Bitcoin Forum
November 04, 2024, 04:46:15 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 4 5 6 [7] 8 9 10 11 12 13 »  All
  Print  
Author Topic: About the recent server compromise  (Read 15376 times)
RoadStress
Legendary
*
Offline Offline

Activity: 1904
Merit: 1007


View Profile
May 25, 2015, 07:37:43 PM
 #121

Theymos please make the notice for changing the password more visible. Maybe bold it or put it in red. Right now I find it very easy to miss it.

TheButterZone
Legendary
*
Offline Offline

Activity: 3052
Merit: 1032


RIP Mommy


View Profile WWW
May 25, 2015, 07:45:33 PM
 #122

If anyone wants to change their IP address exposed in the hack, the method I just used was to edit the MAC ID that my modem sees, and rebooted everything. A new WAN IP was issued. Check https://whatismyip.com before and after this procedure.

Even if you have a dynamically-assigned IP, you will likely get the same one again, if all you do is reboot without changing your MAC ID.

Saying that you don't trust someone because of their behavior is completely valid.
alani123
Legendary
*
Offline Offline

Activity: 2576
Merit: 1509



View Profile
May 25, 2015, 07:50:54 PM
 #123

What's the limit for passwords? I tried using an unreasonably large string as my password and didn't receive any error messages (despite the load time after I press the login button being huge). Were the last characters of the string cut off for it to fit a certain limit?

No, the last characters are not cut off, at least not at any "reasonable" password length.  My password here is over 60 characters, and it still cares about whether the last character is entered. 

I used a 2024 character string though. Not the most reasonable password length eh? I was pretty surprised to see that there wasn't any warning or error message and that's why I came here to ask if there's any limit.

███████████████████████████
███████▄████████████▄██████
████████▄████████▄████████
███▀█████▀▄███▄▀█████▀███
█████▀█▀▄██▀▀▀██▄▀█▀█████
███████▄███████████▄███████
███████████████████████████
███████▀███████████▀███████
████▄██▄▀██▄▄▄██▀▄██▄████
████▄████▄▀███▀▄████▄████
██▄███▀▀█▀██████▀█▀███▄███
██▀█▀████████████████▀█▀███
███████████████████████████
 
 Duelbits 
██
██
██
██
██
██
██
██

██

██

██

██

██
TRY OUR UNIQUE GAMES!
    ◥ DICE  ◥ MINES  ◥ PLINKO  ◥ DUEL POKER  ◥ DICE DUELS   
█▀▀











█▄▄
 
███
▀▀▀
███
▀▀▀
███
▀▀▀
███
▀▀▀

███
▀▀▀
███
▀▀▀
 
███
▀▀▀

███
▀▀▀
███
▀▀▀
███
▀▀▀
███
▀▀▀
███
▀▀▀
 
███
▀▀▀
███
▀▀▀
███
▀▀▀
███
▀▀▀

███
▀▀▀
███
▀▀▀
 
███
▀▀▀
███
▀▀▀
███
▀▀▀

███
▀▀▀
███
▀▀▀
███
▀▀▀
 
███
▀▀▀
███
▀▀▀

███
▀▀▀
███
▀▀▀
███
▀▀▀

███
▀▀▀
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
 KENONEW 
 
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀█











▄▄█
10,000x
 
MULTIPLIER
██
██
██
██
██
██
██
██

██

██

██

██

██
 
NEARLY
UP TO
50%
REWARDS
██
██
██
██
██
██
██
██

██

██

██

██

██
[/tabl
Cryddit
Legendary
*
Offline Offline

Activity: 924
Merit: 1132


View Profile
May 25, 2015, 07:52:00 PM
 #124

Over the last four days attempts to log into the email address I use here have been up about 20% relative to the average 4-day period over the previous month. I do not use the same password I used here for anything else but for what it's worth I hope they burn every bit of comp time they've got trying to crack it.  Grin  

I've also gotten some very good spear-phishing recently, one of which took the "message from your ISP" thing to the next level by using the name/e-mail address of an actual real employee at my ISP, and another of which used an address that is held by a family member.  That's a lot more upsetting to me than the fake-login attempts.  

I have no idea whether the bump in activity has anything to do with the recent breach here.  But it's interesting.

Theymos: Good job.  I know exactly how hard it is keeping something up when the environment turns hostile, and these people saying this number of breaches is unacceptable - have no idea what it's like dealing with an "advanced, persistent, targeted threat."  The level of attacks and attempts something like this attracts is beyond what most ISP's are willing and able to deal with, and beyond a certain level of complexity all software leaks.   This forum having a public face means taking a lot of stuff head-on, and given that your up-time record is acually pretty awesome.
redsn0w
Legendary
*
Offline Offline

Activity: 1778
Merit: 1043


#Free market


View Profile
May 25, 2015, 07:57:51 PM
 #125

Thanks theymos, I have changed my password yesterday and also today... and I hope to be 'safe' (a big word) now Wink.   XAU for his real identity, it is a lot of money.... and I do not think he is stupid (he made a soc. engir. attack... only a few people are able to do it).


