Xialla
Legendary
Offline
Activity: 1036
Merit: 1001
/dev/null
|
|
May 25, 2015, 06:10:32 PM |
|
9800 Savage Rd Fort Meade, MD 20755 USA What is this? NSA address my friend.
|
|
|
|
alani123
Legendary
Offline
Activity: 2534
Merit: 1496
|
|
May 25, 2015, 06:13:23 PM |
|
Oh I see, Nsa.gov...
|
| Duelbits | ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ | | TRY OUR UNIQUE GAMES! ◥ DICE ◥ MINES ◥ PLINKO ◥ DUEL POKER ◥ DICE DUELS | | | | █▀▀ █ █ █ █ █ █ █ █ █ █ █ █▄▄ | ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ | ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ | ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ | ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ | ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ | | ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ KENONEW ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ | ▀▀█ █ █ █ █ █ █ █ █ █ █ █ ▄▄█ | | 10,000x MULTIPLIER | | ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ | | ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ |
[/tabl
|
|
|
galdur
|
|
May 25, 2015, 06:15:34 PM |
|
Well, nothing amiss here it seems. Changed the password. No suspicious emails received so far. Looks like it´s back to plain sailing. Good luck, g
|
|
|
|
AgentofCoin
Legendary
Offline
Activity: 1092
Merit: 1001
|
|
May 25, 2015, 06:19:56 PM |
|
This might be a dumb question, but why aren't emails also hashed on the server? (If the user decides not to display it in their own profile, the only people who know it is the user, mods, and the server).
|
I support a decentralized & unregulatable ledger first, with safe scaling over time. Request a signed message if you are associating with anyone claiming to be me.
|
|
|
|
BDCoinMiner
Member
Offline
Activity: 111
Merit: 10
The Future is Here; Grab it Fast Before Past
|
|
May 25, 2015, 06:25:49 PM |
|
Welcome Back!
Just out of curiosity, I wander what could be the possible 'gain' for attacker by attacking BCT forum, other then mental satisfaction ?
Yes, a lots of user contact data, related to CryptoCurrency which can be use for other phishing attack...
Other then above, what could be the 'direct' gain he/she/they (The attacker) had in mind at time of attacking??
Cheers!
|
|
|
|
marcotheminer
Legendary
Offline
Activity: 2072
Merit: 1049
┴puoʎǝq ʞool┴
|
|
May 25, 2015, 06:29:22 PM |
|
Welcome Back!
Just out of curiosity, I wander what could be the possible 'gain' for attacker by attacking BCT forum, other then mental satisfaction ?
Yes, a lots of user contact data, related to CryptoCurrency which can be use for other phishing attack...
Other then above, what could be the 'direct' gain he/she/they (The attacker) had in mind at time of attacking??
Cheers!
Gaining access to accounts and scamming with them or selling them. Also spamming emails.
|
|
|
|
MakingMoneyHoney
|
|
May 25, 2015, 06:30:00 PM |
|
Welcome Back!
Just out of curiosity, I wander what could be the possible 'gain' for attacker by attacking BCT forum, other then mental satisfaction ?
Yes, a lots of user contact data, related to CryptoCurrency which can be use for other phishing attack...
Other then above, what could be the 'direct' gain he/she/they (The attacker) had in mind at time of attacking??
Cheers!
If someone used the same username/password with email/online banking accounts/exchanges they could log in and withdraw the money, or use password resets to the email account and withdraw money. This is a nice read on how easy someone can use some information to get past other checkpoints, such as 2FA - http://www.theverge.com/a/anatomy-of-a-hack
|
|
|
|
itod
Legendary
Offline
Activity: 1974
Merit: 1077
^ Will code for Bitcoins
|
|
May 25, 2015, 06:30:50 PM |
|
Whoever claims theymos is not doing a great job with this forum should consider this forum is probably one of the most attacked ones because attackers potentially have so much to gain in the financial sense. Consider also that a lot of security expertise lurks around the forum. When you look at it this way, the amount of successful attacks is quite low, TBH. Keep up the good work, theymos.
|
|
|
|
alani123
Legendary
Offline
Activity: 2534
Merit: 1496
|
|
May 25, 2015, 06:35:15 PM |
|
Whoever claims theymos is not doing a great job with this forum should consider this forum is probably one of the most attacked ones because attackers potentially have so much to gain in the financial sense. Consider also that a lot of security expertise lurks around the forum. When you look at it this way, the amount of successful attacks is quite low, TBH. Keep up the good work, theymos.
