Influx of Hacked Accounts

[Welsh]

At least right now, peoples senses are heighted and will be more alert to anything suspicious. Im more worryied for when nothing major has happended and people forget about security protocol and send their Bitcoin without seeking the verification that they would right now.

Which happens all the time, I've escrowed a few people. And they all seem to just want to get the trade done as quick as possible. bar a few.

At least at this present moment in time, users have more than likely upgraded their passwords. There probably isn't too much to worry about for the majority. The hacker only had a few minutes, so was probably unlikely to get the whole dump. However, it should be treated as though he has obtained every bit of information.

[1714900674]

1714900674

[1714900674]

1714900674

[1714900674]

1714900674

[1714900674]

1714900674

[1714900674]

1714900674

[tarsua]

I've already seen several suspicious accounts which I've noted down mentally.

The thing is, many old users left bitcointalk for a long time but they received an email saying they need to change their passwords, therefore an influx of old users will come back

[tarsua]

What needs to happen for security is any accounts that do not have their password reset manually within a week should have their passwords revoked and automatically reset where they can only be recovered with an email being sent with a recovery link to the address on file.

Alot of people use fake emails since no confirmation is needed when you signup, and what if i lost the password to the email that i signed up with?

[tarsua]

Alot of people use fake emails since no confirmation is needed when you signup, and what if i lost the password to the email that i signed up with?

They have a week to manually reset and update their email address. It is very irresponsible to setup an account and lose track of your throwaway email credentials. Any other accounts will be lost unless its a known member who can prove its them to theymos directly.

This would be a good opportunity to clear off many garbage shill accounts as well as they are more likely using fake email accounts.

Its not the end of the world if a few old anonymous accounts get frozen either and is a much better alternative than a bunch of compromised accounts start scamming people.

its not a matter of having throwaway emails, its a matter of not having made an email at all, just putting something where you should put your email address.

The hacked accounts make it pretty clear that either the passwords weren't salted,

What hacked accounts?

[qwk]

What hacked accounts?

This.
That.
Probably more.

[Mt.Gox Support]

What hacked accounts?

This.
That.
Probably more.

Such slander. MtGox has the best security practices ever.

[Quickseller]

What hacked accounts?

This.
That.
Probably more.

It seems that the primary target (at least so far) of hacked accounts has been VIP accounts.

At first I was going to argue that the MtGox account was not hacked (it still shows a MtGox email address and it's password was reset via email), however it would be possible that he logged into the account, changed the email address, reset the password via email, then changed the email back.

It is not surprising to see a MtGox account having a weak password 

[qwk]

Such slander. MtGox has the best security practices ever.

Care to at least share your story of how you came into control of this otherwise absolutely worthless account?

[notlist3d]

I have a feeling we will be seeing a lot of hacked accounts in the near future (abandoned but high ranked accounts for example). Stay alert guys!

Well sadly you appear to be 100 percent right - https://bitcointalk.org/index.php?topic=1068150.msg11449580#msg11449580

It's sad but appears possibly it will turn into a trolling war.

[alani123]

I wonder why the hackers targeting those high ranked accounts are coming out as such obvious trolls. Perhaps they deemed them not worthy? I wonder if more accounts were hacked and are going to be sold in a stealthy way.

[tarsua]

>Yeah I've seen some old accounts just started posting again today after years of not being used Sad.

How is this going to change above?  The hacked accounts make it pretty clear that either the passwords weren't salted, or the hackers managed to do much more than garb a db of password hashes & emails. Theymos did say he was rooted :

You cannot assume Theymos is lying and the database wasn't salted. We don't know if the security question was encrypted and salted as well.
Any old accounts compromised likely used easy passwords or easy security questions.

Forcing a password reset where the recovery must happen through email will protect all those accounts unless the user were ignorant enough to use the same password for their email account as here.

its not a matter of having throwaway emails, its a matter of not having made an email at all, just putting something where you should put your email address.

Most of those are probably shill accounts... what type of idiot doesn't spend 5 minutes to create an extra throwaway email for security or spam? Any person that doesn't do this and fails to reset in a week deserves to become a newbie again.