PS: however good luck with the search.
erikalui
Legendary
*
Offline Offline

Activity: 2632
Merit: 1094



View Profile WWW
May 25, 2015, 08:09:04 PM
 #126

Now I started receiving spam emails from maximeco******@gma and some vayne*****@gmail.com. Any way to report these emails or ban these users' accounts as they seem to be the hackers.

hilariousandco
Global Moderator
Legendary
*
Offline Offline

Activity: 3990
Merit: 2713


Join the world-leading crypto sportsbook NOW!


View Profile
May 25, 2015, 08:12:05 PM
 #127

Now I started receiving spam emails from maximeco******@gma and some vayne*****@gmail.com. Any way to report these emails or ban these users' accounts as they seem to be the hackers.

Of course they can be reported to your email provider but blocking out the emails doesn't do much good for the forum to be able to do anything about it not that they could anyway as they likely wont be linked to accounts here.

  ▄▄███████▄███████▄▄▄
 █████████████
▀▀▀▀▀▀████▄▄
███████████████
       ▀▀███▄
███████████████
          ▀███
 █████████████
             ███
███████████▀▀               ███
███                         ███
███                         ███
 ███                       ███
  ███▄                   ▄███
   ▀███▄▄             ▄▄███▀
     ▀▀████▄▄▄▄▄▄▄▄▄████▀▀
         ▀▀▀███████▀▀▀
░░░████▄▄▄▄
░▄▄░
▄▄███████▄▀█████▄▄
██▄████▌▐█▌█████▄██
████▀▄▄▄▌███░▄▄▄▀████
██████▄▄▄█▄▄▄██████
█░███████░▐█▌░███████░█
▀▀██▀░██░▐█▌░██░▀██▀▀
▄▄▄░█▀░█░██░▐█▌░██░█░▀█░▄▄▄
██▀░░░░▀██░▐█▌░██▀░░░░▀██
▀██
█████▄███▀▀██▀▀███▄███████▀
▀███████████████████████▀
▀▀▀▀███████████▀▀▀▀
█████████████LEADING CRYPTO SPORTSBOOK & CASINO█████████████
MULTI
CURRENCY
1500+
CASINO GAMES
CRYPTO EXCLUSIVE
CLUBHOUSE
FAST & SECURE
PAYMENTS
.
..PLAY NOW!..
Welsh
Staff
Legendary
*
Offline Offline

Activity: 3304
Merit: 4115


View Profile
May 25, 2015, 08:15:05 PM
 #128

Thanks theymos, I have changed my password yesterday and also today... and I hope to be 'safe' (a big word) now Wink.   XAU for his real identity, it is a lot of money.... and I do not think he is stupid (he made a soc. engir. attack... only a few people are able to do it).


PS: however good luck with the search.

You'd probably be suprised by how easy some people can trick others into giving them sensitive information. I've seen it done on a much smaller scale and all it took was a little bit of confidence. There's also been reports over the years of simple techniques used against big companies and much more sensitive data.
MadGamer
Legendary
*
Offline Offline

Activity: 1568
Merit: 1031


View Profile
May 25, 2015, 08:15:11 PM
 #129

Beside our emails and passwords of course ... how bad it could be when the hackers have this "Last-used IP address and registration IP address" , im not an expert or anything but don't the IP change each time we reboot the modem ? Shocked Probably not the IP range but well
Slaine
Newbie
*
Offline Offline

Activity: 29
Merit: 0


View Profile
May 25, 2015, 08:16:41 PM
 #130

Well I couldn't get into my account and for a while it looked like the password recovery wasn't working.

Thankfully I don't reuse passwords, but it's always a good wake up call to just go through and refresh your passwords on anything vaguely important once in a while..
erikalui
Legendary
*
Offline Offline

Activity: 2632
Merit: 1094



View Profile WWW
May 25, 2015, 08:19:11 PM
 #131

Now I started receiving spam emails from maximeco******@gma and some vayne*****@gmail.com. Any way to report these emails or ban these users' accounts as they seem to be the hackers.

Of course they can be reported to your email provider but blocking out the emails doesn't do much good for the forum to be able to do anything about it not that they could anyway as they likely wont be linked to accounts here.

