▀ ████████████░███████▀▄▀ ████████████░██▀▄▄▄▄▀ ████████████░▀▄▀ ████████████▄▀ ███████████▀ | ▄▄███████▄▄ ▄████▀▀▀▀▀▀▀████▄ ▄███▀▄▄███████▄▄▀███▄ ▄██▀▄█▀▀▀█████▀▀▀█▄▀██▄ ▄██▀▄███░░░▀████░███▄▀██▄ ███░████░░░░░▀██░████░███ ███░████░█▄░░░░▀░████░███ ███░████░███▄░░░░████░███ ▀██▄▀███░█████▄░░███▀▄██▀ ▀██▄▀█▄▄▄██████▄██▀▄██▀ ▀███▄▀▀███████▀▀▄███▀ ▀████▄▄▄▄▄▄▄████▀ ▀▀███████▀▀ | | OFFICIAL PARTNERSHIP SOUTHAMPTON FC FAZE CLAN SSC NAPOLI |
|
|
|
smyslov
|
|
October 30, 2021, 05:50:29 AM |
|
I do not have an account on Coinmarketcap but this is considered a piece of big news and a cause of concern, Coinmarketcap, is a company owned by Binance and there are millions of users if they can hack a company owned by the biggest exchange in the industry, even small companies are at risk, those who have an account on Coinmarketcap should educate themselves on how to protect themselves on phishing emails, hackers are going to use those emails.
|
|
|
|
Rabi3
|
|
October 31, 2021, 11:49:21 PM |
|
I created an account using a temporary email, but I assume that their database is large and it will cause a lot of losses because beginners trust the emails that are sent to them. CoinMarketCap has become aware that batches of data have shown up online purporting to be a list of user accounts. While the data lists we have seen are only email addresses (no passwords), Source --> https://haveibeenpwned.com/PwnedWebsites#CoinMarketCapThe weirdest part is this quote, which means they don't know what exactly happened, and just because the password hasn't been hacked doesn't mean that customer data is safe. I also didn't notice any new security update they made. If they don't know exactly what happened there is a possibility that passwords were stolen but they just don't know about it and whoever hacked them kept that to himself, I am not taking any risks and my coinmarketcap password is never to be used again at least not with the same email address.
|
|
|
|
mk4
Legendary
Offline
Activity: 2926
Merit: 3881
📟 t3rminal.xyz
|
|
November 01, 2021, 03:35:46 AM |
|
Well I do think it would be strange for only email addresses to leak. There is typically more information that leaks when a database is compromised. I would have expected for at least IP addresses and some data about the accounts to leak.
There is a very narrow set of circumstances in which only email addresses would leak from CMC.
Good point. My only guess is if that there was actually a leak that only consisted of emails, they're probably using some bizarre database setup specifically to prevent further damage when a leak does occur. Or maybe it was something like their newsletter database getting leaked specifically, not necessarily the emails of all accounts.
|
|
|
|
pooya87
Legendary
Offline
Activity: 3626
Merit: 11015
Crypto Swap Exchange
|
LOL! This response seems familiar. Typical CZ gaming. LOL! Why is it so hard for this businessman to admit what actually happened?
HaHa. What did you expect from an idiot who when Binance got hacked started working hard for contacting a lot of mining pools begging them to 51% attack bitcoin so that they can reverse the transaction that stole bitcoin from his weak ass platform!
|
|
|
|
Quickseller
Copper Member
Legendary
Offline
Activity: 2996
Merit: 2374
|
|
November 01, 2021, 07:08:18 AM |
|
Well I do think it would be strange for only email addresses to leak. There is typically more information that leaks when a database is compromised. I would have expected for at least IP addresses and some data about the accounts to leak.
There is a very narrow set of circumstances in which only email addresses would leak from CMC.
Good point. My only guess is if that there was actually a leak that only consisted of emails, they're probably using some bizarre database setup specifically to prevent further damage when a leak does occur. Or maybe it was something like their newsletter database getting leaked specifically, not necessarily the emails of all accounts. CMC published a blog post saying they believe someone compared a list of leaked email/password combinations to which of these combinations allowed them to login to CMC. I don’t think it would really be fair to say that CMC actually leaked any information if the above is true.
|
|
|
|
FatFork
Legendary
Offline
Activity: 1778
Merit: 2663
Crypto Swap Exchange
|
|
November 01, 2021, 10:26:09 AM |
|
CMC published a blog post saying they believe someone compared a list of leaked email/password combinations to which of these combinations allowed them to login to CMC. I don’t think it would really be fair to say that CMC actually leaked any information if the above is true. Honestly, I don't think this is a plausible explanation, and the argument presented is far-fetched, to say the least. I think it's more like a pathetic attempt to dispel guilt by putting the blame on someone else rather than taking responsibility for yourself. As no passwords are included in the data we have seen, we believe that it is most likely sourced from another platform where users may have reused passwords across multiple sites.
|
|
|
|
Quickseller
Copper Member
Legendary
Offline
Activity: 2996
Merit: 2374
|
|
November 01, 2021, 02:01:31 PM |
|
CMC published a blog post saying they believe someone compared a list of leaked email/password combinations to which of these combinations allowed them to login to CMC. I don’t think it would really be fair to say that CMC actually leaked any information if the above is true. Honestly, I don't think this is a plausible explanation, and the argument presented is far-fetched, to say the least. I think it's more like a pathetic attempt to dispel guilt by putting the blame on someone else rather than taking responsibility for yourself. As no passwords are included in the data we have seen, we believe that it is most likely sourced from another platform where users may have reused passwords across multiple sites. They also said they completed a security audit and were unable to find evidence of a security breach. I don't think it is reasonable to expect them to take responsibility if they cannot confirm the information actually came from them.
|
|
|
|
|