I am sure there may be 1-2 anonymous heroes accounts who have to become newbies again. That is a small price to pay for good security.

well its either using a fake non-existent email or using a fake email which u wont remember the credentials for or arrange an hour a week to clear spam out of your email, the first is the obvious winner

What hacked accounts?

This.
That.
Probably more.

for the first you are just paranoid that he doesnt have a username and that he hasnt posted in some time, if you look at his post history, a few years ago, most of his posts were in the german section, although he speaks english now, if you look closely, it is obviously not his first language, he probably received the email today and decided that he will come back

[Mt.Gox Support]

I wonder why the hackers targeting those high ranked accounts are coming out as such obvious trolls. Perhaps they deemed them not worthy? I wonder if more accounts were hacked and are going to be sold in a stealthy way.

The only people who sell accounts and scam here are kids. If you know some stuff about hacking you wouldn't stick around here for more than occasional trolling. Better targets out there than bitcoiners, and stealing from bitcoiners is a real douchebag move.

[qwk]

It seems that the primary target (at least so far) of hacked accounts has been VIP accounts.

IDK. They just happen to be the ones I keep an extra eye on.
Theymos mentioned that weak passwords would require dedicated brute force to be hacked.
I guess that's what the attacker is doing. Obviously going for the most valuable accounts first.

[Mt.Gox Support]

Fond memories:
https://www.youtube.com/watch?v=LKrOHAfMdxI

[Mt.Gox Support]

It seems that the primary target (at least so far) of hacked accounts has been VIP accounts.

IDK. They just happen to be the ones I keep an extra eye on.
Theymos mentioned that weak passwords would require dedicated brute force to be hacked.
I guess that's what the attacker is doing. Obviously going for the most valuable accounts first.

The attacker is sleeping right now. he has no idea the shitstorm he is going to wake up to.

[qwk]

This.
That.
Probably more.

for the first you are just paranoid that he doesnt have a username and that he hasnt posted in some time, if you look at his post history, a few years ago, most of his posts were in the german section, although he speaks english now, if you look closely, it is obviously not his first language, he probably received the email today and decided that he will come back

About the first: the account was originally in possession of a German, who started a service that soon turned into (possibly) the second largest ponzi here at bitcointalk. He claimed to have sold the account to another German, who then claimed to have sold to a Russian. Nobody knows if the original account ever changed owners in the first place. But today, the account came back with a very fluent English speaker, potentially with a Dutch origin. Paranoid I may be, but that does not mean that I'm wrong

[Mt.Gox Support]

This.
That.
Probably more.

for the first you are just paranoid that he doesnt have a username and that he hasnt posted in some time, if you look at his post history, a few years ago, most of his posts were in the german section, although he speaks english now, if you look closely, it is obviously not his first language, he probably received the email today and decided that he will come back

About the first: the account was originally in possession of a German, who started a service that soon turned into (possibly) the second largest ponzi here at bitcointalk. He claimed to have sold the account to another German, who then claimed to have sold to a Russian. Nobody knows if the original account ever changed owners in the first place. But today, the account came back with a very fluent English speaker, potentially with a Dutch origin. Paranoid I may be, but that does not mean that I'm wrong

You are next. enjoy.

[tarsua]

This.
That.
Probably more.

for the first you are just paranoid that he doesnt have a username and that he hasnt posted in some time, if you look at his post history, a few years ago, most of his posts were in the german section, although he speaks english now, if you look closely, it is obviously not his first language, he probably received the email today and decided that he will come back

About the first: the account was originally in possession of a German, who started a service that soon turned into (possibly) the second largest ponzi here at bitcointalk. He claimed to have sold the account to another German, who then claimed to have sold to a Russian. Nobody knows if the original account ever changed owners in the first place. But today, the account came back with a very fluent English speaker, potentially with a Dutch origin. Paranoid I may be, but that does not mean that I'm wrong

I reviewed a few of his posts, i wouldn't say his English is  "very fluent" and why did you give him negative trust without being sure he is a hacker?

[qwk]

You are next. enjoy.

I'll be back.

[qwk]

I reviewed a few of his posts, i wouldn't say his English is  "very fluent" and why did you give him negative trust without being sure he is a hacker?

He would have received negative trust for his scams in the past, anyway. And when it comes to the trust system, I'm always in favor of shooting first and asking questions later. Negative trust can be easily revoked, but a successful scammer will not return the money