I have reported the emails to theymos and hope that he can track those accounts and take an action soon. I don't know how to report it to my email provider. I just clicked "Report Spam."

redsn0w
Legendary
*
Offline Offline

Activity: 1778
Merit: 1043


#Free market


View Profile
May 25, 2015, 08:22:41 PM
 #132

Thanks theymos, I have changed my password yesterday and also today... and I hope to be 'safe' (a big word) now Wink.   XAU for his real identity, it is a lot of money.... and I do not think he is stupid (he made a soc. engir. attack... only a few people are able to do it).


PS: however good luck with the search.

You'd probably be suprised by how easy some people can trick others into giving them sensitive information. I've seen it done on a much smaller scale and all it took was a little bit of confidence. There's also been reports over the years of simple techniques used against big companies and much more sensitive data.

Yes I am surprised and I know that a 100% security doesn't really exist but c'mon... we are talking about a big service provider and it should not be easy to trick them (in my honest opinion) but everything is possible. The real problem is always the people, you can build the security that you want but you are fuc**ed if an employee will reset the pwd .
alani123
Legendary
*
Offline Offline

Activity: 2576
Merit: 1509



View Profile
May 25, 2015, 08:24:19 PM
 #133

Beside our emails and passwords of course ... how bad it could be when the hackers have this "Last-used IP address and registration IP address" , im not an expert or anything but don't the IP change each time we reboot the modem ? Shocked Probably not the IP range but well

This depends on your ISP. Having your modem/router closed overnight usually does the job. If you didn't login during the short time that the forum was back up but then went offline again then I'm guessing that you most certainly should have a new IP address than the one last used to login.

███████████████████████████
███████▄████████████▄██████
████████▄████████▄████████
███▀█████▀▄███▄▀█████▀███
█████▀█▀▄██▀▀▀██▄▀█▀█████
███████▄███████████▄███████
███████████████████████████
███████▀███████████▀███████
████▄██▄▀██▄▄▄██▀▄██▄████
████▄████▄▀███▀▄████▄████
██▄███▀▀█▀██████▀█▀███▄███
██▀█▀████████████████▀█▀███
███████████████████████████
 
 Duelbits 
██
██
██
██
██
██
██
██

██

██

██

██

██
TRY OUR UNIQUE GAMES!
    ◥ DICE  ◥ MINES  ◥ PLINKO  ◥ DUEL POKER  ◥ DICE DUELS   
█▀▀











█▄▄
 
███
▀▀▀
███
▀▀▀
███
▀▀▀
███
▀▀▀

███
▀▀▀
███
▀▀▀
 
███
▀▀▀

███
▀▀▀
███
▀▀▀
███
▀▀▀
███
▀▀▀
███
▀▀▀
 
███
▀▀▀
███
▀▀▀
███
▀▀▀
███
▀▀▀

███
▀▀▀
███
▀▀▀
 
███
▀▀▀
███
▀▀▀
███
▀▀▀

███
▀▀▀
███
▀▀▀
███
▀▀▀
 
███
▀▀▀
███
▀▀▀

███
▀▀▀
███
▀▀▀
███
▀▀▀

███
▀▀▀
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
 KENONEW 
 
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀█











▄▄█
10,000x
 
MULTIPLIER
██
██
██
██
██
██
██
██

██

██

██

██

██
 
NEARLY
UP TO
50%
REWARDS
██
██
██
██
██
██
██
██

██

██

██

██

██
[/tabl
MadGamer
Legendary
*
Offline Offline

Activity: 1568
Merit: 1031


View Profile
May 25, 2015, 08:25:13 PM
 #134

Thanks theymos, I have changed my password yesterday and also today... and I hope to be 'safe' (a big word) now Wink.   XAU for his real identity, it is a lot of money.... and I do not think he is stupid (he made a soc. engir. attack... only a few people are able to do it).


PS: however good luck with the search.

You'd probably be suprised by how easy some people can trick others into giving them sensitive information. I've seen it done on a much smaller scale and all it took was a little bit of confidence. There's also been reports over the years of simple techniques used against big companies and much more sensitive data.

Yes I am surprised and I know that a 100% security doesn't really exist but c'mon... we are talking about a big service provider and it should not be easy to trick them (in my honest opinion) but everything is possible. The real problem is always the people, you can build the security that you want but you are fuc**ed if an employee will reset the pwd .

Well Seems like It dosen't matter how big the service provider is anymore .
I mean look how big Amazon and famous it is . and you can trick them in less them 60 seconds . "Oh empty box" => "GG , refunded" and people are doing it all the time .
Welsh
Staff
Legendary
*
Offline Offline

Activity: 3304
Merit: 4115


View Profile
May 25, 2015, 08:31:09 PM
 #135

Beside our emails and passwords of course ... how bad it could be when the hackers have this "Last-used IP address and registration IP address" , im not an expert or anything but don't the IP change each time we reboot the modem ? Shocked Probably not the IP range but well

If having a IP address was that big of an issue, nobody would be safe. Just imagine the amount of websites you've connected to over the years. If you have open ports it can slightly more concerning, but it would likely require a number of things to be truley concerened. For example, vunerable software. Keep up to date with the latest patches is normally advised. If the hacker was interested in using the IP to exploit, it would more than likely be on highly ranked members with a large presensce within the Bitcoin community.