To also look at the other side, it's not the first time the forum gets attacked. The previous attacks were done with the intention to deface the website though, (probably) no attempt to steal information. This must be the first time someone attacks the sole forum with the intention of stealing user information.
|
| Duelbits | ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ | | TRY OUR UNIQUE GAMES! ◥ DICE ◥ MINES ◥ PLINKO ◥ DUEL POKER ◥ DICE DUELS | | | | █▀▀ █ █ █ █ █ █ █ █ █ █ █ █▄▄ | ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ | ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ | ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ | ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ | ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ ███ ▀▀▀ | | ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ KENONEW ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ | ▀▀█ █ █ █ █ █ █ █ █ █ █ █ ▄▄█ | | 10,000x MULTIPLIER | | ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ | | ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ |
[/tabl
|
|
|
dogie
Legendary
Offline
Activity: 1666
Merit: 1185
dogiecoin.com
|
|
May 25, 2015, 06:36:36 PM |
|
I was using a moderately strong password which I could remember too. Now I will have to come with another system.
LastPass is a good idea for generating passwords you don't need to remember. You'll need to remember one complex password but then it'll store any others you need. [Link] | [Link with referral ID which gives both of us 1 free month premium].
|
|
|
|
TinEye
|
|
May 25, 2015, 06:36:51 PM |
|
9800 Savage Rd Fort Meade, MD 20755 USA What is this? Address of the most loved agency in this world No Such Agency?
|
|
|
|
dogie
Legendary
Offline
Activity: 1666
Merit: 1185
dogiecoin.com
|
|
May 25, 2015, 06:39:09 PM |
|
9800 Savage Rd Fort Meade, MD 20755 USA What is this? Address of the most loved agency in this world No Such Agency? No Secrets Allowed. Never Say Akbar. So many good variants.
|
|
|
|
bitcoin_bagholder
|
|
May 25, 2015, 06:44:25 PM |
|
It was a very tense login moment today to find out if I still had access to the account, must've been doubly so for those in a signature campaign. Victory.
|
Bitmixer sucks
Bit-X sucks
|
|
|
caitsith2
Newbie
Offline
Activity: 2
Merit: 0
|
|
May 25, 2015, 07:03:31 PM |
|
Totally agree. According to the table, my 16 random AZaz09 is effectively not going to be cracked by those black-hats any time soon.
|
|
|
|
damm315er
|
|
May 25, 2015, 07:04:44 PM Last edit: May 25, 2015, 07:17:04 PM by damm315er |
|
No Secrets Allowed. Never Say Akbar.
So many good variants.
LOL @ Never say Not Smart Actually Negative Security Agency Nothing Secure Anymore National in-Security Agenda
|
|
|
|
solstoce
|
|
May 25, 2015, 07:06:46 PM |
|
Good work theymos glad u got the server shut down quickly!
|
|
|
|
notlist3d
Legendary
Offline
Activity: 1456
Merit: 1000
|
|
May 25, 2015, 07:09:28 PM |
|
Theymos thank you for dealing with all this during a holiday weekend. It sounds like a lot of work put in over this mess.
Also what I think is great of you is putting a good reward out there. I thank you most for this. I hope whoever did this someone knows and will turn them in for the reward. Guess time will tell. But I hope actionable information comes in.
|
|
|
|
RappelzReborn
|
|
May 25, 2015, 07:14:37 PM |
|
Why can't 1.5 million USD donated in bitcoin protect this forum from attack? Is there any proof that the entire 1.5 million went into this forum & not into theymos' Carribean Island retirement pot? Wallet transactions etc?
There is actually , here is his wallet as far as I know : https://blockchain.info/address/1M4yNbSCwSMFLF9BaLqzoo2to1WHtZrPkeSource is from here , those are people who are helding the money of the forum (which is not out yet ) : https://bitcointalk.org/index.php?topic=155000.0@Theymos , thanks for your hard work .. a question tho ... if we don't change password and that password isn't the same as our email adresses then we should be good right ? just curious i will change my pass anyway That's just one donation wallet. It was supposed to be spread around last year when bitcoin was really high. So you may want to at least triple that number. 6 million dollars in donations. Although we will never know the true numbers. He just happen to be at the right place, right time. BAM and people donated like crazy to keep the site up. I'm not complaining, because I donated myself (knowing the forum had millions of dollars) but really thought security and features, and updates would be top priority here. You can have the sweetest forum running on the Internet. I say try out discourse. Check the second link , all the other adresses are available . But yes you got a point . We still waiting for this new forum which should cost 1.5m dollar and I'am really thinking it's a lot more then it should cost . but ... Simple Machines is not that good but vBulletin is made by professionals I don't know why we aren't using that , and we can use like 100k $ max to Upgrade and Hire developpers and programmers to do the security stuff etc . So I guess we just should wait for epochtalk and see how things goes It may be able to compeet the other forum softwares such vb,mybb etc ...
|
|
|
|
Cryddit
Legendary
Offline
Activity: 924
Merit: 1132
|
|
May 25, 2015, 07:28:21 PM |
|
What's the limit for passwords? I tried using an unreasonably large string as my password and didn't receive any error messages (despite the load time after I press the login button being huge). Were the last characters of the string cut off for it to fit a certain limit?
No, the last characters are not cut off, at least not at any "reasonable" password length. My password here is over 60 characters, and it still cares about whether the last character is entered.
|
|
|
|
|