An issue some users may find, is that the hacker may have your IP address, which is a place to start exploiting. Your hash of your password. So if he/she does crack it then they know of one possible password you might use or varations of it. Or have a general idea of the passwords you use. They may also have a secret question and answer. But, I always recommend not using them, or if you must make it completely random.

Of course, if you are concerned. Then you should get started in cranking up your security. A lot of users will be doing this, just to keep it fresh.
opieum2
Hero Member
*****
Offline Offline

Activity: 532
Merit: 500


View Profile
May 25, 2015, 08:36:58 PM
 #136

Theymos,

Check your PMs. I sent you some info on something that might get the ball rolling. That said there are obvious suspects which info I already provided to CCN. Some press coverage might get the right wheels greased to get an actual investigation going.

"amtminers scam joshua zipkin scammer"
-Joshua Zipkin leaked skype chats http://bit.ly/1s7U2Yb
-For bitcoin to succeed the community must police itself.
Lauda
Legendary
*
Offline Offline

Activity: 2674
Merit: 2965


Terminated.


View Profile WWW
May 25, 2015, 08:43:10 PM
 #137

I am not sure why anyone would consider not using a VPN. They are really not very expensive to use and they provide a lot of added privacy.
If you believe that the majority of the users here use a VPN you are wrong.

For most people it doesn't matter if their IP address is now in the hands of the hacker, they will most likely target those with the highest ranks and based on how important that person is in the community.
Then I should have posted less I guess. Although a high post count is quite useless. I'm going to assume that the most likely targets would be people on the default trust list and people with a lot of trust (100+).

Have others received an email from the forum? I took a quick peek. Just want to verify if isn't something fishy.

"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks"
😼 Bitcoin Core (onion)
dogie
Legendary
*
Offline Offline

Activity: 1666
Merit: 1185


dogiecoin.com


View Profile WWW
May 25, 2015, 09:12:55 PM
 #138

What's the limit for passwords? I tried using an unreasonably large string as my password and didn't receive any error messages (despite the load time after I press the login button being huge). Were the last characters of the string cut off for it to fit a certain limit?

No, the last characters are not cut off, at least not at any "reasonable" password length.  My password here is over 60 characters, and it still cares about whether the last character is entered. 

I used a 2024 character string though. Not the most reasonable password length eh? I was pretty surprised to see that there wasn't any warning or error message and that's why I came here to ask if there's any limit.

Aaaaaand now we know the reason why the server lags every now and then, you're signing in Cheesy For the sake of the servers might want to set it to a reasonable 50 or so, which has the same strength of 2048 = not worth bruting = just as likely to be social'ed or reset.


Thanks theymos, I have changed my password yesterday and also today... and I hope to be 'safe' (a big word) now Wink.   XAU for his real identity, it is a lot of money.... and I do not think he is stupid (he made a soc. engir. attack... only a few people are able to do it).
PS: however good luck with the search.

From what I saw it wasn't a new virtual identity that was used in the attack.


dogie
Legendary
*
Offline Offline

Activity: 1666
Merit: 1185


dogiecoin.com


View Profile WWW
May 25, 2015, 09:16:18 PM
 #139

Theymos,

Check your PMs. I sent you some info on something that might get the ball rolling. That said there are obvious suspects which info I already provided to CCN. Some press coverage might get the right wheels greased to get an actual investigation going.


I don't think a witchhunt + grease is a good combination, it just ends up in a "everyone is Satoshi" shitstorm that gets innocent people caught up. Those that aren't yet aware of the hacking yet probably don't have the expertise to work it out, so let those that do get on with it.

Gervais
Sr. Member
****
Offline Offline

Activity: 366
Merit: 250



View Profile
May 25, 2015, 09:17:33 PM
 #140

I am not sure why anyone would consider not using a VPN. They are really not very expensive to use and they provide a lot of added privacy.
If you believe that the majority of the users here use a VPN you are wrong.

I don't think he stated or insinuated that, just that people should consider using them.

Have others received an email from the forum? I took a quick peek. Just want to verify if isn't something fishy.

Yes, they were sent out by theymos en masse, though that doesn't mean you might not have recieved a phishing mail. I'm sure the hacker will try something with our emails.
Pages: « 1 2 3 4 5 6 [7] 8 9 10 11 12 13 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!